act.wilderness.org Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mbl.ms/n4gkdTCRIkl
Effective URL:
https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Submission: On July 14 via manual (July 14th 2022, 5:15:22 pm UTC) from DE — Scanned from DE

Summary HTTP 81 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 39 IPs in 6 countries across 30 domains to perform 81 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is act.wilderness.org.
TLS certificate: Issued by SSL.com RSA SSL subCA on June 7th 2022. Valid for: a year.

This is the only time act.wilderness.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.60.103.183 45.60.103.183	19551 (INCAPSULA) (INCAPSULA)
4	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
5	2600:9000:21f... 2600:9000:21f3:e200:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
6	20.60.58.97 20.60.58.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	54.193.7.186 54.193.7.186	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7ee1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2606:2800:11f... 2606:2800:11f:17a5:191a:18d5:537:22f9	15133 (EDGECAST) (EDGECAST)
7	45.60.31.183 45.60.31.183	19551 (INCAPSULA) (INCAPSULA)
1	2600:9000:225... 2600:9000:2251:5600:14:79be:a380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
1	199.127.207.188 199.127.207.188	26120 (RHYTHMONE) (RHYTHMONE)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2620:1ec:27::... 2620:1ec:27::cafe:1734	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.34.182.55 52.34.182.55	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:3a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	20.62.48.180 20.62.48.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.69.106.216 13.69.106.216	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 6	2600:9000:215... 2600:9000:2156:5c00:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.240.24.63 34.240.24.63	16509 (AMAZON-02) (AMAZON-02)
81	39

1 45.60.103.183 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

mbl.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

act.wilderness.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21f3:e200:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.193.7.186 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-7-186.us-west-1.compute.amazonaws.com

i.icomoon.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:11f:17a5:191a:18d5:537:22f9 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.31.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
advocator.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:5600:14:79be:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js2.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

11257983.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

try.abtasty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.188 (United States)

ASN26120 (RHYTHMONE, US)

rs.gwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:27::cafe:1734 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.34.182.55 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-182-55.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:3a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.62.48.180 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.216 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2156:5c00:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.24.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-24-63.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 2518 d.adroll.com — Cisco Umbrella Rank: 1676	21 KB
7	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 110759 secure.everyaction.com — Cisco Umbrella Rank: 71260	361 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 600 e.clarity.ms — Cisco Umbrella Rank: 6042 c.clarity.ms — Cisco Umbrella Rank: 1163	26 KB
6	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 60439	3 MB
5	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	678 B
5	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 68116 advocator.ngpvan.com — Cisco Umbrella Rank: 369662 fastaction.ngpvan.com — Cisco Umbrella Rank: 149688 secure.ngpvan.com — Cisco Umbrella Rank: 78326	8 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 666 p.typekit.net — Cisco Umbrella Rank: 786	94 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 398 c.bing.com — Cisco Umbrella Rank: 235	12 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69 region1.google-analytics.com — Cisco Umbrella Rank: 2603	20 KB
4	wilderness.org act.wilderness.org	27 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 401	7 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	112 KB
3	doubleclick.net 1 redirects 11257983.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138	2 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 679	306 B
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 799	879 B
2	google.de www.google.de — Cisco Umbrella Rank: 4915 adservice.google.de — Cisco Umbrella Rank: 6937	1 KB
2	google.com www.google.com — Cisco Umbrella Rank: 17 adservice.google.com — Cisco Umbrella Rank: 103	1 KB
2	alocdn.com 1 redirects p.alocdn.com — Cisco Umbrella Rank: 7013	663 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1149 pixel.quantserve.com — Cisco Umbrella Rank: 489	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	156 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 81 ajax.googleapis.com — Cisco Umbrella Rank: 350	31 KB
2	icomoon.io i.icomoon.io — Cisco Umbrella Rank: 49393	6 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1093	1 KB
1	gwallet.com rs.gwallet.com — Cisco Umbrella Rank: 17666	391 B
1	abtasty.com try.abtasty.com — Cisco Umbrella Rank: 9837	373 B
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	verygoodvault.com js2.verygoodvault.com — Cisco Umbrella Rank: 77507	24 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 1967	46 KB
1	mbl.ms 1 redirects mbl.ms	1 KB
81	30

	Domain	Requested by
6	s.adroll.com	2 redirects act.wilderness.org s.adroll.com
6	nvlupin.blob.core.windows.net	act.wilderness.org nvlupin.blob.core.windows.net
5	www.facebook.com	act.wilderness.org
5	static.everyaction.com	act.wilderness.org static.everyaction.com
4	use.typekit.net	act.wilderness.org use.typekit.net
4	act.wilderness.org	act.wilderness.org az416426.vo.msecnd.net
3	s.yimg.com	act.wilderness.org s.yimg.com
3	connect.facebook.net	act.wilderness.org connect.facebook.net
3	bat.bing.com	www.googletagmanager.com bat.bing.com act.wilderness.org
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	c.clarity.ms	1 redirects
2	secure.everyaction.com	act.wilderness.org az416426.vo.msecnd.net
2	e.clarity.ms	az416426.vo.msecnd.net
2	sp.analytics.yahoo.com	act.wilderness.org
2	px.ads.linkedin.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	p.alocdn.com	1 redirects act.wilderness.org
2	www.clarity.ms	act.wilderness.org www.clarity.ms
2	11257983.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com act.wilderness.org
2	profile.ngpvan.com	static.everyaction.com az416426.vo.msecnd.net
2	www.googletagmanager.com	act.wilderness.org www.googletagmanager.com
2	i.icomoon.io	act.wilderness.org i.icomoon.io
1	d.adroll.com	s.adroll.com
1	c.bing.com	1 redirects
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	static.everyaction.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	11257983.fls.doubleclick.net
1	pixel.quantserve.com	act.wilderness.org
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	act.wilderness.org
1	www.google.com	act.wilderness.org
1	px4.ads.linkedin.com	act.wilderness.org
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	rs.gwallet.com	act.wilderness.org
1	try.abtasty.com	www.googletagmanager.com
1	secure.quantserve.com	act.wilderness.org
1	snap.licdn.com	www.googletagmanager.com
1	advocator.ngpvan.com	static.everyaction.com
1	js2.verygoodvault.com	static.everyaction.com
1	az416426.vo.msecnd.net	act.wilderness.org
1	p.typekit.net	use.typekit.net
1	ajax.googleapis.com	act.wilderness.org
1	fonts.googleapis.com	act.wilderness.org
1	mbl.ms	1 redirects
81	47

This site contains links to these domains. Also see Links.

Domain
www.wilderness.org
fastaction.ngpvan.com

Subject Issuer	Validity	Valid
clusteroa-mcghe.ngpvanapp.com SSL.com RSA SSL subCA	`2022-06-07` - `2023-06-07`	a year	crt.sh
static.everyaction.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2022-04-26` - `2023-04-26`	a year	crt.sh
i.icomoon.io RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-31` - `2022-12-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1	`2022-03-07` - `2023-04-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2021-08-06` - `2022-08-06`	a year	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-30` - `2023-01-14`	a year	crt.sh
*.verygoodvault.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
advocator.everyaction.com SSL.com RSA SSL subCA	`2022-04-12` - `2023-04-12`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
try.abtasty.com Amazon	`2022-06-27` - `2023-07-26`	a year	crt.sh
*.gwallet.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-13` - `2022-08-03`	2 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
*.everyaction.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-11` - `2023-04-11`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2022-06-22` - `2023-06-22`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Frame ID: ADD809D6989C2C2DC4130E3C3F1C169B
Requests: 78 HTTP requests in this frame

Frame: https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4
Frame ID: F70846DA3CAA005CCD7EB441D01BB1C5
Requests: 1 HTTP requests in this frame

Frame: https://rs.gwallet.com/r1/pixeltag/x560r745018521
Frame ID: 7AB402D3133A52BFD13B835C9BFAE82D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4
Frame ID: 54E7DAD4A65C738491C16E7CD2F9E433
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4
Frame ID: F7FBCCAF44940C68444D4BF9C0EE3C54
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Advocate for Wilderness

Page URL History Show full URLs

https://mbl.ms/n4gkdTCRIkl HTTP 301
https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-... Page URL

Detected technologies

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

94 %
HTTPS

63 %
IPv6

30
Domains

47
Subdomains

39
IPs

6
Countries

4243 kB
Transfer

5973 kB
Size

51
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.wilderness.org/

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.wilderness.org/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mbl.ms/n4gkdTCRIkl HTTP 301
https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://11257983.fls.doubleclick.net/activityi;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4 HTTP 302
https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4

Request Chain 32

https://p.alocdn.com/c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819 HTTP 302
https://p.alocdn.com/c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819&tdc=1&url=https%3A%2F%2Fact.wilderness.org%2F

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3840156%26time%3D1657818916276%26url%3Dhttps%253A%252F%252Fact.wilderness.org%252Fa%252Ftell-forest-service-follow-science-boundary-waters-osp%253Fmmdr%253D664402b4-c131-4253-9886-1fa51e7ee3d4%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&liSync=true&e_ipv6=AQIil8urUy-YtQAAAYH9tSb_Krn7-_cGRmaIgzJ5qB4YA3I8z7IePvF9diF-vpe1PA

Request Chain 72

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&RedC=c.clarity.ms&MXFR=039D8B221F8A66DC33299AC31B8A68FC HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&MUID=357FC4B20A5267892863D5530BFE66C6

Request Chain 76

https://s.adroll.com/j/exp/O43CRPIAP5BJ7HSYDYEDUM/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 77

https://s.adroll.com/j/pre/O43CRPIAP5BJ7HSYDYEDUM/BTX767UN2FGAFBOFKRNHDZ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

81 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request tell-forest-service-follow-science-boundary-waters-osp Show response
act.wilderness.org/a/
Redirect Chain

https://mbl.ms/n4gkdTCRIkl
https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

12 KB
5 KB

488ms
395ms

Document
text/html

45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

dd789851486f36c5fa38c088ec4173d2bd32a389378c7628603f5a06c6f2ca0d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Thu, 14 Jul 2022 17:15:15 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 3-5567681-5567684 NNNN CT(85 182 0) RT(1657818914211 12) q(0 0 2 1) r(4 4) U18
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Content-Length: 0
Date: Thu, 14 Jul 2022 17:15:14 GMT
Expires: -1
Location: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-CDN: Imperva
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Iinfo: 13-43294407-43294466 NNNN CT(24 54 0) RT(1657818913006 104) q(0 0 0 2) r(8 8) U11
X-XSS-Protection: 1; mode=block

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 812 KB
230 KB 74ms
8ms Script
application/javascript 2600:9000:21f3:e200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2743c18ddff35b1aa702877ba04368697914866d9593d7365df397153932ab8

Request headers

Referer: https://act.wilderness.org/
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:08:37 GMT
content-encoding: gzip
age: 83199
x-cache: Hit from cloudfront
content-length: 234541
access-control-allow-origin: *
last-modified: Wed, 13 Jul 2022 18:08:14 GMT
server: AmazonS3
etag: "45c303ae39485251f16eb83491a58122"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: OSrPGcF8zAMfizgTkw0_8UoYyH7M9iKp64eKWxPizk0vLadlS4qGZg==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 71ms
8ms Stylesheet
text/css 2600:9000:21f3:e200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bec0f3be9d581b4b795a5213a66cd1c6d8365ca686499d14b7b994f2f6510eaa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:08:21 GMT
content-encoding: gzip
age: 83215
x-cache: Hit from cloudfront
content-length: 11466
access-control-allow-origin: *
last-modified: Wed, 13 Jul 2022 18:08:14 GMT
server: AmazonS3
etag: "60611196d5cedfb48f3e5e3dbc9b4561"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: f8dP_FqYVgLZ3kia2yfboIRJQvSFBGX0ufPun3oED3prr23JHYH0oA==

GET
H/1.1 200
OK style_advocacy.css
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/ 17 KB
17 KB 864ms
103ms Stylesheet
text/css 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 87a97b9c77ef380bbb12e34878c00b9e4bf4f6a042fbe6902d2d1857221f54de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:15 GMT
Last-Modified: Wed, 19 Feb 2020 19:10:32 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7B56F6404985D
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 0726d1cc-901e-0057-25a5-97e962000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 16962

GET
H2 200 style.css
i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/ 2 KB
808 B 491ms
156ms Stylesheet
text/css 54.193.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/style.css
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.7.186 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-7-186.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a8555a9861c4a23031e79c25a2934ed393edadefa65c7cc358d01cb9cbc9e8a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 12:53:55 GMT
server: nginx
etag: W/"60b62de3-82a"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 48ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 15:45:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Jul 2022 17:15:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Jul 2022 17:15:15 GMT

GET
H2 200 fzs8jhu.css
use.typekit.net/ 3 KB
957 B 190ms
131ms Stylesheet
text/css 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/fzs8jhu.css

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8185c549b67dced20d77039151590b3f60e8e572bb151b8082b423b8dcc34eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Thu, 14 Jul 2022 17:15:15 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 725

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 39ms
9ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 16:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Jul 2023 16:56:47 GMT

GET
H/1.1 200
OK tws_logo_white.svg
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/img/ 20 KB
20 KB 401ms
103ms Image
image/svg+xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/img/tws_logo_white.svg
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 649adddf6f510b1baf499484a0e1a017339a6191d8814752356d9d75813d76f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:15 GMT
Last-Modified: Tue, 15 Oct 2019 17:39:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7519695EB387E
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 0a6ff380-701e-0060-6aa5-973bce000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 20088

GET
H2 200 _Incapsula_Resource Show response
act.wilderness.org/ 155 KB
22 KB 19ms
18ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://act.wilderness.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1863252748
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 95da72e1b21044a8bac475b2631e356463fb259e1056431118545976ba1833a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 22277
content-type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 146ms
8ms Stylesheet
text/css 2a02:26f0:480:f::213:7edb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=fzs8jhu&ht=tk&f=18490.18491.18494.18495&a=8205009&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fzs8jhu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7edb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
87 KB 60ms
35ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d046859a64792cc73d89b191bd570413767bfa985c2a59c54fbbb7d0d0ec5659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88698
x-xss-protection: 0
last-modified: Thu, 14 Jul 2022 16:05:25 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H/1.1 200
OK MN_BoundaryWatersCanoeArea_WA_JoannaGilkeson_USFS_Flickr_210912_01_bg.jpg
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/action-pages-img/ 3 MB
3 MB 142ms
142ms Image
image/jpeg 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/action-pages-img/MN_BoundaryWatersCanoeArea_WA_JoannaGilkeson_USFS_Flickr_210912_01_bg.jpg
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 2227f1ba785104248c0487b344179f42591bd1640389e4509a1ed636d0f376e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:15 GMT
Last-Modified: Fri, 08 Jul 2022 17:24:23 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA6106B37FE74E
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 0726d34a-901e-0057-29a5-97e962000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 3142468

GET
H/1.1 200
OK PostGrotesk-Black.woff2
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/ 55 KB
56 KB 387ms
99ms Font
application/font-woff2 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/PostGrotesk-Black.woff2
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 216c6fe4bb42e53258b308d4bd1b769339eaa5f4511c1b1718200b3111024ba4

Request headers

Referer: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:16 GMT
Last-Modified: Mon, 09 Sep 2019 16:02:08 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7353F11497CC9
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
x-ms-request-id: 2f256f15-401e-007b-32a5-9705cd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 56714

GET
H2 200 icomoon.woff2
i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/ 5 KB
5 KB 470ms
155ms Font
font/woff2 54.193.7.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/icomoon.woff2?f1zxwx
Requested by: Host: i.icomoon.io
URL: https://i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.193.7.186 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-193-7-186.us-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3ea130bfe17a7857fe31cd3adb191083f1ad5e8e94b4d4344ff9bd891ff8d171

Request headers

Referer: https://i.icomoon.io/public/9673ff8c96/WildernessSocietyDonationLanding/style.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
last-modified: Tue, 01 Jun 2021 12:53:55 GMT
server: nginx
etag: "60b62de3-151c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 5404

GET
H/1.1 200
OK PostGrotesk-Medium.woff2
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/ 53 KB
54 KB 391ms
103ms Font
application/font-woff2 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/PostGrotesk-Medium.woff2
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d0f61e7d78bb509c497b1ac318c26d8fed05c4ff1884dd9d9e266e0827bed480

Request headers

Referer: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:16 GMT
Last-Modified: Mon, 09 Sep 2019 16:02:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7353F11A5DF19
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
x-ms-request-id: 8a9ade06-101e-0004-29a5-97ca56000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 54394

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 117 KB
46 KB 347ms
86ms Script
text/javascript 2606:2800:11f:17a5:191a:18d5:537:22f9
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:11f:17a5:191a:18d5:537:22f9 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (nya/78CA) /
Resource Hash: 726c70dd86fcc3d0253e282501acfb531f918339a52187476609db4a876922e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: heHD7G+yHeT0p1TtqUAIhg==
age: 1705
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.5.min.js
content-length: 46650
x-ms-lease-status: unlocked
last-modified: Tue, 12 Jul 2022 17:43:37 GMT
server: ECAcc (nya/78CA)
x-ms-meta-aijssdkver: 2.8.5
etag: 0x8DA642E0CD8C9D1
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9ab178d2-701e-0084-7fa1-979a74000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 14 Jul 2022 17:45:16 GMT

GET
H2 200 _Incapsula_Resource
act.wilderness.org/ 1 B
35 B 8ms
7ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://act.wilderness.org/_Incapsula_Resource?SWKMTFSR=1&e=0.8420920615821119
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 8ms
8ms Stylesheet
text/css 2600:9000:21f3:e200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5eb633d589f463267ffd9fdcd94a108ab83d0d3655121e3a451b9fbc8b2bea5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 18:08:22 GMT
content-encoding: gzip
age: 83215
x-cache: Hit from cloudfront
content-length: 14198
access-control-allow-origin: *
last-modified: Wed, 13 Jul 2022 18:08:14 GMT
server: AmazonS3
etag: "54a01756d1771c29f92c0b6bb7d246b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: uJ6FCgz4NGXTfg0u1fmyGDVMgP9mmZbQBAoEyxWuCJWYVCSkmy-tGA==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 668ms
366ms Script
text/javascript 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

cd0d9cb348e4d922819e36d30ff6bb56628e940a14ff7315e6d8c8c83d0e62bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 12-4763319-4763336 NNNN CT(54 115 0) RT(1657818915635 147) q(0 0 2 1) r(3 3) U5
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 196
etag: W/"48-sXZwloy98hGWRgH0FaR6i99KlDs"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js2.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 74ms
11ms Script
application/javascript 2600:9000:2251:5600:14:79be:a380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js2.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:5600:14:79be:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: s108w9ESk9MsUpkYVuIVY.XmC2guOF28
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 24 Apr 2020 20:22:27 GMT
Server: AmazonS3
Age: 38
ETag: W/"9b953aa54ddcf3f41bc5a40e25cf8452"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Thu, 14 Jul 2022 17:14:53 GMT
X-Amz-Cf-Pop: FRA60-P3
X-Amz-Cf-Id: OlxZA_mGxU0n7-J_uuZ0YklcSkDWWQTqo2Kt9m2MG-Rqz5gP5DpWYw==

GET
H/1.1 200
OK ngpForm Show response
advocator.ngpvan.com/https%3a%2f%2fsecure.everyaction.com%2fv1%2fForms%2fJdDxdGf7jE6VWaXPzCmCoA2/ 10 KB
4 KB 699ms
379ms XHR
application/json 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://advocator.ngpvan.com/https%3a%2f%2fsecure.everyaction.com%2fv1%2fForms%2fJdDxdGf7jE6VWaXPzCmCoA2/ngpForm?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

65250d2e5fcb1819aee5edc1311ed965a2f7933f9f3a5170833e8f477f1f0872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Via: 1.1 vegur
Etag: W/"2835-Sz/FqAljNjoo2j5WWPiZESZHscE"
X-CDN: Imperva
X-Powered-By: Express
Transfer-Encoding: chunked
X-Iinfo: 10-1958339-1958345 NNYN CT(47 50 0) RT(1657818915694 135) q(0 0 1 0) r(2 2) U4
Connection: keep-alive
Content-Encoding: gzip
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Server: Cowboy
Date: Thu, 14 Jul 2022 17:15:16 GMT
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://act.wilderness.org
Access-Control-Allow-Credentials: true

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WYHRYH0SRN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

230edf595a7e06dbf959c494569da356813d604f6aba3551b5bc54d149d5e9ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70542
x-xss-protection: 0
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1148
date: Thu, 14 Jul 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Jul 2022 18:56:08 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 69ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D52D3ECDD39A4C9984A9F1DA900459D3 Ref B: FRA31EDGE0714 Ref C: 2022-07-14T17:15:16Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 14 Jul 2022 17:15:15 GMT
accept-ranges: bytes
content-length: 11360

GET
H3

200

activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-serv... Show response
11257983.fls.doubleclick.net/ Frame F708
Redirect Chain

https://11257983.fls.doubleclick.net/activityi;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-s...
https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact....

732 B
487 B

53ms
34ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

29d864442da077537a347a5215a2c43bb35333a254b917b2b8f056bcd6521f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 462
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:15:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:15:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 45ms
8ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 17:15:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=44251
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: 5YMwHDB3cdvxcHVg61f6BKefWBIXJ/mQEu/9Op4tCfMqP5mfqk8anw6idFmSBcbhgWSERiPUNsXm9hedvtKEmQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Jul 2022 17:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 73ms
9ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: gzip
etag: "77f5L8LR6ldZZZ+q4Q+xaw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Jul 2022 17:15:16 GMT

GET
H2 200 e5b5e20314c1b5938b5908b4132448d6.js Show response
try.abtasty.com/ 0
373 B 48ms
9ms Script
application/javascript 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://try.abtasty.com/e5b5e20314c1b5938b5908b4132448d6.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RWDS7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 07:21:15 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
last-modified: Wed, 02 Dec 2020 11:03:46 GMT
server: CloudFront
age: 35642
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: s-maxage=86400,max-age=30
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 0
x-amz-cf-id: N-RcQDaFrL6oL0z02ErL-AKU4yI3AnWitStqwbDXVF58OlyRWYJLxA==

GET
H/1.1 200
OK x560r745018521 Show response
rs.gwallet.com/r1/pixeltag/ Frame 7AB4 43 B
391 B 286ms
95ms Document
image/gif 199.127.207.188
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.gwallet.com/r1/pixeltag/x560r745018521
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.127.207.188 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: openresty/1.19.9.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://act.wilderness.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 14 Jul 2022 17:15:16 GMT
P3p: CP="PSAo PSDo OUR BUS DSP NON COR"
Pragma: no-cache
Server: openresty/1.19.9.1
Vary: Origin
useSecure: true

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 65ms
9ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
x-amz-request-id: EAE4F3DZNWDT5EHB
x-amz-id-2: 3R6NxaefBCz48EWaTfC7rLc1K64kG7IZuDQcOzvKlN1qBIubUN3DIK6Wdy+yfckj2EebJ2mB8NM=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 56cjyi0pxc Show response
www.clarity.ms/tag/ 2 KB
2 KB 296ms
176ms Script
application/x-javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/56cjyi0pxc
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8b51b4dca1b74318e4f5b98b8d1a6ab883e0fc0ec96118bc1e4113904b8a3f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
x-powered-by: ASP.NET
x-azure-ref: 0JE/QYgAAAAC7A6RSvSt6R5tnsSr97JFrQVRIMDFFREdFMDQxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
content-length: 1575
expires: -1

GET
H2

200

p.gif
p.alocdn.com/c/2vqluhv8/a/etarget/
Redirect Chain

https://p.alocdn.com/c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819
https://p.alocdn.com/c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819&tdc=1&url=https%3A%2F%2Fact.wilderness.org%2F

42 B
351 B

177ms
177ms

Image
image/gif

52.34.182.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819&tdc=1&url=https%3A%2F%2Fact.wilderness.org%2F
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Server: 52.34.182.55 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-182-55.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/2vqluhv8/a/etarget/p.gif?label=wildernesssoc&gtmcb=134518819&tdc=1&url=https%3A%2F%2Fact.wilderness.org%2F
date: Thu, 14 Jul 2022 17:15:16 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-5868065-1&cid=198466544.1657818916&jid=986241756&gjid=604481104&_gid=1618226935.1657818916&_u=YGBAiEABBAAAAE~&z=1930012123

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Jul 2022 17:15:16 GMT
content-type: text/plain
access-control-allow-origin: https://act.wilderness.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
8ms Image
image/gif 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=920886970&t=pageview&_s=1&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&ul=en-us&de=UTF-8&dt=Advocate%20for%20Wilderness&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=986241756&gjid=604481104&cid=198466544.1657818916&tid=UA-5868065-1&_gid=1618226935.1657818916&gtm=2wg7d05RWDS7&z=1892946209

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 13:53:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 12094
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 47ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WYHRYH0SRN&gtm=2oe7d0&_p=920886970&_z=ccd.v9B&cid=198466544.1657818916&ul=en-us&sr=1600x1200&_s=1&sid=1657818916&sct=1&seg=0&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&dt=Advocate%20for%20Wilderness&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYHRYH0SRN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.wilderness.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c13...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3840156%26time%3D1657818916276%26url%3Dhttps%253A%252F%252Fact.wilderness.org%252...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c13...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c1...

0
264 B

387ms
117ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&liSync=true&e_ipv6=AQIil8urUy-YtQAAAYH9tSb_Krn7-_cGRmaIgzJ5qB4YA3I8z7IePvF9diF-vpe1PA
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 8A01ECBD1EA742D1A391D70B3F7CAACA Ref B: FRAEDGE1419 Ref C: 2022-07-14T17:15:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjxwumCm2/bdc9p/fqpw==
x-li-fabric: prod-lva1

Redirect headers

date: Thu, 14 Jul 2022 17:15:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4919B04F88934F7AA638435D8B903FB5 Ref B: FRAEDGE1412 Ref C: 2022-07-14T17:15:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3840156&time=1657818916276&url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&liSync=true&e_ipv6=AQIil8urUy-YtQAAAYH9tSb_Krn7-_cGRmaIgzJ5qB4YA3I8z7IePvF9diF-vpe1PA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXjxwugFnt8TAfHgy+0Sw==

GET
H3 200 141197707 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 63ms
49ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/141197707?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb253857c37bda1a5036144fca52b45899549e46f9734d8547c7167600476e82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YvwH5rVhxfYDwkUJ46NSvI3A1Cyqe48rqWXB7AMX9vVPDWyZNaz/VIhr6caGJ5NL6wrakuSK2yb2LcZlxwO4Vw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Jul 2022 17:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657818916343
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 5891185.js Show response
bat.bing.com/p/action/ 0
120 B 176ms
176ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5891185.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D3BB5474ADF744AEA309DE4DD1AEB845 Ref B: FRA31EDGE0714 Ref C: 2022-07-14T17:15:16Z
date: Thu, 14 Jul 2022 17:15:16 GMT
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
177 B 35ms
35ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5891185&tm=gtm002&Ver=2&mid=6e2398dc-b16f-4a19-8fde-6320ccf57899&sid=87943540039811eda47fe1825e9e317e&vid=87945a20039811ed916d53b70ff55e07&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Advocate%20for%20Wilderness&p=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&r=&lt=2595&evt=pageLoad&msclkid=N&sv=1&rn=290226

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3F8DEE5BA6814C62ABEE5158053D2ED7 Ref B: FRA31EDGE0714 Ref C: 2022-07-14T17:15:16Z
date: Thu, 14 Jul 2022 17:15:16 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
34ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5868065-1&cid=198466544.1657818916&jid=986241756&_u=YGBAiEABBAAAAE~&z=145214143

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 58ms
32ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-5868065-1&cid=198466544.1657818916&jid=986241756&_u=YGBAiEABBAAAAE~&z=145214143

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10073594.json Show response
s.yimg.com/wi/config/ 2 B
486 B 124ms
107ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10073594.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: K79AEQ0AHY1CHCJY
x-amz-id-2: GQLkhjUPyJHgyL1Gt70EGOuCLeh46q1qUAxu2R+GSwj877RTI5XvLP1JLEuDlspVP+L2rH00WK0=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 10171155.json Show response
s.yimg.com/wi/config/ 2 B
158 B 393ms
377ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10171155.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: K79DCBSHDJRZKCC2
x-amz-id-2: uyXst6xhCjT7dlZIafEzduI4/MzNiieJhSQ3xPsUjYMNijZ0Cd9ZatVTDmrHuB58Zag+fvRvwi4=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 rules-p-h52-J6GjBh09g.js Show response
rules.quantcount.com/ 2 KB
1 KB 41ms
11ms Script
application/javascript 2600:9000:223c:3a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-h52-J6GjBh09g.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:3a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d96d3be6c71d5c157c0c80850a6c9c8731634294bfce41cf0928e5bcec919fec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:08:48 GMT
content-encoding: gzip
age: 389
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 02 Oct 2020 20:49:39 GMT
server: AmazonS3
etag: W/"d43ea46f5885d9a0fca58bc69ea7c865"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: LjNfBSjeo6g1gMYYFU_GhyqZ1b1A5QigSG16_HuJbjyKJIfBA8nl0A==

GET
H2 200 pixel;r=79432110;labels=_fp.event.Survey%20Landing%20Page;rf=0;a=p-h52-J6GjBh09g;url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-...
pixel.quantserve.com/ 35 B
372 B 24ms
14ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=79432110;labels=_fp.event.Survey%20Landing%20Page;rf=0;a=p-h52-J6GjBh09g;url=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;uht=2;fpan=1;fpa=P0-687324435-1657818916342;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=wilderness.org;dst=0;et=1657818916342;tzo=0;ogl=type.website%2Ctitle.Sign%20our%20petition%20to%20the%20Forest%20Service%3A%20NO%20toxic%20mine%20in%20the%20Boundary%20Waters%20%2Cdescription.We%20have%20until%20July%2028%20to%20tell%20the%20Biden%20administration%20to%20protect%20the%20Boundary%20W%2Cimage.https%3A%2F%2Fnvlupin%252Eblob%252Ecore%252Ewindows%252Enet%2Fimages%2Fvan%2FAV%2FAVWDS%2F1%2F75724%2Fimages%2Faction-

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 406215626198398 Show response
connect.facebook.net/signals/config/ 291 KB
84 KB 121ms
121ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/406215626198398?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ecbeb5d1b1f645bf575e1fc683f48afe4e8c0e8d33966769ed541048c82784e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: hwWRDGUfQDSEQhzFPnGdza+ZGcplfHZolA05Xhj5kFrOkRGU6cxIRcx9rMqHLEoLfrumO5bMNtUNmvBQgK6piw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 14 Jul 2022 17:15:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657818916469
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 29ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141197707&ev=PageView&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&rl=&if=false&ts=1657818916351&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=28&it=1657818916285&coo=false&exp=u0&rqm=GET

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 29ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141197707&ev=ViewContent&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&rl=&if=false&ts=1657818916352&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=28&it=1657818916285&coo=false&exp=u0&rqm=GET

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 29ms
10ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=141197707&ev=CompleteRegistration&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&rl=&if=false&ts=1657818916352&sw=1600&sh=1200&v=2.9.65&r=stable&ec=2&o=28&it=1657818916285&coo=false&exp=u0&rqm=GET

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow... Show response
adservice.google.com/ddm/fls/i/ Frame 54E7 731 B
930 B 70ms
46ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4

Requested by

Host: 11257983.fls.doubleclick.net
URL: https://11257983.fls.doubleclick.net/activityi;dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d8c8e5d961ce6f6c9947de5e802f86283e06a3a9ae95b782a84f7e40bd718d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11257983.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 461
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:15:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow... Show response
adservice.google.de/ddm/fls/i/ Frame F7FB 194 B
870 B 85ms
46ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COKV7dzw-PgCFU-v7Qoddd8LYA;src=11257983;type=visits0;cat=tws-w0;ord=7670916450509;gtm=2wg7d0;auiddc=1231314395.1657818916;u6=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4;~oref=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 177
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Jul 2022 17:15:16 GMT
expires: Thu, 14 Jul 2022 17:15:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=406215626198398&ev=PageView&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&rl=&if=false&ts=1657818916504&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657818916504.1224553228&it=1657818916285&coo=false&exp=u0&rqm=GET

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.34/ 53 KB
23 KB 173ms
172ms Script
application/javascript 2620:1ec:27::cafe:1734
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/56cjyi0pxc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1734 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:15 GMT
content-encoding: br
etag: "1d8918c3d757854"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0JE/QYgAAAABlUIWJZxFsTpNK2HAhGMZ7QVRIMDFFREdFMDQxNwA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 102ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2014%20Jul%202022%2017%3A15%3A16%20GMT&n=0&b=Advocate%20for%20Wilderness&.yp=10073594&f=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
246 B 101ms
32ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Advocate%20for%20Wilderness&.yp=10171155&f=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Thu, 14 Jul 2022 17:15:16 GMT

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/YJ$ZejF3ZYzhtDlIXVKfk0K0/ 2 B
954 B 462ms
198ms XHR
application/json 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/YJ$ZejF3ZYzhtDlIXVKfk0K0/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: gzip
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://act.wilderness.org
x-iinfo: 12-4763428-4763336 PNNN RT(1657818916282 133) q(0 0 0 -1) r(0 0) U5
access-control-allow-credentials: true
content-length: 123
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 204 collect Show response
e.clarity.ms/ 0
177 B 404ms
95ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://act.wilderness.org
date: Thu, 14 Jul 2022 17:15:16 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 182 B
789 B 379ms
343ms Script
text/javascript 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1657818916855=

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

286afd5660c82dbf577c2b41cb74029c78a98c98eec2ecc79a92e537cc238d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding,Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 12-4763319-4763417 NNNN CT(50 103 0) RT(1657818915635 613) q(0 0 2 2) r(2 2) U4
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/javascript; charset=utf-8
content-length: 293
etag: W/"b6-poKVeTYI6mMAZEsW1yp2pd8xXB8"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
static.everyaction.com/ea-actiontag/assets/fonts/ 94 KB
95 KB 9ms
8ms Font
application/font-woff2 2600:9000:21f3:e200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/fonts/glyphicons-regular.woff2
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 13 Jul 2022 22:26:38 GMT
via: 1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
age: 68105
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: 4oC52JaMMn1Ie2ZVEY2SPBvE6xXytPLrNqhavUGR1TDTLoLVleq4Zg==

GET
H2 200 l
use.typekit.net/af/b5dc69/000000000000000077359f9c/30/ 30 KB
30 KB 41ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b5dc69/000000000000000077359f9c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fzs8jhu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c74720b5f97f3f1e2a5d2a9d5be2f38c96be900e51f1ca2e53645b3ebd939a8

Request headers

Referer: https://use.typekit.net/fzs8jhu.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
server: nginx
etag: "2a39e7266f0e8186a46f5cfa776e4275cbd43940"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30932

GET
H2 200 l
use.typekit.net/af/19483f/000000000000000077359f9f/30/ 32 KB
32 KB 43ms
9ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19483f/000000000000000077359f9f/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fzs8jhu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 30bd947b577081620b9c64bcfdab19cebb4e9c305463031e37a7c18e7bc8d5d7

Request headers

Referer: https://use.typekit.net/fzs8jhu.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
server: nginx
etag: "4eef42680b38f59365121ad6e3ac8b8160ec9031"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32492

GET
H2 200 l
use.typekit.net/af/f72a60/000000000000000077359f98/30/ 30 KB
30 KB 43ms
10ms Font
application/font-woff2 2a02:26f0:480:f::213:7ee1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/f72a60/000000000000000077359f98/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/fzs8jhu.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f8e41b2fb920c5ed3ad0cbf5159fb39762a852827efc7363ecc7f820b63e27a9

Request headers

Referer: https://use.typekit.net/fzs8jhu.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
server: nginx
etag: "fa49c72831ad9f673d195607713bbf14fbc3b825"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30748

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK PostGrotesk-MediumItalic.woff2
nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/ 53 KB
54 KB 103ms
103ms Font
application/font-woff2 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/fonts/PostGrotesk-MediumItalic.woff2
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: be1e623262e9a6890a185598ebdb116ed4ac5fc39e0af2bd4b229ef4a7086c5b

Request headers

Referer: https://nvlupin.blob.core.windows.net/images/van/AV/AVWDS/1/75724/images/css/style_advocacy.css
Origin: https://act.wilderness.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Jul 2022 17:15:16 GMT
Last-Modified: Mon, 09 Sep 2019 16:02:09 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7353F12205690
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
x-ms-request-id: 8a9ae1f6-101e-0004-4fa5-97ca56000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 54782

GET
H2 200 JdDxdGf7jE6VWaXPzCmCoA2
secure.everyaction.com/v1/Track/ 0
645 B 656ms
351ms Image
text/plain 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/JdDxdGf7jE6VWaXPzCmCoA2?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4&formSessionId=fa31180b-48a7-429d-a93a-c52a0cc7fe9a&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9hY3Qud2lsZGVybmVzcy5vcmcvYS90ZWxsLWZvcmVzdC1zZXJ2aWNlLWZvbGxvdy1zY2llbmNlLWJvdW5kYXJ5LXdhdGVycy1vc3A%2FbW1kcj02NjQ0MDJiNC1jMTMxLTQyNTMtOTg4Ni0xZmE1MWU3ZWUzZDQ%3D&fRef=

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:17 GMT
x-content-type-options: nosniff
expires: -1
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 14-8526003-8526013 NNNN CT(52 105 0) RT(1657818916446 136) q(0 0 2 1) r(3 3) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 fast-action.svg
static.everyaction.com/ea-actiontag/assets/images/ 9 KB
9 KB 11ms
10ms Image
image/svg+xml 2600:9000:21f3:e200:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e200:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 03:43:41 GMT
via: 1.1 2afacc6ad96dbba3f0b477cd95f16458.cloudfront.net (CloudFront)
age: 48696
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: T9HpzwGlILxzWdUixRIpj8uyNQctK9AfKEn3q03mKTVQcySIBTDJDA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=406215626198398&ev=Microdata&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&rl=&if=false&ts=1657818917102&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Advocate%20for%20Wilderness%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Sign%20our%20petition%20to%20the%20Forest%20Service%3A%20NO%20toxic%20mine%20in%20the%20Boundary%20Waters%20%22%2C%22og%3Adescription%22%3A%22We%20have%20until%20July%2028%20to%20tell%20the%20Biden%20administration%20to%20protect%20the%20Boundary%20Waters%20from%20toxic%20mining.%20%20%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fnvlupin.blob.core.windows.net%2Fimages%2Fvan%2FAV%2FAVWDS%2F1%2F75724%2Fimages%2Faction-pages-img%2FMN_BoundaryWatersCanoeArea_WA_JoannaGilkeson_USFS_Flickr_210912_01_bg.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657818916504.1224553228&it=1657818916285&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 14 Jul 2022 17:15:17 GMT

GET
H2 204 YJ$ZejF3ZYzhtDlIXVKfk0K0 Show response
secure.everyaction.com/Databag/Profile/ 0
1014 B 314ms
314ms XHR
text/plain 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/YJ$ZejF3ZYzhtDlIXVKfk0K0

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:17 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://act.wilderness.org
x-iinfo: 14-8526003-8526013 PNNN RT(1657818916446 171) q(0 0 1 0) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 YJ$ZejF3ZYzhtDlIXVKfk0K0 Show response
secure.ngpvan.com/Databag/Profile/ 0
891 B 403ms
367ms XHR
text/plain 45.60.31.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/YJ$ZejF3ZYzhtDlIXVKfk0K0

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.31.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://act.wilderness.org
x-iinfo: 12-4763319-4763501 NNNN CT(55 117 0) RT(1657818915635 1016) q(0 0 2 0) r(2 2) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 YJ$ZejF3ZYzhtDlIXVKfk0K0 Show response
act.wilderness.org/Databag/Profile/ 0
309 B 105ms
105ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://act.wilderness.org/Databag/Profile/YJ$ZejF3ZYzhtDlIXVKfk0K0

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Request-Id: |96318149ba444715a74173d1c24c2e91.c7f11c5fd84f4857
traceparent: 00-96318149ba444715a74173d1c24c2e91-c7f11c5fd84f4857-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:17 GMT
x-content-type-options: nosniff
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-iinfo: 3-5567681-5567684 PNNN RT(1657818914211 2562) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&RedC=c.clarity.ms&MXFR=039D8B221F8A66DC33299AC31B8A68FC
https://c.clarity.ms/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&MUID=357FC4B20A5267892863D5530BFE66C6

42 B
368 B

30ms
30ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&MUID=357FC4B20A5267892863D5530BFE66C6
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:17 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A5C1B9DBA384452918B8C488481BE39 Ref B: FRA31EDGE0714 Ref C: 2022-07-14T17:15:17Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=E69C922C7A364A46BE572CBE7023B34E&MUID=357FC4B20A5267892863D5530BFE66C6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 241ms
16ms Preflight 13.69.106.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://act.wilderness.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 14 Jul 2022 17:15:16 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 98 B
306 B 59ms
59ms XHR
application/json 13.69.106.216
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.216 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 5289C939-C324-464C-B576-18FA604EEF41
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 14 Jul 2022 17:15:17 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 98

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 52 KB
17 KB 40ms
17ms Script
text/javascript 2600:9000:2156:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: act.wilderness.org
URL: https://act.wilderness.org/a/tell-forest-service-follow-science-boundary-waters-osp?mmdr=664402b4-c131-4253-9886-1fa51e7ee3d4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: J7p8W1lQgNY91qwUxZU3x.y9IQrTVjMu
Content-Encoding: gzip
Etag: W/"d570d2e0cc47679b5bf3a6f9ff5b9e5b"
Age: 2519
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
Last-Modified: Thu, 30 Jun 2022 21:03:48 GMT
Server: AmazonS3
Date: Thu, 14 Jul 2022 16:33:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: cZlzNJFvnuKUZdT15kVPtMKkEwWWUyUZICRhTmfBia4j1Oi2MMnwWQ==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/O43CRPIAP5BJ7HSYDYEDUM/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

11ms
9ms

Script
application/javascript

2600:9000:2156:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: BTP2rshxaRFWPNdrItPYEau9DI6Y8oce
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 73237
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 28
Last-Modified: Wed, 06 Jul 2022 18:15:57 GMT
Server: AmazonS3
Date: Thu, 14 Jul 2022 02:49:50 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Vc1tyzAVopN7Jj4j9ewsOYfrKS0HWCDOrdK6MsBgNVblLaHUQVJmAg==

Redirect headers

Date: Thu, 14 Jul 2022 11:24:33 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
Age: 21044
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Cp2ILfuE2j5KlY8Bqk1qoj02lTVyW4abX2uCeVunkJY2Nt5zi8fSlA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/O43CRPIAP5BJ7HSYDYEDUM/BTX767UN2FGAFBOFKRNHDZ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

29ms
28ms

Script
application/javascript

2600:9000:2156:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Protocol: HTTP/1.1
Server: 2600:9000:2156:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 66441
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Wed, 13 Jul 2022 22:47:56 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: -g_I62hkzVIi74LWeVDw9uoe6VKjdNkjzLkU-ksXgoFISDufyb1_Og==

Redirect headers

Date: Thu, 14 Jul 2022 11:24:33 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
Age: 21043
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: dDmnuIq2AKw7nsRsbUr97JOoTuPJY3MLqHUPTN_hovpmr3kzdmLjoA==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/O43CRPIAP5BJ7HSYDYEDUM/BTX767UN2FGAFBOFKRNHDZ/ 0
809 B 30ms
12ms Script
text/javascript 2600:9000:2156:5c00:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/O43CRPIAP5BJ7HSYDYEDUM/BTX767UN2FGAFBOFKRNHDZ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5c00:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

X-Amz-Version-Id: PGug11iJDKeH3eFxPd2d7gNUV5D75xaP
Via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 3480
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 0
Last-Modified: Thu, 07 Jul 2022 09:05:05 GMT
Server: AmazonS3
Date: Thu, 14 Jul 2022 16:17:18 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: ywEjSaNYrhoy9p6T2ksEV6AVyWSUOeiDVfi52HhQbI0LnjmykNNJ0g==

GET
H2 200 O43CRPIAP5BJ7HSYDYEDUM Show response
d.adroll.com/consent/check/ 460 B
553 B 97ms
30ms Script
application/javascript 34.240.24.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/O43CRPIAP5BJ7HSYDYEDUM?arrfrr=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&_s=a8d12b1abc5a9f1a269a7193f39392c7&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.24.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-24-63.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 080503a0377046641bb7953de696a44cb6b4da5f40601148e774bb509c845d8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 14 Jul 2022 17:15:17 GMT
server: nginx/1.20.0
content-length: 460
content-type: application/javascript

POST
H2 204 collect Show response
e.clarity.ms/ 0
48 B 96ms
95ms XHR
text/plain 20.62.48.180
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://act.wilderness.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://act.wilderness.org
date: Thu, 14 Jul 2022 17:15:17 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 33ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-WYHRYH0SRN&gtm=2oe7d0&_p=920886970&_z=ccd.v9B&cid=198466544.1657818916&ul=en-us&sr=1600x1200&_s=2&sid=1657818916&sct=1&seg=0&dl=https%3A%2F%2Fact.wilderness.org%2Fa%2Ftell-forest-service-follow-science-boundary-waters-osp%3Fmmdr%3D664402b4-c131-4253-9886-1fa51e7ee3d4&dt=Advocate%20for%20Wilderness&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WYHRYH0SRN&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://act.wilderness.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Jul 2022 17:15:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://act.wilderness.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mbl.ms/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 4hy3tcsyj3u1ez53uzgnjgto
.mbl.ms/	1970-01-20 13:15:16	Name: visid_incap_2427410 Value: kP9e7JEcTPmrJQl2Dx8A9SFP0GIAAAAAQUIPAAAAAACyoSuhwzRXmH8iTFoB05Hb
.mbl.ms/	1969-12-31 23:59:59	Name: nlbi_2427410 Value: fK8wH3kOpkiFqLvfhZnF+gAAAABwQcWN7MpgKlzXyCrz8iYi
.mbl.ms/	1969-12-31 23:59:59	Name: incap_ses_1446_2427410 Value: WaYUI3mS0DYn/2GQozkRFCFP0GIAAAAAwbd2zwTZb2fEGtlRzH79VQ==
.wilderness.org/	1970-01-20 13:14:47	Name: visid_incap_1935261 Value: qzyJraCtTSar1SkTrvq5ASJP0GIAAAAAQUIPAAAAAADHCbWIAlVVYMdpGx+Wszrm
.wilderness.org/	1969-12-31 23:59:59	Name: nlbi_1935261 Value: 2DBsZtvg412PrsYjdu09AQAAAADDUFuWfbrpyecp5hktwjZf
.wilderness.org/	1969-12-31 23:59:59	Name: incap_ses_247_1935261 Value: 2nfdNEjAflMBMJgqFYZtAyJP0GIAAAAA81KxcZI9ZA/CUpSrXj4LTw==
.act.wilderness.org/	1970-01-20 04:30:22	Name: TiPMix Value: 18.20629976136615
.act.wilderness.org/	1970-01-20 04:30:22	Name: x-ms-routing-name Value: self
act.wilderness.org/	1970-01-20 04:30:33	Name: SessionKeyCookie Value:
.wilderness.org/	1970-01-20 06:39:54	Name: _gcl_au Value: 1.1.1231314395.1657818916
.wilderness.org/	1970-01-20 04:31:45	Name: _gid Value: GA1.2.1618226935.1657818916
.wilderness.org/	1970-01-20 04:30:18	Name: _dc_gtm_UA-5868065-1 Value: 1
.bing.com/	1970-01-20 13:51:54	Name: MUID Value: 357FC4B20A5267892863D5530BFE66C6
.wilderness.org/	1970-01-20 22:01:30	Name: _ga_WYHRYH0SRN Value: GS1.1.1657818916.1.0.1657818916.0
.wilderness.org/	1970-01-20 22:01:30	Name: _ga Value: GA1.1.198466544.1657818916
.wilderness.org/	1970-01-20 04:31:45	Name: _uetsid Value: 87943540039811eda47fe1825e9e317e
.wilderness.org/	1970-01-20 13:51:54	Name: _uetvid Value: 87945a20039811ed916d53b70ff55e07
.doubleclick.net/	1970-01-20 04:30:19	Name: test_cookie Value: CheckForPermission
.quantserve.com/	1970-01-20 14:00:33	Name: mc Value: 62d04f24-5871b-0ffd9-ff823
.wilderness.org/	1970-01-20 13:54:47	Name: __qca Value: P0-687324435-1657818916342
.linkedin.com/	1970-01-20 05:13:30	Name: UserMatchHistory Value: AQLOS00hgT9wwQAAAYH9tSYJK8Vkrm5Fe9me5IMVM8AgNze8fdVF4N-Y4bw4xXWor03KJ5vKBd3_VQ
.linkedin.com/	1970-01-20 05:13:30	Name: AnalyticsSyncHistory Value: AQI69GP8BzojKwAAAYH9tSYJemZk_G63DwL6aX92it1_VDpGQWpLi8HkEaux0k__jGZsClBNxC7ty6v9gJpHRw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:02:12	Name: bcookie Value: "v=2&c90cb1f6-4f9e-4246-84f8-a0d245ffbd50"
.linkedin.com/	1970-01-20 04:31:45	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2327:u=1:x=1:i=1657818916:t=1657905316:v=2:sig=AQG2ehXsAv4yjsValarcfC6bXB65xfSV"
www.clarity.ms/	1970-01-20 13:15:54	Name: CLID Value: e580cd145f714f06bdec22913d8bdfc1.20220714.20230714
.wilderness.org/	1970-01-20 06:39:54	Name: _fbp Value: fb.1.1657818916504.1224553228
act.wilderness.org/	1970-01-20 13:15:54	Name: ai_user Value: 6GMB0N5LNiWP41+lymF+rL\|2022-07-14T17:15:16.517Z
act.wilderness.org/	1970-01-20 04:30:20	Name: ai_session Value: NbyyHnLlO/uOfkg3aP1Mda\|1657818916521\|1657818916521
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:02:12	Name: bscookie Value: "v=1&202207141715163bded98c-0243-4d6f-8d47-2698a0f8b86dAQGicwx284gQkRjEc_MtfFOTjc7SoN2a"
.linkedin.com/	1970-01-20 22:00:16	Name: li_gc Value: MTswOzE2NTc4MTg5MTY7MjswMjFcCQh+qEr/kJ6YsIJqh+xR6yn7NfYNaYmrLBnKVC2SMA==
.wilderness.org/	1970-01-20 13:15:54	Name: _clck Value: 1srugmu\|1\|f35\|0
.profile.ngpvan.com/	1970-01-20 04:30:22	Name: TiPMix Value: 2.935345061649297
.profile.ngpvan.com/	1970-01-20 04:30:22	Name: x-ms-routing-name Value: self
profile.ngpvan.com/	1970-01-23 20:09:11	Name: ngpvanuser Value: YJ%24ZejF3ZYzhtDlIXVKfk0K0
.alocdn.com/	1970-01-20 13:15:54	Name: uuid Value: 1ff8b15a-2eda-4b07-ae34-b493accb0bb2
.yahoo.com/	1970-01-20 13:16:16	Name: A3 Value: d=AQABBCRP0GICEDfdLl33KenIW87b7pnJ7HwFEgEBAQGg0WLaYgAAAAAA_eMAAA&S=AQAAArfqnE8sdK6pAZ6BOWzV7vQ
.wilderness.org/	1970-01-20 04:31:45	Name: _clsk Value: 1p4xjih\|1657818917226\|1\|1\|e.clarity.ms/collect
.act.wilderness.org/	1970-01-23 20:10:38	Name: ProfileDatabagId Value: YJ$ZejF3ZYzhtDlIXVKfk0K0
.secure.everyaction.com/	1970-01-20 04:30:22	Name: x-ms-routing-name Value: self
.everyaction.com/	1970-01-23 20:10:38	Name: ProfileDatabagId Value: YJ$ZejF3ZYzhtDlIXVKfk0K0
.secure.everyaction.com/	1970-01-20 04:30:22	Name: TiPMix Value: 73.66694629208087
.secure.ngpvan.com/	1970-01-20 04:30:22	Name: TiPMix Value: 84.80341056578129
.secure.ngpvan.com/	1970-01-20 04:30:22	Name: x-ms-routing-name Value: self
.ngpvan.com/	1970-01-23 20:10:38	Name: ProfileDatabagId Value: YJ$ZejF3ZYzhtDlIXVKfk0K0
.c.bing.com/	1970-01-20 13:51:54	Name: SRM_B Value: 357FC4B20A5267892863D5530BFE66C6
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:51:54	Name: MUID Value: 357FC4B20A5267892863D5530BFE66C6
.c.clarity.ms/	1970-01-20 04:30:19	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11257983.fls.doubleclick.net
act.wilderness.org
adservice.google.com
adservice.google.de
advocator.ngpvan.com
ajax.googleapis.com
az416426.vo.msecnd.net
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
d.adroll.com
dc.services.visualstudio.com
e.clarity.ms
fastaction.ngpvan.com
fonts.googleapis.com
i.icomoon.io
js2.verygoodvault.com
mbl.ms
nvlupin.blob.core.windows.net
p.alocdn.com
p.typekit.net
pixel.quantserve.com
profile.ngpvan.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
rs.gwallet.com
rules.quantcount.com
s.adroll.com
s.yimg.com
secure.everyaction.com
secure.ngpvan.com
secure.quantserve.com
snap.licdn.com
sp.analytics.yahoo.com
static.everyaction.com
stats.g.doubleclick.net
try.abtasty.com
use.typekit.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.107.42.14
13.69.106.216
142.250.185.102
18.66.112.110
199.127.207.188
20.234.93.27
20.60.58.97
20.62.48.180
2001:4860:4802:32::178
2001:4860:4802:32::36
212.82.100.181
2600:9000:2156:5c00:6:9280:1080:93a1
2600:9000:21f3:e200:3:1d53:4780:93a1
2600:9000:223c:3a00:6:44e3:f8c0:93a1
2600:9000:2251:5600:14:79be:a380:93a1
2606:2800:11f:17a5:191a:18d5:537:22f9
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2620:1ec:27::cafe:1734
2620:1ec:c11::200
2a00:1288:80:807::1
2a00:1450:4001:802::2008
2a00:1450:4001:803::2002
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::200a
2a00:1450:400c:c1b::9c
2a02:26f0:3500:16::215:149b
2a02:26f0:480:f::213:7edb
2a02:26f0:480:f::213:7ee1
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.240.24.63
45.60.103.183
45.60.31.183
45.60.33.183
52.34.182.55
54.193.7.186
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
080503a0377046641bb7953de696a44cb6b4da5f40601148e774bb509c845d8c
0d8c8e5d961ce6f6c9947de5e802f86283e06a3a9ae95b782a84f7e40bd718d5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
18c7974cdab32e0e913639d2a48b6b5015677b61e6a6c92abbfaeae341b37799
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
216c6fe4bb42e53258b308d4bd1b769339eaa5f4511c1b1718200b3111024ba4
2227f1ba785104248c0487b344179f42591bd1640389e4509a1ed636d0f376e9
230edf595a7e06dbf959c494569da356813d604f6aba3551b5bc54d149d5e9ff
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
286afd5660c82dbf577c2b41cb74029c78a98c98eec2ecc79a92e537cc238d94
29d864442da077537a347a5215a2c43bb35333a254b917b2b8f056bcd6521f7f
2c74720b5f97f3f1e2a5d2a9d5be2f38c96be900e51f1ca2e53645b3ebd939a8
2ecbeb5d1b1f645bf575e1fc683f48afe4e8c0e8d33966769ed541048c82784e
30bd947b577081620b9c64bcfdab19cebb4e9c305463031e37a7c18e7bc8d5d7
3ea130bfe17a7857fe31cd3adb191083f1ad5e8e94b4d4344ff9bd891ff8d171
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5eb633d589f463267ffd9fdcd94a108ab83d0d3655121e3a451b9fbc8b2bea5a
649adddf6f510b1baf499484a0e1a017339a6191d8814752356d9d75813d76f5
65250d2e5fcb1819aee5edc1311ed965a2f7933f9f3a5170833e8f477f1f0872
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
726c70dd86fcc3d0253e282501acfb531f918339a52187476609db4a876922e0
8185c549b67dced20d77039151590b3f60e8e572bb151b8082b423b8dcc34eab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
87a97b9c77ef380bbb12e34878c00b9e4bf4f6a042fbe6902d2d1857221f54de
8b51b4dca1b74318e4f5b98b8d1a6ab883e0fc0ec96118bc1e4113904b8a3f42
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
95da72e1b21044a8bac475b2631e356463fb259e1056431118545976ba1833a8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9db9265f8119cc29e3011eb69fb5d9bfb6b2b715890351480ac0904059af7f02
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2743c18ddff35b1aa702877ba04368697914866d9593d7365df397153932ab8
a8555a9861c4a23031e79c25a2934ed393edadefa65c7cc358d01cb9cbc9e8a1
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
be1e623262e9a6890a185598ebdb116ed4ac5fc39e0af2bd4b229ef4a7086c5b
bec0f3be9d581b4b795a5213a66cd1c6d8365ca686499d14b7b994f2f6510eaa
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cd0d9cb348e4d922819e36d30ff6bb56628e940a14ff7315e6d8c8c83d0e62bf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d046859a64792cc73d89b191bd570413767bfa985c2a59c54fbbb7d0d0ec5659
d0f61e7d78bb509c497b1ac318c26d8fed05c4ff1884dd9d9e266e0827bed480
d96d3be6c71d5c157c0c80850a6c9c8731634294bfce41cf0928e5bcec919fec
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
dd789851486f36c5fa38c088ec4173d2bd32a389378c7628603f5a06c6f2ca0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5f8df07811ca584265a7f3b44e74687496ae792370392f6fec18f4c1ea30f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f8e41b2fb920c5ed3ad0cbf5159fb39762a852827efc7363ecc7f820b63e27a9
fb253857c37bda1a5036144fca52b45899549e46f9734d8547c7167600476e82
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

act.wilderness.org Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

81 Requests

94 %HTTPS

63 %IPv6

30 Domains

47 Subdomains

39 IPs

6 Countries

4243 kBTransfer

5973 kBSize

51 Cookies

9 Outgoing links

Page URL History

Redirected requests

81 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

act.wilderness.org Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

81
Requests

94 %
HTTPS

63 %
IPv6

30
Domains

47
Subdomains

39
IPs

6
Countries

4243 kB
Transfer

5973 kB
Size

51
Cookies

81 HTTP transactions
2 data transactions