urlscan.io logo urlscan.io
SecurityTrails logo

www.ofwaction.com Open in urlscan Pro
198.49.23.144  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://raisethewageaz.org/
Effective URL: https://www.ofwaction.com/arizona
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 11 domains to perform 44 HTTP transactions. The main IP is 198.49.23.144, located in United States and belongs to SQUARESPACE, US. The main domain is www.ofwaction.com.
TLS certificate: Issued by R10 on June 7th 2024. Valid for: 3 months.
This is the only time www.ofwaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
2 198.49.23.144 53831 (SQUARESPACE)
1 2a00:1450:400... 15169 (GOOGLE)
8 151.101.0.237 54113 (FASTLY)
4 151.101.64.238 54113 (FASTLY)
5 151.101.0.238 54113 (FASTLY)
8 2600:9000:249... 16509 (AMAZON-02)
1 20.209.68.129 8075 (MICROSOFT...)
4 2a00:1450:400... 15169 (GOOGLE)
5 45.60.33.183 19551 (INCAPSULA)
1 3.160.150.118 16509 (AMAZON-02)
3 172.217.18.100 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
44 13
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
raisethewageaz.org
2    198.49.23.144 (United States)

ASN53831 (SQUARESPACE, US)
www.ofwaction.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    151.101.0.237 (San Francisco, United States)

ASN54113 (FASTLY, US)
assets.squarespace.com
4    151.101.64.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
static1.squarespace.com
5    151.101.0.238 (San Francisco, United States)

ASN54113 (FASTLY, US)
images.squarespace-cdn.com
8    2600:9000:2490:d000:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
1    20.209.68.129 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
profile.ngpvan.com
secure.everyaction.com
1    3.160.150.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-118.fra60.r.cloudfront.net
js.verygoodvault.com
3    172.217.18.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
12 everyaction.com
static.everyaction.com — Cisco Umbrella Rank: 82230
secure.everyaction.com — Cisco Umbrella Rank: 97871
400 KB
12 squarespace.com
assets.squarespace.com — Cisco Umbrella Rank: 7181
static1.squarespace.com — Cisco Umbrella Rank: 6926
1009 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
245 KB
5 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 6131
2 MB
3 google.com
www.google.com — Cisco Umbrella Rank: 5
962 B
2 ofwaction.com
www.ofwaction.com
19 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 31284
44 KB
1 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 84428
fastaction.ngpvan.com Failed
573 B
1 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 118408
23 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
898 B
1 raisethewageaz.org
raisethewageaz.org
172 B
44 11
Domain Requested by
8 static.everyaction.com www.ofwaction.com
static.everyaction.com
8 assets.squarespace.com www.ofwaction.com
5 images.squarespace-cdn.com www.ofwaction.com
4 secure.everyaction.com static.everyaction.com
4 fonts.gstatic.com fonts.googleapis.com
4 static1.squarespace.com www.ofwaction.com
static1.squarespace.com
3 www.google.com static.everyaction.com
www.gstatic.com
2 www.ofwaction.com assets.squarespace.com
1 www.gstatic.com www.google.com
1 js.verygoodvault.com static.everyaction.com
1 profile.ngpvan.com static.everyaction.com
1 nvlupin.blob.core.windows.net www.ofwaction.com
1 fonts.googleapis.com www.ofwaction.com
1 raisethewageaz.org 1 redirects
0 fastaction.ngpvan.com Failed static.everyaction.com
44 15

This site contains links to these domains. Also see Links.

Domain
twitter.com
secure.everyaction.com
fastaction.ngpvan.com
Subject Issuer Validity Valid
www.ofwaction.com
R10		 2024-06-07 -
2024-09-05		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.squarespace.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-09 -
2025-02-28		 a year crt.sh
*.squarespace-cdn.com
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
static.everyaction.com
Amazon RSA 2048 M03		 2024-04-08 -
2025-05-07		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-03-27 -
2025-03-22		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
*.everyaction.com
RapidSSL TLS ECC CA G1		 2024-03-04 -
2025-03-03		 a year crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.ofwaction.com/arizona
Frame ID: 1D480D3227389C008A79812E55C30858
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGPawZAAAAALMVwEl6CRlW1UbqB54gLM4bVv10&co=aHR0cHM6Ly93d3cub2Z3YWN0aW9uLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=i73ibbwxnbn1
Frame ID: 4B7977BB55014CCFA7C37185AD8FB239
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LeGPawZAAAAALMVwEl6CRlW1UbqB54gLM4bVv10
Frame ID: 9200C9F7D92BAE55E5120116AF1CE332
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Raise the Wage Arizona — One Fair Wage Action

Page URL History Show full URLs

  1. http://raisethewageaz.org/ HTTP 307
    https://raisethewageaz.org/ HTTP 301
    https://www.ofwaction.com/arizona Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!-- This is Squarespace\. -->
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

44
Requests

98 %
HTTPS

31 %
IPv6

11
Domains

15
Subdomains

13
IPs

2
Countries

3303 kB
Transfer

10504 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://raisethewageaz.org/ HTTP 307
    https://raisethewageaz.org/ HTTP 301
    https://www.ofwaction.com/arizona Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request arizona
www.ofwaction.com/
Redirect Chain
  • http://raisethewageaz.org/
  • https://raisethewageaz.org/
  • https://www.ofwaction.com/arizona
119 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
9cb77399122857b9316298720c36462cbbdfb741d583dc4ebb5a01f779e36867
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
19064
content-encoding
gzip
content-length
18745
content-type
text/html;charset=utf-8
date
Tue, 02 Jul 2024 23:32:53 GMT
etag
W/"3c5c49d5b0c2c0c100a3f343f6299eaf"
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
Squarespace
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-contextid
yS4XvfKJ/VnZHzMIx
x-frame-options
SAMEORIGIN SAMEORIGIN

Redirect headers

content-length
68
content-type
text/html; charset=utf-8
date
Wed, 03 Jul 2024 13:57:14 GMT
location
https://www.ofwaction.com/arizona
server
ip-100-74-4-11.eu-west-2.compute.internal
vary
Accept-Encoding
x-request-id
541ed25d-052b-4066-8bac-4d6525289727
css2
fonts.googleapis.com/ 		4 KB
898 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 03 Jul 2024 13:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 03 Jul 2024 13:56:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jul 2024 13:57:15 GMT
modern.js
assets.squarespace.com/@sqs/polyfiller/1.6/ 		115 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
78971, 61334
date
Wed, 03 Jul 2024 13:57:15 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1913970
x-cache
HIT, HIT
content-length
42447
x-served-by
cache-iad-kcgs7200042-IAD, cache-fra-etou8220088-FRA
last-modified
Mon, 31 Oct 2022 21:19:57 GMT
server
UploadServer
x-timer
S1720015036.703706,VS0,VE0
etag
"fe0d53a94823df972dbf107bf190771a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Aug 2024 15:49:35 GMT
extract-css-runtime-e8a8f272233f80309e8b-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-e8a8f272233f80309e8b-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
3c73a7133e46102750b431c342cd60a4ab494034dbcc8250c2a1be4ed2b1b7a1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
29, 283
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
60253
x-cache
HIT, HIT
content-length
15764
x-served-by
cache-iad-kcgs7200140-IAD, cache-fra-etou8220088-FRA
last-modified
Tue, 02 Jul 2024 21:00:53 GMT
server
UploadServer
x-timer
S1720015036.268657,VS0,VE0
etag
"8083e6aa1d75b2a57f4ccf9c0bb2f11d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Jul 2025 21:13:02 GMT
extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		1 MB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-6f117db4eb7fd4392375-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
26406777f9af4ddc05d094cad0ff9015cdbbfb393b13678e676d3a4a6292c5d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
57750
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
gzip
via
1.1 varnish
age
655232
x-cache
HIT
fastly-restarts
1
content-length
128743
x-served-by
cache-fra-etou8220088-FRA
last-modified
Thu, 07 Mar 2024 16:08:11 GMT
server
UploadServer
x-timer
S1720015036.268744,VS0,VE0
etag
"fbe43b1f7f944c9fde759ab090f61c42"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 08 Mar 2025 08:04:38 GMT
cldr-resource-pack-15305921bb94c505cd92-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		89 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-15305921bb94c505cd92-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
90b8f146c7c76f1082649aa206d0f45502a5e4e9112a42e1215896a847166922

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
57142
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
gzip
via
1.1 varnish
age
655232
x-cache
HIT
fastly-restarts
1
content-length
19872
x-served-by
cache-fra-etou8220088-FRA
last-modified
Fri, 07 Jun 2024 19:28:28 GMT
server
UploadServer
x-timer
S1720015036.272312,VS0,VE0
etag
"b4a755c7e39d57314f0f0e17de3a6f69"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Jun 2025 23:56:44 GMT
common-vendors-stable-0f51b06fac4ba1f7c845-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-0f51b06fac4ba1f7c845-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
ac50c5fde5be3a1dfafd0065c3f8d98ee145c040b6050f2543bc1b8c8801f768

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
8, 50867
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
1291124
x-cache
HIT, HIT
content-length
70760
x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-etou8220088-FRA
last-modified
Mon, 17 Jun 2024 21:20:01 GMT
server
UploadServer
x-timer
S1720015036.272706,VS0,VE0
etag
"850c2ab18f51fb4579b453ef89ce47fd"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 18 Jun 2025 15:18:32 GMT
common-vendors-67c0bc7ccc66b465925a-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		665 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-vendors-67c0bc7ccc66b465925a-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
a193ede46eac2206939d82fb4386092b8c4e07d5c7c8357e0220004cee0b3530

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
8, 3459
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
164319
x-cache
HIT, HIT
content-length
164179
x-served-by
cache-iad-kcgs7200085-IAD, cache-fra-etou8220088-FRA
last-modified
Mon, 01 Jul 2024 16:08:30 GMT
server
UploadServer
x-timer
S1720015036.272525,VS0,VE0
etag
"a7e6e22f61c495c07e25299b0e30303a"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Jul 2025 16:18:37 GMT
common-00f44c6fd6b1abf4ec76-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		2 MB
383 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/common-00f44c6fd6b1abf4ec76-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
09f5a80a857c266cf835fb8ada835c8effbfa4e87cc3428c0879d48284fbf627

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
24, 367
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
71970
x-cache
HIT, HIT
content-length
391395
x-served-by
cache-iad-kcgs7200163-IAD, cache-fra-etou8220088-FRA
last-modified
Tue, 02 Jul 2024 17:45:19 GMT
server
UploadServer
x-timer
S1720015036.272593,VS0,VE0
etag
"a377c1a8ca03188269477ecc3a2d8c05"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 02 Jul 2025 17:57:46 GMT
performance-4522bbfc080d479ff3e5-min.en-US.js
assets.squarespace.com/universal/scripts-compressed/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.squarespace.com/universal/scripts-compressed/performance-4522bbfc080d479ff3e5-min.en-US.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.237 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7c0e728c40553f614845c210b2df6918231320ad96efbb43b30ac63d7cee09f5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
5, 18010
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
415644
x-cache
HIT, HIT
content-length
11831
x-served-by
cache-iad-kiad7000045-IAD, cache-fra-etou8220088-FRA
last-modified
Fri, 28 Jun 2024 15:53:50 GMT
server
UploadServer
x-timer
S1720015036.272947,VS0,VE0
etag
"af9653c93c3a482924a0f20d0af5a4e2"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Jun 2025 18:29:52 GMT
site.css
static1.squarespace.com/static/versioned-site-css/62e84d59e374d3752ba0cabc/33/5c5a519771c10ba3470d8101/62e84d59e374d3752ba0cac9/1537/ 		1 MB
118 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/versioned-site-css/62e84d59e374d3752ba0cabc/33/5c5a519771c10ba3470d8101/62e84d59e374d3752ba0cac9/1537/site.css
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
dc8b48ea9e42585403bffc1fc2a6343292be7900af0145e657a7c14356623770
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
29, 0
date
Wed, 03 Jul 2024 13:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
413692
x-cache
HIT, HIT
x-contextid
BB2HA24G/nSqxgD8H
content-length
120181
x-served-by
cache-dfw-kdfw8210036-DFW, cache-fra-etou8220091-FRA
pragma
cache
server
Squarespace
x-timer
S1720015036.803434,VS0,VE1
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
static.css
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1718130742063-ZB0N0KP2JGXANVM5KICL/ 		201 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/versioned-assets/1718130742063-ZB0N0KP2JGXANVM5KICL/static.css
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
78589e5bbce7223f047efffa35475eacf0dbbc7855486affceb6b3fcfa0d2fa5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
1252, 2636
date
Wed, 03 Jul 2024 13:57:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
111713
x-cache
HIT, HIT
x-contextid
C1TSVEnU/o9kfM4eM
content-length
15688
x-served-by
cache-dfw-kdal2120085-DFW, cache-fra-etou8220091-FRA
pragma
cache
server
Squarespace
x-timer
S1720015036.803563,VS0,VE0
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
Clear+ACTION.png
images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/6f1c7703-4a95-402a-a404-2435d6f55427/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/6f1c7703-4a95-402a-a404-2435d6f55427/Clear+ACTION.png?format=1500w
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97e476f1f7d9f49e2ccd3fafbd05934c9dfaba72780153860fe7cd1787dbe5d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
39, 0
date
Wed, 03 Jul 2024 13:57:15 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
2325000
x-cache
HIT, HIT
content-length
168902
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra-etou8220034-FRA
x-timer
S1720015036.931666,VS0,VE1
etag
CMuOqLe+rfkCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
true
tracepoint
Fastly
tempImagepMVTDz.jpg
images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/945b7dea-cec7-4fe4-bc8e-8c2d82085726/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/945b7dea-cec7-4fe4-bc8e-8c2d82085726/tempImagepMVTDz.jpg?format=2500w
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b026169f6414d8688bcbff1261b6b92dcd122f238be584897ba28badbd292ca0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
7, 0
date
Wed, 03 Jul 2024 13:57:15 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
510989
x-cache
HIT, HIT
content-length
1415025
x-served-by
cache-iad-kiad7000153-IAD, cache-fra-etou8220034-FRA
x-timer
S1720015036.931244,VS0,VE1
etag
CNmCw+vDgfsCEAE=
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
true
tracepoint
Fastly
at.js
static.everyaction.com/ea-actiontag/ 		840 KB
242 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2455f0ddd48556f82ecfc9d567e785c754b77c1ee02efa6b2d736efbb585bb67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:37:34 GMT
content-encoding
gzip
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
83982
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
247305
last-modified
Tue, 18 Jun 2024 14:36:29 GMT
server
AmazonS3
etag
"d582f15b48990e5490a6cfe0117702cf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
DtW2NrOT8HNbeZEsscT0jHndwUuO3y-temMnoaQBKl31jmLUe_FRCw==
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd21a7169e9b84a9268bff0aa4b4d2f245124b43a427dd072b28077daf08add

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:37:10 GMT
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
84006
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11715
last-modified
Tue, 18 Jun 2024 14:36:29 GMT
server
AmazonS3
etag
"b50bc2fcaca1e2114e7c293a6de80935"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
oV8JOzCY_9cyS2hOkB2j8hoZM-_NlJYISbhpKASyx_ZBwPMHqmn7JQ==
CustomStylesheet_dba9f0c6da4aecdd9be73fd9879f589c2e93464ec095b53fcd1de28c5700e334.css
nvlupin.blob.core.windows.net/designs/ 		23 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nvlupin.blob.core.windows.net/designs/CustomStylesheet_dba9f0c6da4aecdd9be73fd9879f589c2e93464ec095b53fcd1de28c5700e334.css
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0cd0c979ab43779d866c35d6bbe740adcc298e95265345d8902f1258f8c2c51b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 03 Jul 2024 13:57:16 GMT
Last-Modified
Thu, 15 Sep 2022 12:40:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
+DxNheWC4PZSkioVt56sIw==
ETag
0x8DA971779E703DF
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
x-ms-request-id
d28bf429-901e-0060-3750-cd190f000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control
max-age=31536000
x-ms-version
2009-09-19
Content-Length
23244
site-bundle.951f531f248730580867fa534b60d99a.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		257 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.951f531f248730580867fa534b60d99a.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
db87c82c3db84b9e0b184b0910a011bc9953cca61e7cb2ad8e67c1cfc800be59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
23, 6708
date
Wed, 03 Jul 2024 13:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
166880
x-cache
HIT, HIT
x-contextid
AfyuYRRd/cH73sX2Q
content-length
48240
x-served-by
cache-dfw-kdfw8210058-DFW, cache-fra-etou8220091-FRA
pragma
cache
server
Squarespace
x-timer
S1720015036.272514,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
Clear+ACTION.png
images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/6f1c7703-4a95-402a-a404-2435d6f55427/ 		165 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/6f1c7703-4a95-402a-a404-2435d6f55427/Clear+ACTION.png?format=1500w
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
97e476f1f7d9f49e2ccd3fafbd05934c9dfaba72780153860fe7cd1787dbe5d2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
39, 0
date
Wed, 03 Jul 2024 13:57:15 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
2325000
x-cache
HIT, HIT
content-length
168902
x-served-by
cache-iad-kcgs7200113-IAD, cache-fra-etou8220034-FRA
x-timer
S1720015036.931666,VS0,VE1
etag
CMuOqLe+rfkCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
true
tracepoint
Fastly
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 17:07:09 GMT
x-content-type-options
nosniff
age
507007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Jun 2025 17:07:09 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:03:16 GMT
x-content-type-options
nosniff
age
82440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:03:16 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:03:17 GMT
x-content-type-options
nosniff
age
82439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:03:17 GMT
OFW-3.png
images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/c9344027-64c0-431e-895a-86e8a474a4ac/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/c9344027-64c0-431e-895a-86e8a474a4ac/OFW-3.png?format=750w
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e30a13bd2d45ceb62894f666ab96c635a91c7a1f130811b95d46bd406c43a1c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
13, 0
date
Wed, 03 Jul 2024 13:57:16 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
1080390
x-cache
HIT, HIT
content-length
11222
x-served-by
cache-iad-kcgs7200047-IAD, cache-fra-etou8220034-FRA
x-timer
S1720015036.440335,VS0,VE4
etag
CJKKnsH7+foCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
true
tracepoint
Fastly
at.js
static.everyaction.com/ea-actiontag/ 		840 KB
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: www.ofwaction.com
URL: https://www.ofwaction.com/arizona
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2455f0ddd48556f82ecfc9d567e785c754b77c1ee02efa6b2d736efbb585bb67

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:37:34 GMT
via
1.1 7b20af4202adb6ef25a7920ed74908dc.cloudfront.net (CloudFront)
content-encoding
gzip
x-amz-cf-pop
FRA56-P6
age
83983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
247305
last-modified
Tue, 18 Jun 2024 14:36:29 GMT
server
AmazonS3
etag
"d582f15b48990e5490a6cfe0117702cf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
Op67OSzQTVw7IiJPU1Fmx3Qm9F9vMhfyGBTWrT3j1YdarQjKpij_Fw==
floating-cart.11c2f1b3c1cb2ba0d418.js
static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/ 		451 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/floating-cart.11c2f1b3c1cb2ba0d418.js
Requested by
Host: static1.squarespace.com
URL: https://static1.squarespace.com/static/vta/5c5a519771c10ba3470d8101/scripts/site-bundle.951f531f248730580867fa534b60d99a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.64.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Squarespace /
Resource Hash
a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
38090, 17738
date
Wed, 03 Jul 2024 13:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
age
1108062
x-cache
HIT, HIT
x-contextid
HYDJfexd/HhP0IAI9
content-length
303
x-served-by
cache-dfw-kdfw8210163-DFW, cache-fra-etou8220091-FRA
pragma
cache
server
Squarespace
x-timer
S1720015038.790882,VS0,VE0
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=94608000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a28e1c37b5b3f5a3aee71cf21d6624cc811ea45cb3df7011ff902ae5fcbfc31e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 14:37:35 GMT
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
83983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14169
last-modified
Tue, 18 Jun 2024 14:36:29 GMT
server
AmazonS3
etag
"2ffa6dfc304a10e220888c5a085b64d1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
accept-ranges
bytes
x-amz-cf-id
_6j0jp75kySDv9zSETYoQYwAYVSpdgz03e6J5ybTWzOiqe9WLlf9Dg==
identity
profile.ngpvan.com/ 		0
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 13:57:18 GMT
reason
Returned 204 - No Content. Referrer not whitelisted
server
Microsoft-IIS/10.0
x-cdn
Imperva
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express, ASP.NET
x-iinfo
12-148197214-148197290 NNNN CT(86 183 0) RT(1720015037245 218) q(0 2 5 228) r(6 6) U24
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-118.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding
gzip
Via
1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront)
Date
Wed, 03 Jul 2024 13:57:18 GMT
X-Amz-Cf-Pop
FRA60-P7
Age
32
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Server
AmazonS3
ETag
W/"156be461dd96d02fce3792c020f7748a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Id
e77PpMU9Xoo7l-3P75OjPf6xM_WwpVWFZqZ6-w3e3iCMZ-qjpgiX-w==
gmbn5t9pyUqoa1mYY1vjYQ2
secure.everyaction.com/v1/Forms/ 		42 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/v1/Forms/gmbn5t9pyUqoa1mYY1vjYQ2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
85c4843eb2ed18238e4c3d721c261b6ddc6b2c8801b6bd13e268fe0299b272cd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 13:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
13-162960577-162552913 2NNN RT(1720015037312 126) q(0 2 2 246) r(6 6)
content-length
12059
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ofwaction.com
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
wRPZ4z7bV0ik1h0DxOf52g2
secure.everyaction.com/v1/Forms/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/v1/Forms/wRPZ4z7bV0ik1h0DxOf52g2
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
95c84067ae7089cd710add3cd373d4a9791335857b28156aa22e8ddcf0fd0038
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 13:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-cdn
Imperva
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo
13-162960577-162718637 2NNN RT(1720015037312 126) q(0 2 2 245) r(6 6)
content-length
2029
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary
Origin,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.ofwaction.com
access-control-expose-headers
Request-Context
cache-control
public, max-age=10
access-control-allow-credentials
true
RecordHit
www.ofwaction.com/api/census/ 		17 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.ofwaction.com/api/census/RecordHit
Requested by
Host: assets.squarespace.com
URL: https://assets.squarespace.com/universal/scripts-compressed/common-vendors-67c0bc7ccc66b465925a-min.en-US.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.49.23.144 , United States, ASN53831 (SQUARESPACE, US),
Reverse DNS
Software
Squarespace /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-CSRF-Token
BQ1q/NuqGsE1NTI4MWMzODU2ZjcwZWI4M2YwYzBmMTUyNWNiNmMx
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/plain, */*
sec-ch-ua-platform-version
"10.0.0"
Referer
https://www.ofwaction.com/arizona
sec-ch-ua-model
""
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 13:57:18 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
server
Squarespace
age
0
content-type
application/json;charset=utf-8
x-contextid
5VK72IXM/iksxjK5P
accept-ranges
bytes
content-length
17
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,300;0,400;0,500;0,700;1,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jul 2024 15:11:45 GMT
x-content-type-options
nosniff
age
81933
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Jul 2025 15:11:45 GMT
favicon.ico
images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/a9834474-ce01-493d-9943-527d3afd1d42/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://images.squarespace-cdn.com/content/v1/62e84d59e374d3752ba0cabc/a9834474-ce01-493d-9943-527d3afd1d42/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.238 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46b6557dc2f28fc65d2e283b9e17d4e9609d45c8c7a7071f595fd2046cc5b9d1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
38, 0
date
Wed, 03 Jul 2024 13:57:18 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
501137
x-cache
HIT, HIT
content-length
1938
x-served-by
cache-iad-kiad7000152-IAD, cache-fra-etou8220034-FRA
x-timer
S1720015039.750340,VS0,VE1
etag
CO3Q7drLrfkCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=31536000,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
x-sqsp-is-public
true
tracepoint
Fastly
api.js
www.google.com/recaptcha/ 		1 KB
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
b25d55e9df6af94720da527398f910187209ddd55e4e3a1af7241ad1c3256726
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 13:57:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Wed, 03 Jul 2024 13:57:18 GMT
identity
fastaction.ngpvan.com/api/v2/ 		0
0
wRPZ4z7bV0ik1h0DxOf52g2
secure.everyaction.com/v1/Track/ 		0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/wRPZ4z7bV0ik1h0DxOf52g2?formSessionId=894ba0f9-981c-4059-b728-c48ac8cf0add&bName=chrome&dType=desktop&formVersion=1/17/2023%2012:23:26%20AM|&fUrl=aHR0cHM6Ly93d3cub2Z3YWN0aW9uLmNvbS9hcml6b25h&fRef=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Wed, 03 Jul 2024 13:57:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
13-162960577-162960718 NNNN CT(86 200 0) RT(1720015037312 925) q(0 0 3 -1) r(4 4) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
intlTelInput.min.css
static.everyaction.com/ea-actiontag/assets/styles/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 02:41:46 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
last-modified
Wed, 06 Jul 2022 18:06:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
40534
etag
"7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
19755
x-amz-cf-id
3Dlp9mxNb2GVeWRdSwqwz7mU5Zrt8kELIsQcYuhEvRAaMaJK2U7Lgg==
intlTelInput.js
static.everyaction.com/ea-actiontag/assets/js/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 20:12:40 GMT
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2569478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20855
last-modified
Tue, 11 Apr 2023 14:36:16 GMT
server
AmazonS3
etag
"0d84f90a2a517cacd498722e0fe0500e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1HI2_HZHDtU-G764Q5ATk-EB0-mgw0-6GBWlQpplhSiWCjIl1_LS7A==
intl-tel.input.utils.js
static.everyaction.com/ea-actiontag/assets/js/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 20:12:40 GMT
content-encoding
gzip
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2569478
x-cache
Hit from cloudfront
content-length
56004
last-modified
Tue, 12 Apr 2022 14:33:00 GMT
server
AmazonS3
etag
"4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Cqr95zetnr2518U1QPkWErh-Bu-AGuy8133lAZeof-iWJibPSwKdXw==
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
gmbn5t9pyUqoa1mYY1vjYQ2
secure.everyaction.com/v1/Track/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/gmbn5t9pyUqoa1mYY1vjYQ2?formSessionId=8fed0fa1-b058-487e-b47a-fc4c40640f88&bName=chrome&dType=desktop&formVersion=11/5/2022%204:37:33%20AM|&fUrl=aHR0cHM6Ly93d3cub2Z3YWN0aW9uLmNvbS9hcml6b25h&fRef=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
pragma
no-cache
date
Wed, 03 Jul 2024 13:57:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn
Imperva
x-frame-options
SAMEORIGIN
x-iinfo
13-162960577-162960718 PNNN RT(1720015037312 1106) q(0 0 1 -1) r(2 2) U2
access-control-expose-headers
Request-Context
cache-control
no-cache
content-length
0
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.ofwaction.com/
Origin
https://www.ofwaction.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Jul 2024 10:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Jul 2025 10:32:02 GMT
flags.png
static.everyaction.com/ea-actiontag/assets/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.everyaction.com/ea-actiontag/assets/images/flags.png
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:d000:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Sep 2023 09:13:32 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
24036228
x-cache
Hit from cloudfront
content-length
20389
last-modified
Tue, 07 Dec 2021 15:33:44 GMT
server
AmazonS3
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Fwa3CzzlQJUWqTybJWF9DfDuWV7IgHfdtZghDEyBqHsOXg2U8ei-KA==
anchor
www.google.com/recaptcha/api2/ Frame 4B79 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeGPawZAAAAALMVwEl6CRlW1UbqB54gLM4bVv10&co=aHR0cHM6Ly93d3cub2Z3YWN0aW9uLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=i73ibbwxnbn1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IS2luLN5DtFRCcD-4IY7rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.ofwaction.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-IS2luLN5DtFRCcD-4IY7rQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 13:57:19 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
bframe
www.google.com/recaptcha/api2/ Frame 9200 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6LeGPawZAAAAALMVwEl6CRlW1UbqB54gLM4bVv10
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PQNLjpVURNJ83Y36VDLLmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.ofwaction.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PQNLjpVURNJ83Y36VDLLmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Jul 2024 13:57:20 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastaction.ngpvan.com
URL
https://fastaction.ngpvan.com/api/v2/identity

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 undefined| event object| fence object| sharedStorage object| SQUARESPACE_ROLLUPS object| Static function| _ object| Backbone object| CSSModal object| nvtag object| dataLayer object| _gaq object| user object| nvtag_plugins object| webpackChunk_sqs_polyfiller object| webpackChunkextract_css object| SQUARESPACE_I18N object| YUI_CONFIG function| YUI function| __extends function| __assign function| __rest function| __decorate function| __param function| __esDecorate function| __runInitializers function| __propKey function| __setFunctionName function| __metadata function| __awaiter function| __generator function| __exportStar function| __createBinding function| __values function| __read function| __spread function| __spreadArrays function| __spreadArray function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| __classPrivateFieldGet function| __classPrivateFieldSet function| __classPrivateFieldIn function| __addDisposableResource function| __disposeResources object| regeneratorRuntime object| core object| __sqsWebGL object| websiteComponents function| Common boolean| COMMON_ALREADY_RAN function| noop object| Singleton object| Class object| Squarespace object| SquarespaceFonts object| webpackChunknew_bedford_framework function| _jqjsp object| Y object| YUIStats string| _YUI_HISTORY_HASH_ENVIRONMENT_ID string| _yuid object| ESC_MANAGER object| Modernizr object| ImageLoader object| JSTween string| id object| VgForm object| SecureForm object| VGSCollect object| formview object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils object| recaptcha object| closure_lm_456350

7 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AOG26BcNOTjTFtwOE0wvl146SrLNNv2B-Os_OV_pM626_-jrcvz5np9NB8U6gVeEicg4TQPdWkz2QPtFqeBCM2s
www.ofwaction.com/ Name: crumb
Value: BQ1q/NuqGsE1NTI4MWMzODU2ZjcwZWI4M2YwYzBmMTUyNWNiNmMx
www.ofwaction.com/ Name: ss_cvr
Value: 88cc10d4-04c2-48a5-919e-52854f68fb2b|1720015038014|1720015038014|1720015038014|1
www.ofwaction.com/ Name: ss_cvt
Value: 1720015038014
.everyaction.com/ Name: visid_incap_823975
Value: z865WGV4SQyrwSRJfR0Jhr1YhWYAAAAAQUIPAAAAAAAnpOtl27PSoI/iAGHcaxzB
.everyaction.com/ Name: nlbi_823975
Value: 7NPlaORRXFtbroiXxwoUeQAAAADkxnSsL0rPPM0W/cE6bRbG
.everyaction.com/ Name: incap_ses_1515_823975
Value: x1wZVq56ZGUvf/ktjlwGFb5YhWYAAAAAg/z7IzY4Ag2pa7yOjNs2qQ==

2 Console Messages

Source Level URL
Text
javascript error URL: https://www.ofwaction.com/arizona
Message:
Access to XMLHttpRequest at 'https://fastaction.ngpvan.com/api/v2/identity' from origin 'https://www.ofwaction.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://fastaction.ngpvan.com/api/v2/identity
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.squarespace.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
images.squarespace-cdn.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
raisethewageaz.org
secure.everyaction.com
static.everyaction.com
static1.squarespace.com
www.google.com
www.gstatic.com
www.ofwaction.com
fastaction.ngpvan.com
151.101.0.237
151.101.0.238
151.101.64.238
172.217.18.100
198.49.23.144
20.209.68.129
2600:9000:2490:d000:3:1d53:4780:93a1
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
3.160.150.118
3.33.251.168
45.60.33.183
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
09f5a80a857c266cf835fb8ada835c8effbfa4e87cc3428c0879d48284fbf627
0cd0c979ab43779d866c35d6bbe740adcc298e95265345d8902f1258f8c2c51b
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
2455f0ddd48556f82ecfc9d567e785c754b77c1ee02efa6b2d736efbb585bb67
26406777f9af4ddc05d094cad0ff9015cdbbfb393b13678e676d3a4a6292c5d8
2dd21a7169e9b84a9268bff0aa4b4d2f245124b43a427dd072b28077daf08add
3c73a7133e46102750b431c342cd60a4ab494034dbcc8250c2a1be4ed2b1b7a1
3e30a13bd2d45ceb62894f666ab96c635a91c7a1f130811b95d46bd406c43a1c
46b6557dc2f28fc65d2e283b9e17d4e9609d45c8c7a7071f595fd2046cc5b9d1
54e832663426c696b1f603379026e5e15720e8c812bbbc60d63aa2ad8a479f75
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
78589e5bbce7223f047efffa35475eacf0dbbc7855486affceb6b3fcfa0d2fa5
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7c0e728c40553f614845c210b2df6918231320ad96efbb43b30ac63d7cee09f5
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
851f6306bd352041009fdb4f3d399f68d18d54fc9aef4529bc964b80861895d0
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
85c4843eb2ed18238e4c3d721c261b6ddc6b2c8801b6bd13e268fe0299b272cd
90b8f146c7c76f1082649aa206d0f45502a5e4e9112a42e1215896a847166922
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
95c84067ae7089cd710add3cd373d4a9791335857b28156aa22e8ddcf0fd0038
97e476f1f7d9f49e2ccd3fafbd05934c9dfaba72780153860fe7cd1787dbe5d2
9cb77399122857b9316298720c36462cbbdfb741d583dc4ebb5a01f779e36867
a193ede46eac2206939d82fb4386092b8c4e07d5c7c8357e0220004cee0b3530
a28e1c37b5b3f5a3aee71cf21d6624cc811ea45cb3df7011ff902ae5fcbfc31e
a61ddd7c4db00fa694a870c95e1d2afa9fa3bf7034d92c8f68a341fc21edb053
ac50c5fde5be3a1dfafd0065c3f8d98ee145c040b6050f2543bc1b8c8801f768
b026169f6414d8688bcbff1261b6b92dcd122f238be584897ba28badbd292ca0
b25d55e9df6af94720da527398f910187209ddd55e4e3a1af7241ad1c3256726
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
db87c82c3db84b9e0b184b0910a011bc9953cca61e7cb2ad8e67c1cfc800be59
dc8b48ea9e42585403bffc1fc2a6343292be7900af0145e657a7c14356623770
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc