act.nrdc.org Open in urlscan Pro
52.8.108.100  Public Scan

16 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTI0MDQzNzAzOA==&forward= HTTP 302
• https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTI0MDQzNzAzOA==&forward=&google_tc= HTTP 302
• https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEB6gTDOGSPELYHT3a4zpiuk&google_cver=1

Request Chain 68

• https://ib.adnxs.com/setuid?entity=18&code=5142336719240437038 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719240437038

Request Chain 70

• https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336719240437038&redir= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719240437038&redir=

Request Chain 71

• https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
• https://ps.eyeota.net/match?uid=5142336719240437038&bid=omt9pi0

Request Chain 74

• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336719240437038&referrer=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=0&userid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Daa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%253A1657881965.9795573 HTTP 302
• https://idsync.rlcdn.com/501709.gif?partner_uid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573

Request Chain 76

• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward= HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward=&C=1

Request Chain 79

• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719240437038&img=1 HTTP 302
• https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719240437038&img=1&__user_check__=1&sync_id=542da25b-042b-11ed-9ff0-1d0a0d900206

Request Chain 83

• https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336719240437038&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719240437038&expires=30

Request Chain 84

• https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YtFFbgAQdoc6vAAo HTTP 302
• https://p.rfihub.com/cm?in=1&pub=21653&userid=YtFFbgAQdoc6vAAo&_test=YtFFbgAQdoc6vAAo

Request Chain 94

• https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf HTTP 302
• https://ssl.kaptcha.com/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf

Request Chain 105

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&RedC=c.clarity.ms&MXFR=2E0A606519F56D6A19F971871DF5637B HTTP 302
• https://c.clarity.ms/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&MUID=1470843A42DF6007134E95D843B46168

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
10 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 6738-af-june-appeal-fye-5x-220620 Show response act.nrdc.org/donate/	114 KB 34 KB	1003ms 611ms	Document text/html	52.8.108.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.8.108.100 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-8-108-100.us-west-1.compute.amazonaws.com Software openresty / Resource Hash 76b622de3038bc0b17abb89b3886a3ccb40a0f13cfd94b4d698aeb82c06d41c9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Fri, 15 Jul 2022 10:46:04 GMT server openresty vary Accept-Encoding Cookie, Origin
GET H2	200	2759BB22749F452B8.css dewkqxr3ix5n3.cloudfront.net/ak-fonts/813257/	234 KB 157 KB	46ms 12ms	Stylesheet text/css	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dewkqxr3ix5n3.cloudfront.net/ak-fonts/813257/2759BB22749F452B8.css?q=5 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0b9c51791963e3fe1301377c7b578bdf8d7b83179cb3d87da0bd956b0aea1403 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 14 Jul 2022 11:00:23 GMT content-encoding gzip last-modified Wed, 03 Mar 2021 00:07:51 GMT server AmazonS3 age 85542 etag W/"22a1b258a7fd2e81c20c7aed1b84b563" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id zShC55S476rWg_lBY9kzKK7qckgpjPsXxnQC9xGTh3XNPzmsISr3Hg==
GET H2	200	css fonts.googleapis.com/	405 B 824 B	49ms 22ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Architects+Daughter Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2a06c2c61f587056305687df90816b0c55e7ca9281da025d4fb329c3e37ad5bc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 15 Jul 2022 08:56:11 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Fri, 15 Jul 2022 10:46:04 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 15 Jul 2022 10:46:04 GMT
GET H2	200	nrdc.min.css dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/	222 KB 33 KB	44ms 12ms	Stylesheet text/css	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2bde6e7b251216b9ddbe0d8133240dcd361ad23a787403ef92fcd007fc9178db Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 04:04:34 GMT content-encoding gzip last-modified Wed, 22 Sep 2021 18:14:28 GMT server AmazonS3 age 24091 etag W/"10c537dd9f807dd9787e15483dd0cacd" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) x-amz-cf-pop FRA50-C1 x-amz-cf-id PIgoN-aeJ2DqSFgEdwreKNT1Ylmm7BpAXqW_jRw5C_ezi5-Fn2lrdQ==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/1.8.3/	91 KB 92 KB	34ms 7ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:36:13 GMT x-content-type-options nosniff age 591 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 93636 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 15 Jul 2023 10:36:13 GMT
GET H2	200	actionkit.js Show response act.nrdc.org/resources/	98 KB 36 KB	293ms 293ms	Script application/javascript	52.8.108.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.nrdc.org/resources/actionkit.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.8.108.100 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-8-108-100.us-west-1.compute.amazonaws.com Software openresty / Resource Hash a303c63151adc0d8af56048fba8700bbdc45f0ec35f652f5fede24b8086483de Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:04 GMT content-encoding gzip last-modified Thu, 14 Jul 2022 21:25:37 GMT server openresty etag W/"62d089d1-1865d" vary Accept-Encoding content-type application/javascript cache-control max-age=86400 expires Sat, 16 Jul 2022 10:46:04 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	235 KB 67 KB	61ms 38ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WLFNV2 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b7c8ccbc0522af1bc6961c4fe37d0c526db10a69e353cf78f4965bab3e8f6009 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:04 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 68166 x-xss-protection 0 last-modified Fri, 15 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 15 Jul 2022 10:46:04 GMT
GET H2	200	client.min.js Show response js.braintreegateway.com/web/3.27.0/js/	29 KB 10 KB	222ms 13ms	Script application/javascript	143.204.89.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.27.0/js/client.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-127.fra50.r.cloudfront.net Software nginx / Resource Hash c11e4446c1a164fa274d923d8a9959a42e49e0bda7ad6624d8a7a82b994a223d Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; content-encoding gzip etag W/"62a25d18-74f8" age 6798 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 09 Jun 2022 20:50:32 GMT server nginx date Fri, 15 Jul 2022 10:46:05 GMT vary Accept-Encoding content-type application/javascript via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id V6ZwfLI8F8eKJIgXf326HzNIeyByplwt4kvDY2_MIpn0dMODFNVLAQ== expires Sat, 16 Jul 2022 08:52:47 GMT
GET H2	200	hosted-fields.min.js Show response js.braintreegateway.com/web/3.27.0/js/	39 KB 12 KB	221ms 12ms	Script application/javascript	143.204.89.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.27.0/js/hosted-fields.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-127.fra50.r.cloudfront.net Software nginx / Resource Hash f9cf693cf596a080102d1361b15911a5b14a0f630e04fa4a802a76a4d9383141 Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; content-encoding gzip etag W/"62a25d17-9c1a" age 6798 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 09 Jun 2022 20:50:31 GMT server nginx date Fri, 15 Jul 2022 10:46:05 GMT vary Accept-Encoding content-type application/javascript via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) cache-control max-age=86400 x-amz-cf-pop FRA50-C1 x-amz-cf-id lc55ldsBW_8O8aPNC96N8BxnirXmdcSj3mCweAC66wO4D6mbRYPxGg== expires Sat, 16 Jul 2022 08:52:47 GMT
GET H2	200	data-collector.min.js Show response js.braintreegateway.com/web/3.27.0/js/	25 KB 9 KB	227ms 18ms	Script application/javascript	143.204.89.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.27.0/js/data-collector.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-127.fra50.r.cloudfront.net Software nginx / Resource Hash 76dd81bbd375975c389e70f737737619e7040caaa97e67ec826d63c38ddbddcd Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 08:52:47 GMT content-encoding gzip age 6798 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 09 Jun 2022 20:50:32 GMT server nginx etag W/"62a25d18-649a" vary Accept-Encoding content-type application/javascript via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) cache-control max-age=86400 content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; x-amz-cf-pop FRA50-C1 x-amz-cf-id vlR096sVpWic1EVqVWF-H5NxBnBO7KARNuEXim9Rke-d2DMNYWQA_w== expires Sat, 16 Jul 2022 08:52:47 GMT
GET H2	200	us-bank-account.min.js Show response js.braintreegateway.com/web/3.27.0/js/	18 KB 6 KB	228ms 19ms	Script application/javascript	143.204.89.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.27.0/js/us-bank-account.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-127.fra50.r.cloudfront.net Software nginx / Resource Hash 39c4efc17120bdeb7ef56085a719d672501a5949a558c4806ce22e7470a82dac Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 08:52:47 GMT content-encoding gzip age 6798 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 09 Jun 2022 20:50:31 GMT server nginx etag W/"62a25d17-46dc" vary Accept-Encoding content-type application/javascript via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) cache-control max-age=86400 content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; x-amz-cf-pop FRA50-C1 x-amz-cf-id _Uios8cjGfrNyLECv9GZQN03FyMcKYWY_kSrj5zeD7WvQRngmaBbtQ== expires Sat, 16 Jul 2022 08:52:47 GMT
GET H2	200	apple-pay.js Show response js.braintreegateway.com/web/3.27.0/js/	34 KB 9 KB	222ms 14ms	Script application/javascript	143.204.89.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.27.0/js/apple-pay.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.127 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-127.fra50.r.cloudfront.net Software nginx / Resource Hash 5a7bfecb7b9535569061608e8e7d2782fdae1a08122542698995d0b6ce148a8c Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 08:52:47 GMT content-encoding gzip age 6798 x-cache Hit from cloudfront access-control-allow-origin * last-modified Thu, 09 Jun 2022 20:50:32 GMT server nginx etag W/"62a25d18-86ea" vary Accept-Encoding content-type application/javascript via 1.1 a1098f0eeab192209962e3a9d76d0338.cloudfront.net (CloudFront) cache-control max-age=86400 content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; x-amz-cf-pop FRA50-C1 x-amz-cf-id 3yabhU4kaKVrUx0LSgPU8hFdM9eAQdsWxZaupkZH15pU1-uyKprmHw== expires Sat, 16 Jul 2022 08:52:47 GMT
GET H2	200	nudge-arrow.png dewkqxr3ix5n3.cloudfront.net/images/	425 B 807 B	30ms 29ms	Image image/png	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/nudge-arrow.png Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 71e2e1d05200045519b362c90e4bb005e1c8fc0c58fcb1b2a9f09d3e933ef76c Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) last-modified Tue, 16 Oct 2018 20:16:03 GMT server AmazonS3 age 20628 etag "6e40ff95e0fa3ef72c7bed310ff03a1d" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png x-amz-meta-uuid e9d27bb4bb7c4f1fb2a6fd0678a3fe5e x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 425 x-amz-cf-id ob_5y30DZgvFHLsI8fNGZVH2pvWYNpwU-EWkOHXk-CT35X5JezwRTQ==
GET H2	200	paypal-logo-normal.svg dewkqxr3ix5n3.cloudfront.net/images/	15 KB 6 KB	12ms 9ms	Image image/svg+xml	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/paypal-logo-normal.svg Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7de5756f03a1c6def8c81d6c0efc4760f2380d25f1e87495b24d4d087394c2ae Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 02:54:02 GMT content-encoding gzip last-modified Fri, 03 Nov 2017 18:14:38 GMT server AmazonS3 age 28324 etag W/"6d2a509b3de432616775d261fea5b896" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) x-amz-meta-uuid 45db8b8eac0a4af38c21b902b5fa3a8c x-amz-cf-pop FRA50-C1 x-amz-cf-id PelY0ns-JMhg0-lf5ofkG5Nx1uCBS_lkdNiPNq8cORIkel0uZgRJVg==
GET H2	200	Apple_Pay_logo.svg dewkqxr3ix5n3.cloudfront.net/images/	2 KB 1 KB	13ms 11ms	Image image/svg+xml	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/Apple_Pay_logo.svg Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b2fc72291ef2440b307f2cc4cebb0247573131702ea43f7ccc2067bfb392a4d0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 14 Jul 2022 11:11:20 GMT content-encoding gzip last-modified Sun, 10 Nov 2019 18:02:56 GMT server AmazonS3 age 84886 etag W/"4b3641c9507a29015f000b6e85152112" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) x-amz-meta-uuid e695e0833ea047f2bbfe9ed418ee0783 x-amz-cf-pop FRA50-C1 x-amz-cf-id Rbu1wLXsKaRHpvGM1tDUlTpRnUNqvFDupWszhAYbnGdaSveyLtj7KA==
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	20 KB 7 KB	68ms 41ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 4m3LBpuQ5au3un+sbdTm6g== age 8372 vary Accept-Encoding content-length 6922 x-ms-lease-status unlocked last-modified Thu, 14 Jul 2022 19:31:29 GMT server cloudflare etag 0x8DA65CF736BBFE4 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 29181591-f01e-014c-73d5-9759ac000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98a7d5623df-ZRH
GET H2	200	api.min.js Show response a.opmnstr.com/app/js/	196 KB 55 KB	699ms 24ms	Script application/javascript	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://a.opmnstr.com/app/js/api.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash 6e9d250595fff21f470bde83bea159a6193f4ac92fb1f6404ffb09902cfe7993 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding br cdn-edgestorageid 883 perma-cache HIT cdn-storageserver DE-197 cdn-cachedat 07/14/2022 17:23:22 cdn-pullzone 293267 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-AMS-883 access-control-allow-origin * last-modified Thu, 14 Jul 2022 17:23:21 GMT cdn-proxyver 1.02 cdn-fileserver 398 etag W/"62d05109-30f2d" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cdn-requestid 1206e132dd1b1e2fe67eb9b702448b55 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	js Show response www.googletagmanager.com/gtag/	193 KB 69 KB	27ms 25ms	Script application/javascript	2a00:1450:4001:80e::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-XSJWJRVN3L&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLFNV2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0c3e83a129d3fce18c037567c3542061db55ac72ba2fb275305ab9a9c529c1f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70531 x-xss-protection 0 expires Fri, 15 Jul 2022 10:46:05 GMT
GET H2	200	optimize.js Show response www.google-analytics.com/gtm/	103 KB 40 KB	63ms 39ms	Script application/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/gtm/optimize.js?id=GTM-PGQP4D9 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLFNV2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 8ea57e577687abb3fee4685d62b9a59c1253946cfb3f7bcb897da6e6fcac39b7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 40528 x-xss-protection 0 last-modified Fri, 15 Jul 2022 09:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 15 Jul 2022 10:46:05 GMT
GET H2	200	bkgrnd-scotus-cc-chip-somodevilla-getty-images.jpg dewkqxr3ix5n3.cloudfront.net/images/	942 KB 944 KB	206ms 205ms	Image image/jpeg	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/bkgrnd-scotus-cc-chip-somodevilla-getty-images.jpg Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9a6f6cf7e8cfe3d656b44d224b63090a289e5df05e33acdae7a1ece87142787d Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) last-modified Tue, 14 Jun 2022 13:46:06 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "19d311d5196689625d330253b9f1de5a" x-amz-meta-uuid a2a99da887a944a0976a32cd0485949a x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 964543 x-amz-cf-id tBagmChVWfLJyEQ6mbR1QSbwQncbQpP8T0bxGrVwdOhCvLBP71J-tA==
GET H2	200	actionfund-logo-blue-white-horizontal.png dewkqxr3ix5n3.cloudfront.net/images/	6 KB 6 KB	23ms 22ms	Image image/png	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/actionfund-logo-blue-white-horizontal.png Requested by Host: dewkqxr3ix5n3.cloudfront.net URL: https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44b7dad686f639735e19657bba8c06e2939e1e47e12cb27d517faac6b7ade8ba Request headers accept-language de-DE,de;q=0.9 Referer https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Thu, 14 Jul 2022 18:11:06 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) last-modified Mon, 08 Jul 2019 13:07:43 GMT server AmazonS3 age 59700 etag "cf1175c310260d40229a566221fedb04" x-amz-meta-uuid b50fa581b4e24ef8a90ff45c0c7022cf x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 6008 x-amz-cf-id 3B8vOxS4tHYWn19hwLta6WaRVQaXWTgB4968lSlaDU9JG_ayhXRHzg==
GET DATA	200 OK	truncated /	24 KB 24 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 82613903d2d59e65f335bafed2bc680311b6bd864d8782d45d1935f6d4ebf2a1 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	12 KB 12 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 97fcbdd22e2267d0b695abc864e13fb090e3efa43a24be1c5c78bc2938505f20 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash afe07448c47a4b7452d528f8cfd99b98bc730fd33ca221946201aa3853ca0737 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET H2	200	KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2 fonts.gstatic.com/s/architectsdaughter/v18/	13 KB 13 KB	50ms 24ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/architectsdaughter/v18/KtkxAKiDZI_td1Lkx62xHZHDtgO_Y-bvTYlg4w.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Architects+Daughter Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 284a3c1856b253a681c180bf5328cae3b94d4aaab702f6385490ec4e1b449df3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 23:32:47 GMT x-content-type-options nosniff age 213198 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13156 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:51:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Jul 2023 23:32:47 GMT
GET DATA	200 OK	truncated /	8 KB 8 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9039cbc536e1f568a71f02b04544956497589d1d673ecb4482471f16806e8cb1 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	5 KB 5 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e0bddbbcccf0f63ff11255d1c47f4f580666ae2b6ffff7abda8af7129ee1864b Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fc58a9b23f43f49408c69e9b956f73ba8e0105949d3d5b1ff4b85d048eaf48e8 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	134 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 93ee19994358156fbbe3bcbb748f51b8d5bd6199ff589f8955eaacfa59d5cb2c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	6738-af-june-appeal-fye-5x-220620 Show response act.nrdc.org/context/	15 KB 7 KB	409ms 409ms	Script text/javascript	52.8.108.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://act.nrdc.org/context/6738-af-june-appeal-fye-5x-220620?callback=actionkit.forms.onContextLoaded&form_name=act&akid=20252.8133723.z6aCBD&required=email&required=country&required=first_name&required=last_name&required=email&required=card_num&required=exp_date&required=card_code&r=0.5371299263458336&url=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD Requested by Host: act.nrdc.org URL: https://act.nrdc.org/resources/actionkit.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.8.108.100 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-8-108-100.us-west-1.compute.amazonaws.com Software openresty / Resource Hash 80107e41e96af8aeb4bb6a6ba40824db624c2fd7d7705f741beed7d1045cd28f Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip server openresty vary Accept-Encoding, Cookie, Origin content-type text/javascript
GET H2	200	paypal-pp-gray.svg dewkqxr3ix5n3.cloudfront.net/images/	2 KB 1 KB	12ms 11ms	Image image/svg+xml	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/paypal-pp-gray.svg Requested by Host: dewkqxr3ix5n3.cloudfront.net URL: https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c3c7eab4d83893ae43cbdf1062c212582363607d970abcd5583d6d40fde5b9ce Request headers accept-language de-DE,de;q=0.9 Referer https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 08:19:05 GMT content-encoding gzip last-modified Fri, 09 Nov 2018 23:26:35 GMT server AmazonS3 age 8821 etag W/"6a9cfd53fc29923d54eee0e82d13ca9f" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) x-amz-meta-uuid ce383dc4a2f3480da3a86cf1502ba431 x-amz-cf-pop FRA50-C1 x-amz-cf-id qGk5QD344CDxY93OXm_Zelq85taI9C7rN7cpOrQRF4GYU9IeChrrow==
GET H2	200	actionfund-logo-blue-white-vertical.png dewkqxr3ix5n3.cloudfront.net/images/	11 KB 12 KB	428ms 428ms	Image image/png	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/actionfund-logo-blue-white-vertical.png Requested by Host: dewkqxr3ix5n3.cloudfront.net URL: https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d8882689c67f8fde3feee3133c600a434b4db2358c938de37c8b1936e6ffb2d6 Request headers accept-language de-DE,de;q=0.9 Referer https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) last-modified Mon, 08 Jul 2019 13:07:55 GMT server AmazonS3 x-amz-cf-pop FRA50-C1 etag "d05d4e3ff49c62905dcb24892f15eee0" x-amz-meta-uuid 87d1a7d94ced45ee92e4f0e78d745e85 x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 11576 x-amz-cf-id O3aoRJ9z-VNK-xjEGIKBkDIma5dovV49_FxqIbl2iLkVqSjJ3GF1Lw==
GET H2	200	spritesheet.png dewkqxr3ix5n3.cloudfront.net/images/	29 KB 29 KB	23ms 22ms	Image image/png	2600:9000:2156:bc00:4:daf2:33c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dewkqxr3ix5n3.cloudfront.net/images/spritesheet.png Requested by Host: dewkqxr3ix5n3.cloudfront.net URL: https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:bc00:4:daf2:33c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c143392300d46ba71f31ea529b1952912b773f7cc1ad24496c08afc63a4ac38b Request headers accept-language de-DE,de;q=0.9 Referer https://dewkqxr3ix5n3.cloudfront.net/nrdc-2018/css/nrdc.min.css?q=69 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 07:52:14 GMT via 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront) last-modified Thu, 18 May 2017 17:13:05 GMT server AmazonS3 age 10432 etag "66af6af4bf7839dc2b77fb308a356f4d" vary Accept-Encoding x-cache Hit from cloudfront content-type image/png x-amz-meta-uuid 9a75d5047e5d4d6d89ce0244f0d37956 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 29461 x-amz-cf-id N3oVIUavMJ4ngNVkBtRJxht3cQyppnBh0jCHqyMyBO-qGjXL6i3cLw==
GET DATA	200 OK	truncated /	13 KB 13 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dfe9d78194bb8b71c2b19ab76ccd70873b9209a7972b6aa6fe546b29541bfc18 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4b2fbf9365be18b35657bf95ba9d013361f24ba040e29190737ec801ae4365b3 Request headers Referer Origin https://act.nrdc.org accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type application/x-font-woff
GET H2	200	23937bb1-cbd8-4d13-95e0-6ba697305160.json Show response cdn.cookielaw.org/consent/23937bb1-cbd8-4d13-95e0-6ba697305160/	3 KB 2 KB	49ms 22ms	XHR application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/23937bb1-cbd8-4d13-95e0-6ba697305160/23937bb1-cbd8-4d13-95e0-6ba697305160.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32e6d10f4673737c09e8b6d8b8cec6fa0cdd745c3c84955954d31798dc35012d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DCLhgxL+qoBI7UvzyFpHvg== age 7867 vary Accept-Encoding content-length 1325 x-ms-lease-status unlocked last-modified Tue, 12 Apr 2022 22:24:31 GMT server cloudflare etag 0x8DA1CD3370B2150 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 75ce0eb8-701e-0095-5e56-55b9d5000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98bbf1023df-ZRH expires Fri, 15 Jul 2022 14:46:05 GMT
OPTIONS H/1.1	200 OK	configuration api.braintreegateway.com/merchants/5cdj4j9qgxtdb8dn/client_api/v1/ Frame	0 0	229ms 14ms	Preflight	3.122.176.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.braintreegateway.com/merchants/5cdj4j9qgxtdb8dn/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NTc5NjgzNjQsImp0aSI6IjgxMWMyZjhjLTIwM2MtNGQzNC1hZDU3LWY2NDc1ZjRhZGU0YyIsInN1YiI6IjVjZGo0ajlxZ3h0ZGI4ZG4iLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjVjZGo0ajlxZ3h0ZGI4ZG4iLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsibWVyY2hhbnRfYWNjb3VudF9pZCI6Ik5SRENBY3Rpb25GdW5kSU5DX2luc3RhbnQifX0.R9WEZd-iz03G0_nwtjBEAVmgzixilYIxS8hAUpSFYChNpUIME2P3iJKbi5KMqtxeu8rEm2JV5YyqaM_uO_4dxQ&_meta%5BmerchantAppId%5D=act.nrdc.org&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.27.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=df2bd597-e17d-48f2-be33-7567f73a2e79&braintreeLibraryVersion=braintree%2Fweb%2F3.27.0&configVersion=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.122.176.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-176-248.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method GET Origin https://act.nrdc.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY access-control-allow-headers content-type access-control-allow-methods GET,DELETE,OPTIONS,PATCH,POST,PUT access-control-allow-origin https://act.nrdc.org access-control-max-age 1800 date Fri, 15 Jul 2022 10:46:05 GMT paypal-debug-id 793ffcaf8c1e4 server nginx transfer-encoding chunked
GET H/1.1	200 OK	configuration Show response api.braintreegateway.com/merchants/5cdj4j9qgxtdb8dn/client_api/v1/	2 KB 2 KB	430ms 429ms	XHR application/json	3.122.176.248 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.braintreegateway.com/merchants/5cdj4j9qgxtdb8dn/client_api/v1/configuration?authorizationFingerprint=eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NTc5NjgzNjQsImp0aSI6IjgxMWMyZjhjLTIwM2MtNGQzNC1hZDU3LWY2NDc1ZjRhZGU0YyIsInN1YiI6IjVjZGo0ajlxZ3h0ZGI4ZG4iLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6IjVjZGo0ajlxZ3h0ZGI4ZG4iLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsibWVyY2hhbnRfYWNjb3VudF9pZCI6Ik5SRENBY3Rpb25GdW5kSU5DX2luc3RhbnQifX0.R9WEZd-iz03G0_nwtjBEAVmgzixilYIxS8hAUpSFYChNpUIME2P3iJKbi5KMqtxeu8rEm2JV5YyqaM_uO_4dxQ&_meta%5BmerchantAppId%5D=act.nrdc.org&_meta%5Bplatform%5D=web&_meta%5BsdkVersion%5D=3.27.0&_meta%5Bsource%5D=client&_meta%5Bintegration%5D=custom&_meta%5BintegrationType%5D=custom&_meta%5BsessionId%5D=df2bd597-e17d-48f2-be33-7567f73a2e79&braintreeLibraryVersion=braintree%2Fweb%2F3.27.0&configVersion=3 Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/client.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.122.176.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-176-248.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash 224c1fdd350bf18f4bb84671100c874c48bab4dbfc18c854c1142b6bbb90d801 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubdomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:06 GMT content-encoding gzip X-Content-Type-Options nosniff server nginx X-Frame-Options DENY vary Braintree-Version, Accept-Encoding Content-Type application/json access-control-allow-origin https://act.nrdc.org Cache-Control no-cache, no-store braintree-version 2016-10-07 paypal-debug-id a0e94afb77ef4 Strict-Transport-Security max-age=63072000; includeSubdomains; preload Content-Length 1311
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	32ms 8ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26001 x-xss-protection 0 pragma public x-fb-debug 1JsAcn6UPLqaOrDtqmHP60iq96i47hj0CW2KMi+MThSB7YP+y3ZkWipNhBCSKhmpYPCv3qQ7/jhXHzA78PG4SA== x-fb-trip-id 686109401 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 15 Jul 2022 10:46:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	uwt.js Show response static.ads-twitter.com/	55 KB 15 KB	45ms 9ms	Script application/javascript	199.232.136.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/uwt.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip last-modified Thu, 16 Jun 2022 16:20:35 GMT etag "f345fa1999011d396bda3b2c6fafc302+gzip+gzip" vary Accept-Encoding,Host x-tw-cdn FT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" cache-control no-cache x-cache HIT, HIT accept-ranges bytes content-type application/javascript; charset=utf-8 content-length 15166 x-served-by cache-iad-kjyo7100083-IAD, cache-hhn11575-HHN
GET H2	200	tc.min.js Show response c1.rfihub.net/js/	19 KB 6 KB	80ms 10ms	Script application/x-javascript	2600:9000:2156:9e00:1:76cf:fe80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.rfihub.net/js/tc.min.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:9e00:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:23:07 GMT content-encoding gzip last-modified Fri, 15 Jul 2022 10:22:57 GMT server Jetty(9.3.29.v20201019) age 1378 x-cache Hit from cloudfront p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" via 1.1 fa5a3d5abd34c6fac657b045a4dcbdc4.cloudfront.net (CloudFront) cache-control public, max-age=3600 x-amz-cf-pop FRA50-C1 content-type application/x-javascript content-length 6162 x-amz-cf-id ydQjx5bApDrOeUcQYKygWKSXqOvPDjvAcITwNXx3Knwv5rx6YXY04w== expires Fri, 15 Jul 2022 11:23:07 GMT
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	65ms 32ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Thu, 16 Jun 2022 18:22:08 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1061BE1582C145F4BC2036751FF7E09A Ref B: FRAEDGE1520 Ref C: 2022-07-15T10:46:05Z etag "0c8eafcad81d81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 date Fri, 15 Jul 2022 10:46:04 GMT accept-ranges bytes content-length 11360
GET H2	200	/ insight.adsrvr.org/track/conv/	70 B 261 B	98ms 29ms	Image image/gif	3.33.220.150 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://insight.adsrvr.org/track/conv/?adv=ol55sj7&ct=0:zh9eucv&fmt=3 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.33.220.150 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software / Resource Hash 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT cache-control private,no-cache, must-revalidate x-aspnet-version 4.0.30319 content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
GET H2	200	quant.js Show response secure.quantserve.com/	24 KB 10 KB	63ms 2ms	Script application/javascript	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/quant.js Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip etag "77f5L8LR6ldZZZ+q4Q+xaw==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 accept-ranges bytes expires Fri, 22 Jul 2022 10:46:05 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	23ms 7ms	Script text/javascript	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLFNV2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 6008 date Fri, 15 Jul 2022 09:05:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Fri, 15 Jul 2022 11:05:57 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 336 B	46ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-XSJWJRVN3L&gtm=2oe7d0&_p=359692967&_z=ccd.v9B&cid=1327973737.1657881965&ul=en-us&sr=1600x1200&_s=1&sid=1657881965&sct=1&seg=0&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&dt=Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-XSJWJRVN3L&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.nrdc.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/6.33.0/	336 KB 80 KB	30ms 24ms	Script application/javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0152531ece5b19aa743208c31fd9f9284282bc97a2ec666de5cf770a9aeee0fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 snqI9a2h7X2bbSiony0guw== age 6157 vary Accept-Encoding content-length 81354 x-ms-lease-status unlocked last-modified Wed, 13 Apr 2022 01:38:27 GMT server cloudflare etag 0x8DA1CEE4EF01A44 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript access-control-allow-origin * x-ms-request-id 42d08a51-701e-0112-29f2-4eaaaf000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98c1f9423df-ZRH
GET H2	200	adsct t.co/i/	43 B 337 B	193ms 160ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=5e1c9a25-9120-4f95-8e26-cfd9f96d03e5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=9ec00bac-cac3-4840-85ba-00677dc9a87d&tw_document_href=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvhxe&type=javascript&version=2.4.12 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-response-time 152 date Fri, 15 Jul 2022 10:46:05 GMT server tsa_o strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash aaa271ba3c22d4b41fb6bb4a5d9d20a4cbeb050d7047420ee6fee2a432c16b73 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 223 B	216ms 175ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=5e1c9a25-9120-4f95-8e26-cfd9f96d03e5&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=9ec00bac-cac3-4840-85ba-00677dc9a87d&tw_document_href=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvhxe&type=javascript&version=2.4.12 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-response-time 168 date Fri, 15 Jul 2022 10:46:05 GMT server tsa_o strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 1233f82cd0ea3b0f2bdc31c964a53d6bb597798b030febd1d408b036903eba6a content-length 43
GET H2	200	adsct t.co/i/	43 B 189 B	198ms 165ms	Image image/gif	104.244.42.133 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=3&eci=2&event_id=d1e7ce05-fb28-4438-9eac-806e06dc6e4a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=9ec00bac-cac3-4840-85ba-00677dc9a87d&tw_document_href=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvhxf&type=javascript&version=2.4.12 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.133 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-response-time 158 date Fri, 15 Jul 2022 10:46:05 GMT server tsa_o strict-transport-security max-age=0 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash aaa271ba3c22d4b41fb6bb4a5d9d20a4cbeb050d7047420ee6fee2a432c16b73 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 354 B	209ms 168ms	Image image/gif	104.244.42.131 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=d1e7ce05-fb28-4438-9eac-806e06dc6e4a&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=9ec00bac-cac3-4840-85ba-00677dc9a87d&tw_document_href=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nvhxf&type=javascript&version=2.4.12 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.131 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-response-time 161 date Fri, 15 Jul 2022 10:46:04 GMT server tsa_o strict-transport-security max-age=631138519 content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0 x-connection-hash 1233f82cd0ea3b0f2bdc31c964a53d6bb597798b030febd1d408b036903eba6a content-length 43
GET H3	200	997562976929632 Show response connect.facebook.net/signals/config/	291 KB 84 KB	113ms 101ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/997562976929632?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bfa6bdac4188a93072839d438e111ee6de9d0cba3ccba9f8e32c19eaff760217 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug pGeSX8n17Kwd5wVTLhCxx8zjoxbqvP0tRNzgkorX3GqYNe2jMMYCkLl5pkneR9jYnbhZwOmTdWjtx/XhmMnd5g== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 15 Jul 2022 10:46:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1657881965572 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	14ms 13ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=359692967&t=pageview&_s=1&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&dp=%2Fdonate%2F6738-af-june-appeal-fye-5x-220620&ul=en-us&de=UTF-8&dt=Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABRAAAAC~&jid=971771838&gjid=1406825368&cid=1327973737.1657881965&tid=UA-2459249-1&_gid=749606616.1657881965&_r=1&gtm=2wg7d0WLFNV2&z=212332267 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://act.nrdc.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rules-p-nhB6azfeevmhw.js Show response rules.quantcount.com/	4 KB 2 KB	43ms 14ms	Script application/javascript	2600:9000:2156:6600:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-nhB6azfeevmhw.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/quant.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:6600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 15ba591ef3f96ba873b26a79391b1dd91a64240546786d31a1e074690154ad99 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:34:12 GMT content-encoding gzip age 714 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Thu, 30 Apr 2020 21:12:11 GMT server AmazonS3 etag W/"03a566c33e9d163327ed466e579adf3a" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 ef13dd533b8dc9dcfdc35449cf88f808.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop FRA50-C1 x-amz-cf-id nf0tDSpxZ0R0PXWKPYkxmh8XeJnb2cZjH1NFiJJbl7hRxSkDiBA21g==
GET H2	200	5523006.js Show response bat.bing.com/p/action/	827 B 747 B	152ms 152ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/5523006.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 7b5fc2ba383908fbfe6e08ce3423edeab09ef69d5bda95e5602d9dccae15b934 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E45E26787BED4C9587C2B8D36F72F18A Ref B: FRAEDGE1520 Ref C: 2022-07-15T10:46:05Z date Fri, 15 Jul 2022 10:46:05 GMT vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control private,max-age=60 content-length 571
GET H2	204	0 bat.bing.com/action/	0 175 B	35ms 34ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=5523006&Ver=2&mid=02044028-5a8b-4b04-9c10-3512078f6d66&sid=53d87850042b11ed8862ff8cd1bf7288&vid=53d89f70042b11ed96d8d53225d102f4&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund&p=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&r=&lt=1615&evt=pageLoad&msclkid=N&sv=1&rn=380762 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 1D851A684B40422CADBE8437DD672D55 Ref B: FRAEDGE1520 Ref C: 2022-07-15T10:46:05Z date Fri, 15 Jul 2022 10:46:05 GMT x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	ca.html Show response 20775763p.rfihub.com/ Frame 7F65	3 KB 4 KB	207ms 17ms	Document text/html	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Full URL https://20775763p.rfihub.com/ca.html?ver=9&rb=4059&ca=20775763&pe=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&pf=&ra=775021145602645 Requested by Host: c1.rfihub.net URL: https://c1.rfihub.net/js/tc.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_CBC Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash c2eb101d7f38feaa1239138e11a2d463724c51a77c4ec6fa33dd71f3c60a35b5 Request headers Referer https://act.nrdc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control no-cache Content-Length 2800 Content-Type text/html;charset=utf-8 Date Fri, 15 Jul 2022 10:46:05 GMT P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Server Jetty(9.3.29.v20201019)
GET H2	200	en.json Show response cdn.cookielaw.org/consent/23937bb1-cbd8-4d13-95e0-6ba697305160/4094cbcd-a314-4fd7-bd8c-a7452227c9ea/	22 KB 7 KB	22ms 22ms	Fetch application/x-javascript	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/23937bb1-cbd8-4d13-95e0-6ba697305160/4094cbcd-a314-4fd7-bd8c-a7452227c9ea/en.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 736015b9c5af868172b9e0f6e6877574ea0baca26e122cb9ae57cc3d12c31828 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 cW1vKOAoPF8iuV7jgQcHFg== age 7867 vary Accept-Encoding content-length 6906 x-ms-lease-status unlocked last-modified Tue, 12 Apr 2022 22:24:33 GMT server cloudflare etag 0x8DA1CD3380F739F expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/x-javascript access-control-allow-origin * x-ms-request-id 84732dbd-b01e-0140-6e69-52b75d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98c989123df-ZRH expires Fri, 15 Jul 2022 14:46:05 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 437 B	59ms 18ms	XHR text/plain	2a00:1450:400c:c0c::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-2459249-1&cid=1327973737.1657881965&jid=971771838&gjid=1406825368&_gid=749606616.1657881965&_u=YCDACEAARAAAAC~&z=235233736 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 15 Jul 2022 10:46:05 GMT content-type text/plain access-control-allow-origin https://act.nrdc.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel;r=2113998703;labels=_fp.channel.C4%2C_fp.event.Donations;rf=0;a=p-nhB6azfeevmhw;url=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D813... pixel.quantserve.com/	35 B 371 B	29ms 18ms	Image image/gif	2620:116:800d:21:de2e:c7b3:55c0:d5a0 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=2113998703;labels=_fp.channel.C4%2C_fp.event.Donations;rf=0;a=p-nhB6azfeevmhw;url=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD;uht=2;fpan=1;fpa=P0-1186565303-1657881965557;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=nrdc.org;dst=0;et=1657881965556;tzo=0;ogl=title.Fight%20back%20against%20anti-environment%20politicians!%2Cdescription.Fossil%20fuel%20giants%20and%20their%20allies%20in%20Washington%20are%20trying%20to%20destroy%20decades%20%2Cimage.https%3A%2F%2Fdewkqxr3ix5n3%252Ecloudfront%252Enet%2Fimages%2Fdon-6733-scotus-cc-chip-somodevilla-%2Curl.https%3A%2F%2Fact%252Enrdc%252Eorg%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%2Csite_name.NRDC%2Ctype.article Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	otFlat.json Show response cdn.cookielaw.org/scripttemplates/6.33.0/assets/	13 KB 3 KB	31ms 29ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otFlat.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 sKd74iX+eTxIn9FxDVtzyw== age 7867 vary Accept-Encoding content-length 2959 x-ms-lease-status unlocked last-modified Wed, 13 Apr 2022 01:38:17 GMT server cloudflare etag 0x8DA1CEE4903C133 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id 506ba5d3-801e-0148-2b2a-56ac2e000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98ce91623df-ZRH
GET H2	200	otPcPanel.json Show response cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/	48 KB 11 KB	42ms 39ms	Fetch application/json	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcPanel.json Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae45f042db0f3b2d2ffe2bc7f5193a9713b4095048efe83eb847fd8e0ff70920 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 A7tMInCwvuWCqK9nIJa+YQ== age 7867 vary Accept-Encoding content-length 11506 x-ms-lease-status unlocked last-modified Wed, 13 Apr 2022 01:38:20 GMT server cloudflare etag 0x8DA1CEE4A7C227E expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/json access-control-allow-origin * x-ms-request-id bbeb2db6-f01e-014c-6608-4f59ac000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 72b1e98ce91923df-ZRH
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/6.33.0/assets/	21 KB 4 KB	29ms 27ms	Fetch text/css	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css Requested by Host: cdn.cookielaw.org URL: https://cdn.cookielaw.org/scripttemplates/6.33.0/otBannerSdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 SHFDtZO2nDZuiPDW83p1IQ== age 7867 vary Accept-Encoding x-ms-lease-status unlocked last-modified Wed, 13 Apr 2022 01:38:32 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css access-control-allow-origin * x-ms-request-id 9ac36fb0-501e-0089-29b4-5061c2000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 72b1e98ce91b23df-ZRH
GET H3	200	180130112355994 Show response connect.facebook.net/signals/config/	292 KB 84 KB	289ms 289ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/180130112355994?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 20fbcc06778a0c2b290341d3ea2c69bf752a2975194c5824bf6ef40e6719f2bf Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug PvuS8KdtZAbw4eTCOvdtaioIQGdxvwWigM6IcTBvdpOSgMFP+M+e9IUYbkUmpQ3gIVu9NaZ5altF/ztojiSTKw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 15 Jul 2022 10:46:05 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1657881965897 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 410 B	28ms 12ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=997562976929632&ev=PageView&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881965610&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Fri, 15 Jul 2022 10:46:05 GMT
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 12ae01d498fd998263b555e99880c6838ef6acca33fcd2e1cb12367a99e928f4 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	poweredBy_ot_logo.svg cdn.cookielaw.org/logos/static/	3 KB 2 KB	30ms 30ms	Image image/svg+xml	2606:4700::6810:9540 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 15 Jul 2022 10:46:05 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 LpuayL42jB78xRllx0vkOw== age 10910 vary Accept-Encoding x-ms-lease-status unlocked last-modified Thu, 14 Jul 2022 19:31:31 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type image/svg+xml access-control-allow-origin * x-ms-request-id 63f5e491-f01e-0084-5fd6-978ece000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=14400 x-ms-version 2009-09-19 cf-ray 72b1e98dba8a23df-ZRH
GET H2	200	5523006 Show response www.clarity.ms/tag/uet/	2 KB 2 KB	186ms 113ms	Script application/x-javascript	2620:1ec:27::cafe:1799 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/uet/5523006 Requested by Host: bat.bing.com URL: https://bat.bing.com/p/action/5523006.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1799 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 3cf512227ebbb18b66c1f25dcccfc84c4d8359f9cba7f775de3076c72dce5dd5 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT x-powered-by ASP.NET x-azure-ref 0bUXRYgAAAAAyfS1nFjDjQ61rrOpB/G7KTUFOMzBFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= x-cache CONFIG_NOCACHE content-type application/x-javascript expires -1 cache-control no-cache, no-store request-context appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
GET H/1.1	200 OK	cm a.rfihub.com/ Frame 7F65 Redirect Chain https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTI0MDQzNzAzOA==&forward= https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxOTI0MDQzNzAzOA==&forward=&google_tc= https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEB6gTDOGSPELYHT3a4zpiuk&google_cver=1	42 B 1009 B	70ms 15ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEB6gTDOGSPELYHT3a4zpiuk&google_cver=1 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEB6gTDOGSPELYHT3a4zpiuk&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 311 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	bounce ib.adnxs.com/ Frame 7F65 Redirect Chain https://ib.adnxs.com/setuid?entity=18&code=5142336719240437038 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719240437038	43 B 1 KB	24ms 24ms	Image image/gif	185.89.210.180 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 185.89.210.180 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Date Fri, 15 Jul 2022 10:46:05 GMT X-Proxy-Origin 217.64.151.67; 217.64.151.67; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid 83db6531-53c7-4060-91eb-1a91635cee71 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers Pragma no-cache Date Fri, 15 Jul 2022 10:46:05 GMT X-Proxy-Origin 217.64.151.67; 217.64.151.67; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com AN-X-Request-Uuid d94e7206-e575-4b10-a01c-5542164123de Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5142336719240437038 Cache-Control no-store, no-cache, private Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	204 No Content	tap.php pixel.rubiconproject.com/ Frame 7F65	0 239 B	68ms 10ms	Image image/gif	69.173.144.165 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336719240437038& Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost 704c1e4d3fcc922a3031d436b584678b Content-Type image/gif
GET H/1.1	200 OK	demconf.jpg dpm.demdex.net/ Frame 7F65 Redirect Chain https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5142336719240437038&redir= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719240437038&redir=	42 B 942 B	119ms 118ms	Image image/gif	34.246.144.250 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719240437038&redir= Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 34.246.144.250 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-246-144-250.eu-west-1.compute.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers DCS dcs-prod-irl1-1-v036-0fd368c09.edge-irl1.demdex.com 8 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID HPwll9qkTtw= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type image/gif Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-irl1-1-v036-07ede79fd.edge-irl1.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID FqMTvokIS64= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5142336719240437038&redir= Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	match ps.eyeota.net/ Frame 7F65 Redirect Chain https://p.rfihub.com/cm?pub=24472&in=1 https://ps.eyeota.net/match?uid=5142336719240437038&bid=omt9pi0	0 344 B	62ms 7ms	Image text/plain	3.122.214.165 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ps.eyeota.net/match?uid=5142336719240437038&bid=omt9pi0 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-122-214-165.eu-central-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 15 Jul 2022 10:46:05 GMT Content-Length 0 P3P CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml" Redirect headers Location https://ps.eyeota.net/match?uid=5142336719240437038&bid=omt9pi0 Date Fri, 15 Jul 2022 10:46:05 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	cksync.php contextual.media.net/ Frame 7F65	45 B 617 B	206ms 137ms	Image image/gif	2.18.235.93 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-235-93.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000 server Apache date Fri, 15 Jul 2022 10:46:05 GMT p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA cache-control max-age=0, no-cache, no-store content-type image/gif content-length 45 x-mnet-hl2 E expires Fri, 15 Jul 2022 10:46:05 GMT
GET H2	200	serving bs.serving-sys.com/ Frame 7F65	0 105 B	58ms 7ms	Image text/plain	18.198.233.172 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.198.233.172 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-198-233-172.eu-central-1.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET content-length 0 p3p CP="NOI DEVa OUR BUS UNI"
GET H3	451	501709.gif idsync.rlcdn.com/ Frame 7F65 Redirect Chain https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5142336719240437038&referrer=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26t... https://p.rfihub.com/cm?pub=39342&in=0&userid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Daa8d5d17-2b61-47ac-9f68-2ea9f50... https://idsync.rlcdn.com/501709.gif?partner_uid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573	0 9 B	31ms 16ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/501709.gif?partner_uid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 Redirect headers Location https://idsync.rlcdn.com/501709.gif?partner_uid=aa8d5d17-2b61-47ac-9f68-2ea9f50d8dca%3A1657881965.9795573 Date Fri, 15 Jul 2022 10:46:06 GMT Server Jetty(9.3.29.v20201019) Content-Length 0 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 7F65	43 B 109 B	358ms 142ms	Image image/gif	23.21.225.74 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=11017&user_id=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.21.225.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-225-74.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 7F65 Redirect Chain https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward= https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward=&C=1	43 B 947 B	56ms 45ms	Image image/gif	104.18.18.126 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward=&C=1 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Server 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers cf-ray 72b1e98edf3f8fd6-FRA pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8dIdPSDw%2FtOgSCwER0YuHtkSAfGj2uoVwnn9781mJIDFdoaZC2fY%2Bp9U%2Bu%2FjoVBl6z%2FYwbHJtPXkJSHCwFHJrbAZa7FDG1yO4fRfifflZ8QUNb43gT0Wh8HYnfW0Vic7CNf6mmpeJKu7Bw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" cache-control no-cache content-type image/gif alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zr%2FEfRg6e9EmMn4BwI%2FKKjuf%2BD1zX9znft1jN04e9FnomSjQF9ydbLIkCbTaq%2BXaXownw3hxguDHVCV9q6O0bFIglo1P1tmYuIBQaw%2BL%2FM%2F6Dm3ekPj3EsriI1MXAZYW0tJbrPSU8xWZmw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location /rum?cm_dsp_id=57&external_user_id=5142336719240437038&forward=&C=1 cache-control no-cache cf-ray 72b1e98e9a469bca-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET H2	451	360947.gif idsync.rlcdn.com/ Frame 7F65	0 98 B	44ms 17ms	Image text/plain	35.244.174.68 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/360947.gif?partner_uid=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 68.174.244.35.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	rocketfuel_sync x.dlx.addthis.com/e/ Frame 7F65	43 B 191 B	251ms 172ms	Image image/gif	104.111.215.191 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-215-191.deploy.static.akamaitechnologies.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=2628000 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:06 GMT cache-control max-age=0, no-cache, no-store expires Fri, 15 Jul 2022 10:46:06 GMT content-length 43 strict-transport-security max-age=2628000 content-type image/gif
GET H/1.1	200	partner sync.search.spotxchange.com/ Frame 7F65 Redirect Chain https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719240437038&img=1 https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719240437038&img=1&__user_check__=1&sync_id=542da25b-042b-11ed-9ff0-1d0a0d900206	43 B 548 B	18ms 18ms	Image image/gif	185.94.180.125 SPOTX-AMS
General Check archive.org Show headers Download Go to Show image Full URL https://sync.search.spotxchange.com/partner?adv_id=7180&uid=5142336719240437038&img=1&__user_check__=1&sync_id=542da25b-042b-11ed-9ff0-1d0a0d900206 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US), Reverse DNS Software nginx / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type image/gif Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 73 Connection keep-alive Content-Length 43 Redirect headers Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx Location /partner?adv_id=7180&uid=5142336719240437038&img=1&__user_check__=1&sync_id=542da25b-042b-11ed-9ff0-1d0a0d900206 Access-Control-Allow-Methods GET, POST, OPTIONS Content-Type text/plain Access-Control-Allow-Origin * Cache-Control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 Access-Control-Allow-Credentials false X-fe 129 Connection keep-alive Content-Length 0
GET H2	200	sync partners.tremorhub.com/ Frame 7F65	43 B 183 B	298ms 92ms	Image image/gif	2600:1f18:612b:4232:3a52:3467:336a:77c7 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partners.tremorhub.com/sync?UIRF=5142336719240437038&r=8giYo0BHUTyc Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f18:612b:4232:3a52:3467:336a:77c7 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT server Apache-Coyote/1.1 p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' content-type image/gif
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 7F65	43 B 377 B	43ms 8ms	Image image/gif	18.156.126.13 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.156.126.13 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-126-13.eu-central-1.compute.amazonaws.com Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:05 GMT server AAWebServer access-control-allow-methods GET, POST, OPTIONS p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" access-control-allow-origin * cache-control no-cache, no-store, must-revalidate content-type image/gif access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type content-length 43 expires 0
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 7F65	0 338 B	104ms 28ms	Image text/plain	54.170.181.87 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5142336719240437038 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.170.181.87 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-170-181-87.eu-west-1.compute.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT cache-control private, no-cache, no-store x-request-time D=36 t=1657881966 x-served-by beacon-n002-dub-prod.krxd.net p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Frame 7F65 Redirect Chain https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336719240437038&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719240437038&expires=30	43 B 495 B	9ms 8ms	Image image/gif	35.158.225.181 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719240437038&expires=30 Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 35.158.225.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-158-225-181.eu-central-1.compute.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5142336719240437038&expires=30 Date Fri, 15 Jul 2022 10:46:06 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H/1.1	200 OK	cm p.rfihub.com/ Frame 7F65 Redirect Chain https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YtFFbgAQdoc6vAAo https://p.rfihub.com/cm?in=1&pub=21653&userid=YtFFbgAQdoc6vAAo&_test=YtFFbgAQdoc6vAAo	42 B 1 KB	18ms 14ms	Image image/gif	193.0.160.128 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://p.rfihub.com/cm?in=1&pub=21653&userid=YtFFbgAQdoc6vAAo&_test=YtFFbgAQdoc6vAAo Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol HTTP/1.1 Server 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language de-DE,de;q=0.9 Referer https://20775763p.rfihub.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 15 Jul 2022 10:46:06 GMT via 1.1 varnish server Varnish x-timer S1657881966.200960,VS0,VE0 x-served-by cache-hhn4065-HHN x-cache HIT location https://p.rfihub.com/cm?in=1&pub=21653&userid=YtFFbgAQdoc6vAAo&_test=YtFFbgAQdoc6vAAo cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	api.min.css a.omappapi.com/app/js/	18 KB 3 KB	336ms 15ms	Stylesheet text/css	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT content-encoding br cdn-edgestorageid 879 perma-cache HIT cdn-storageserver DE-200 cdn-cachedat 07/14/2022 17:23:23 cdn-pullzone 293267 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-AMS-883 access-control-allow-origin * last-modified Thu, 14 Jul 2022 17:23:20 GMT cdn-proxyver 1.02 cdn-fileserver 398 etag W/"62d05108-464c" vary Accept-Encoding, Accept-Encoding content-type text/css cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cdn-requestid d6069c7853bafcf531c6e1180ab99a5e cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	51954 Show response api.omappapi.com/v2/embed/	227 B 825 B	148ms 99ms	XHR application/json	143.204.89.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/51954?d=act.nrdc.org Requested by Host: a.opmnstr.com URL: https://a.opmnstr.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-113.fra50.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:03 GMT via 1.1 e6d97713eb9b65f883e0f86b833878dc.cloudfront.net (CloudFront) x-cache-config 0 0 x-amz-cf-pop FRA50-C1 x-cache-status HIT x-cache Miss from cloudfront content-length 227 x-optinmonster-account 58474 x-user-agent standard-- last-modified Thu, 01 Jan 1970 00:00:00 GMT server Pagely Gateway/1.5.1 etag "b91e5dc54e033e761837b7b846da520f" vary Accept-Encoding, User-Agent content-type application/json access-control-allow-origin * access-control-expose-headers X-OptinMonster-Account, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token x-amz-cf-id xZA9ouqwyUlPrbHr74v7TFDtID-fWi8e9UHTPcoYsJqunFfdJaDK0w== expires Fri, 15 Jul 2022 10:44:46 GMT
GET H2	200	clarity.js Show response www.clarity.ms/eus2-b/s/0.6.34/	53 KB 23 KB	112ms 111ms	Script application/javascript	2620:1ec:27::cafe:1799 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/uet/5523006 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:27::cafe:1799 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT content-encoding br etag "1d897c159e34b54" last-modified Wed, 01 Jun 2022 12:22:22 GMT x-powered-by ASP.NET vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript;charset=utf-8 cache-control public,max-age=86400 x-azure-ref 0bUXRYgAAAADgncVS7whWS4ElBpWydYXBTUFOMzBFREdFMDMxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE= accept-ranges bytes request-context appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
GET H3	200	2013093915675582 Show response connect.facebook.net/signals/config/	292 KB 84 KB	119ms 116ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2013093915675582?v=2.9.65&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e23bbf47eea0714d1502250aec87d5dedeb56fa49899cd6efaaa2ca1d4166524 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 3+BPaXK9oLeV79B6kp6hHKCjbzg8zBPx8Vi8Q9NpUmQLqqK6Yw6Pw8LkWvZBZt0/dqT6o7fCa1ajYP3pLSI98g== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 15 Jul 2022 10:46:06 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1657881966078 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	17ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=180130112355994&ev=PageView&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881965962&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:05 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 15 Jul 2022 10:46:05 GMT
OPTIONS H/1.1	200 OK	5cdj4j9qgxtdb8dn client-analytics.braintreegateway.com/ Frame	0 0	39ms 7ms	Preflight	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://act.nrdc.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://act.nrdc.org Access-Control-Max-Age 3000 Connection keep-alive Content-Length 0 Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx
POST H/1.1	200 OK	5cdj4j9qgxtdb8dn Show response client-analytics.braintreegateway.com/	0 277 B	27ms 11ms	XHR text/plain	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/client.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://act.nrdc.org Connection keep-alive Access-Control-Allow-Headers Content-Length 0
POST H/1.1	200 OK	5cdj4j9qgxtdb8dn Show response client-analytics.braintreegateway.com/	0 277 B	14ms 12ms	XHR text/plain	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/client.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://act.nrdc.org Connection keep-alive Access-Control-Allow-Headers Content-Length 0
OPTIONS H/1.1	200 OK	5cdj4j9qgxtdb8dn client-analytics.braintreegateway.com/ Frame	0 0	16ms 11ms	Preflight	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://act.nrdc.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://act.nrdc.org Access-Control-Max-Age 3000 Connection keep-alive Content-Length 0 Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx
GET H/1.1	200 OK	logo.htm Show response ssl.kaptcha.com/ Frame 5CCA Redirect Chain https://assets.braintreegateway.com/data/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf https://ssl.kaptcha.com/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf	41 B 366 B	554ms 171ms	Document text/html	54.148.115.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ssl.kaptcha.com/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/data-collector.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-148-115-137.us-west-2.compute.amazonaws.com Software / Resource Hash a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Access-Control-Allow-Origin * Cache-Control no-cache no-store must-revalidate private Content-Length 41 Content-Type text/html Date Fri, 15 Jul 2022 10:46:07 GMT Expires 0 Pragma no-cache X-Correlation-Id 2183c74d-18e7-4fa2-a529-0f6326a8cd2a Redirect headers cache-control max-age=86400 content-length 154 content-type text/html date Fri, 15 Jul 2022 10:46:06 GMT expires Sat, 16 Jul 2022 10:46:06 GMT location https://ssl.kaptcha.com/logo.htm?m=undefined&s=1555bb36808952683a774b0cec3bd4bf server nginx strict-transport-security max-age=31536000 via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-id iHke1Wkbsb43iX-m9s-XE7HwLMr3gEzudv27xlsNkrG7V4iKFaHMNw== x-amz-cf-pop FRA50-C1 x-cache Miss from cloudfront
GET H2	200	hosted-fields-frame.min.html Show response assets.braintreegateway.com/web/3.27.0/html/ Frame EA0E	86 KB 24 KB	155ms 12ms	Document text/html	143.204.89.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.braintreegateway.com/web/3.27.0/html/hosted-fields-frame.min.html Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/hosted-fields.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-38.fra50.r.cloudfront.net Software nginx / Resource Hash 86d6c51b854ee282ebe63e60fd4b9ace73fc24e34330d1fa9e5382edba9e68e6 Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers Referer https://act.nrdc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 81487 cache-control max-age=86400 content-encoding gzip content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; content-type text/html date Thu, 14 Jul 2022 12:07:59 GMT etag W/"62a25d17-15637" expires Fri, 15 Jul 2022 12:07:59 GMT last-modified Thu, 09 Jun 2022 20:50:31 GMT server nginx vary Accept-Encoding via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-id dRy_OfMwMVH4CpijychleeBIGYtpUxfMCqRsGJgFYu60OgV6hkIUng== x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront
GET H2	200	hosted-fields-frame.min.html Show response assets.braintreegateway.com/web/3.27.0/html/ Frame 2DB4	86 KB 24 KB	144ms 18ms	Document text/html	143.204.89.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.braintreegateway.com/web/3.27.0/html/hosted-fields-frame.min.html Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/hosted-fields.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-38.fra50.r.cloudfront.net Software nginx / Resource Hash 86d6c51b854ee282ebe63e60fd4b9ace73fc24e34330d1fa9e5382edba9e68e6 Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers Referer https://act.nrdc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 81487 cache-control max-age=86400 content-encoding gzip content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; content-type text/html date Thu, 14 Jul 2022 12:07:59 GMT etag W/"62a25d17-15637" expires Fri, 15 Jul 2022 12:07:59 GMT last-modified Thu, 09 Jun 2022 20:50:31 GMT server nginx vary Accept-Encoding via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-id 80Ckn0yTFb6jWTbdmFB10szCf65N3swXmT6gqJIaUKxJPMz5Mt0feA== x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront
GET H2	200	hosted-fields-frame.min.html Show response assets.braintreegateway.com/web/3.27.0/html/ Frame D1E1	86 KB 24 KB	145ms 20ms	Document text/html	143.204.89.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets.braintreegateway.com/web/3.27.0/html/hosted-fields-frame.min.html Requested by Host: js.braintreegateway.com URL: https://js.braintreegateway.com/web/3.27.0/js/hosted-fields.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-38.fra50.r.cloudfront.net Software nginx / Resource Hash 86d6c51b854ee282ebe63e60fd4b9ace73fc24e34330d1fa9e5382edba9e68e6 Security Headers Name Value Content-Security-Policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; Request headers Referer https://act.nrdc.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * age 81487 cache-control max-age=86400 content-encoding gzip content-security-policy style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com; content-type text/html date Fri, 15 Jul 2022 10:46:06 GMT etag W/"62a25d17-15637" expires Fri, 15 Jul 2022 12:07:59 GMT last-modified Thu, 09 Jun 2022 20:50:31 GMT server nginx vary Accept-Encoding via 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront) x-amz-cf-id FHKDBJsLZLYo6M9rsps9MKrZ5XILcs2_0h2DmhO0plGsPNAM0XE81g== x-amz-cf-pop FRA50-C1 x-cache Hit from cloudfront
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2013093915675582&ev=PageView&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881966194&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 15 Jul 2022 10:46:06 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=997562976929632&ev=Microdata&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881966195&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Fight%20back%20against%20anti-environment%20politicians!%22%2C%22og%3Adescription%22%3A%22Fossil%20fuel%20giants%20and%20their%20allies%20in%20Washington%20are%20trying%20to%20destroy%20decades%20of%20climate%20progress.%20Donate%20to%20the%20NRDC%20Action%20Fund%20today%2C%20and%20your%20gift%20will%20be%20MATCHED%205X%20to%20fight%20back%20three%20times%20as%20hard!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdewkqxr3ix5n3.cloudfront.net%2Fimages%2Fdon-6733-scotus-cc-chip-somodevilla-getty-images.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%22%2C%22og%3Asite_name%22%3A%22NRDC%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 15 Jul 2022 10:46:06 GMT
POST H2	204	collect Show response e.clarity.ms/	0 173 B	701ms 322ms	XHR text/plain	20.62.48.180 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://e.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin https://act.nrdc.org date Fri, 15 Jul 2022 10:46:06 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
POST H/1.1	200 OK	5cdj4j9qgxtdb8dn Show response client-analytics.braintreegateway.com/ Frame D1E1	0 292 B	9ms 9ms	XHR text/plain	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Requested by Host: assets.braintreegateway.com URL: https://assets.braintreegateway.com/web/3.27.0/html/hosted-fields-frame.min.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://assets.braintreegateway.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type application/json Response headers Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://assets.braintreegateway.com Connection keep-alive Access-Control-Allow-Headers Content-Length 0
OPTIONS H/1.1	200 OK	5cdj4j9qgxtdb8dn client-analytics.braintreegateway.com/ Frame	0 0	8ms 8ms	Preflight	3.67.234.137 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://client-analytics.braintreegateway.com/5cdj4j9qgxtdb8dn Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.67.234.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-67-234-137.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://assets.braintreegateway.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET, POST, OPTIONS Access-Control-Allow-Origin https://assets.braintreegateway.com Access-Control-Max-Age 3000 Connection keep-alive Content-Length 0 Date Fri, 15 Jul 2022 10:46:06 GMT Server nginx
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=180130112355994&ev=Microdata&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881966463&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Fight%20back%20against%20anti-environment%20politicians!%22%2C%22og%3Adescription%22%3A%22Fossil%20fuel%20giants%20and%20their%20allies%20in%20Washington%20are%20trying%20to%20destroy%20decades%20of%20climate%20progress.%20Donate%20to%20the%20NRDC%20Action%20Fund%20today%2C%20and%20your%20gift%20will%20be%20MATCHED%205X%20to%20fight%20back%20three%20times%20as%20hard!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdewkqxr3ix5n3.cloudfront.net%2Fimages%2Fdon-6733-scotus-cc-chip-somodevilla-getty-images.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%22%2C%22og%3Asite_name%22%3A%22NRDC%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 15 Jul 2022 10:46:06 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2013093915675582&ev=Microdata&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&rl=&if=false&ts=1657881966696&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Fight%20back%20against%20anti-environment%20politicians!%22%2C%22og%3Adescription%22%3A%22Fossil%20fuel%20giants%20and%20their%20allies%20in%20Washington%20are%20trying%20to%20destroy%20decades%20of%20climate%20progress.%20Donate%20to%20the%20NRDC%20Action%20Fund%20today%2C%20and%20your%20gift%20will%20be%20MATCHED%205X%20to%20fight%20back%20three%20times%20as%20hard!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fdewkqxr3ix5n3.cloudfront.net%2Fimages%2Fdon-6733-scotus-cc-chip-somodevilla-getty-images.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%22%2C%22og%3Asite_name%22%3A%22NRDC%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657881965608.368426727&it=1657881965461&coo=false&es=automatic&tm=3&exp=u0&rqm=GET Requested by Host: act.nrdc.org URL: https://act.nrdc.org/donate/6738-af-june-appeal-fye-5x-220620?source=EMOJUNDONAF5&tkd=8133723&utm_source=alert&utm_medium=top&utm_campaign=email&t=16&akid=20252%2E8133723%2Ez6aCBD Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Fri, 15 Jul 2022 10:46:06 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Fri, 15 Jul 2022 10:46:06 GMT
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&RedC=c.clarity.ms&MXFR=2E0A606519F56D6A19F971871DF5637B https://c.clarity.ms/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&MUID=1470843A42DF6007134E95D843B46168	42 B 367 B	28ms 27ms	Image image/gif	20.234.93.27 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&MUID=1470843A42DF6007134E95D843B46168 Protocol H2 Server 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 10:46:06 GMT last-modified Sat, 02 Jul 2022 00:08:47 GMT server Microsoft-IIS/10.0 x-powered-by ASP.NET etag "8a177e6a78dd81:0" p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-type image/gif content-length 42 Redirect headers pragma no-cache date Fri, 15 Jul 2022 10:46:06 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: FF46520747844929B3B8C3905851E9E1 Ref B: FRAEDGE1520 Ref C: 2022-07-15T10:46:07Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?CtsSyncId=861EDAD14506497796A4146B3A174120&MUID=1470843A42DF6007134E95D843B46168 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	collect www.google-analytics.com/	35 B 55 B	6ms 6ms	Image image/gif	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=359692967&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.nrdc.org%2Fdonate%2F6738-af-june-appeal-fye-5x-220620%3Fsource%3DEMOJUNDONAF5%26tkd%3D8133723%26utm_source%3Dalert%26utm_medium%3Dtop%26utm_campaign%3Demail%26t%3D16%26akid%3D20252%252E8133723%252Ez6aCBD&ul=en-us&de=UTF-8&dt=Your%20gift%20matched%205X%20for%20the%20environment!%20%7C%20NRDC%20Action%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Fdonate%2F6738-af-june-appeal-fye-5x-220620&el=25%25&_u=aCDACEABRAAAAC~&jid=&gjid=&cid=1327973737.1657881965&tid=UA-2459249-1&_gid=749606616.1657881965&gtm=2wg7d0WLFNV2&z=1668151973 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://act.nrdc.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Fri, 15 Jul 2022 08:43:40 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 7347 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect Show response e.clarity.ms/	0 25 B	186ms 186ms	XHR text/plain	20.62.48.180 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://e.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/x-clarity-gzip Referer https://act.nrdc.org/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers access-control-allow-origin https://act.nrdc.org date Fri, 15 Jul 2022 10:46:06 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET request-context appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608