secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch...
Submission Tags: falconsandbox
Submission: On February 16 via api (February 16th 2023, 12:16:04 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 49 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com. The Cisco Umbrella rank of the primary domain is 58202.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on April 11th 2022. Valid for: a year.

This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
8	2600:9000:206... 2600:9000:206f:f400:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
5	20.60.58.97 20.60.58.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:dc:... 2a02:26f0:dc:388::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	18.66.15.112 18.66.15.112	16509 (AMAZON-02) (AMAZON-02)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	13.69.106.90 13.69.106.90	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.211.187.158 54.211.187.158	14618 (AMAZON-AES) (AMAZON-AES)
49	10

9 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:206f:f400:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:388::13b8 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.66.15.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-112.vie50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.90 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.187.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-187-158.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 35916	548 KB
14	everyaction.com secure.everyaction.com — Cisco Umbrella Rank: 58202 static.everyaction.com — Cisco Umbrella Rank: 87984	407 KB
5	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 75185	306 KB
3	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 57063 secure.ngpvan.com — Cisco Umbrella Rank: 66471	3 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 781	281 B
1	verygood.systems vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 75235	157 B
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2151	47 KB
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 741	56 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298	30 KB
49	9

	Domain	Requested by
21	js.verygoodvault.com	secure.everyaction.com js.verygoodvault.com
8	static.everyaction.com	secure.everyaction.com static.everyaction.com
6	secure.everyaction.com	secure.everyaction.com static.everyaction.com az416426.vo.msecnd.net
5	nvlupin.blob.core.windows.net	secure.everyaction.com nvlupin.blob.core.windows.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	static.everyaction.com az416426.vo.msecnd.net
1	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	az416426.vo.msecnd.net	secure.everyaction.com
1	cdn.optimizely.com	secure.everyaction.com
1	ajax.googleapis.com	secure.everyaction.com
49	11

This site contains links to these domains. Also see Links.

Domain
www.911memorial.org

Subject Issuer	Validity	Valid
*.everyaction.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-04-11` - `2023-04-11`	a year	crt.sh
static.everyaction.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 02	`2022-11-17` - `2023-11-12`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.verygoodvault.com Amazon	`2023-01-18` - `2024-02-16`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-09` - `2023-12-08`	a year	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 06	`2023-02-04` - `2024-01-30`	a year	crt.sh
vgs-collect-keeper.apps.verygood.systems R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Frame ID: 5F537BF849DF4036195027B0EA86784A
Requests: 28 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: 8F05871A3A207243D7D044DF2B2BB857
Requests: 3 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: 8E40611C7A4CF6D45914399EDC9E1650
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Frame ID: 1FD5C93D611FEE22D7CC34F6066417B9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

National September 11 Memorial Museum

Detected technologies

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

1396 kB
Transfer

3777 kB
Size

21
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.911memorial.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request tbEik9B6oEOTcAU1idq9Bg2 Show response
secure.everyaction.com/ 7 KB
4 KB 408ms
393ms Document
text/html 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9becf34350867e02aa0bb7377b2f4794da1d558e16a037365e309c3b9dff6497

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Thu, 16 Feb 2023 00:15:56 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 4-102373342-102373344 NNNN CT(85 178 0) RT(1676506556946 9) q(0 0 3 0) r(4 4) U18
x-xss-protection: 1; mode=block

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 816 KB
231 KB 140ms
7ms Script
application/javascript 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a375c73719b6d5adad42244dcce431007241beb2ea97692bf4480c75cff2e235

Request headers

Referer: https://secure.everyaction.com/
Origin: https://secure.everyaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:38:22 GMT
content-encoding: gzip
via: 1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 31069
x-cache: Hit from cloudfront
content-length: 235528
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "0f4c337a2d1daf144aa5bbd2008d89a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: pMBPrqahsUXqGLAqddKQATVKinPumKIrp5PCumGfpdbD6UCCVH4nUg==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 142ms
6ms Stylesheet
text/css 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0ea2cc3d3538d47ededa650526e4fe257df96ba03dba29ef10f4086367e1e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:38:22 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 31070
x-cache: Hit from cloudfront
content-length: 11464
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "b891ddabfd347e1f4bc3612e552a7d68"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: hejkjR8_OrRLmEcdp5t0g3wdeldhzdULRI48lwn4GscfWTYYkQuy8w==

GET
H/1.1 200
OK bsdtools.min.css
nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/ 14 KB
14 KB 543ms
99ms Stylesheet
text/css 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/bsdtools.min.css
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: be85f23fb7a0819b9421e35aae547ee9e51865ef40c54f1ef231f17194da3e31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Feb 2023 00:15:57 GMT
Last-Modified: Tue, 16 Feb 2021 04:05:59 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D8D2302AEA7A44
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 400e34f7-e01e-004d-399b-4188bd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 13873

GET
H/1.1 200
OK welcome-styles.css
nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/ 11 KB
11 KB 548ms
101ms Stylesheet
text/css 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/welcome-styles.css
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 379c200e3b9fb94cdc9d561cbee0e2040a430fd76122e94f29576420d77b543c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Feb 2023 00:15:57 GMT
Last-Modified: Wed, 10 Mar 2021 17:52:29 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D8E3ED4610C38E
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 2a8ced75-301e-0003-4f9b-41a635000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 10799

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:15:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 15:15:40 GMT

GET
H2 200 910001.js Show response
cdn.optimizely.com/js/ 193 KB
56 KB 299ms
141ms Script
text/javascript 2a02:26f0:dc:388::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/910001.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:388::13b8 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

321ccbdad08edc35d690fd8e9345caf37989fef55c75f59931da2d4995b6b874

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 9_OQMDaaMgyJpAfaaoWR9ToOWe4Q.LoW
content-encoding: gzip
date: Thu, 16 Feb 2023 00:15:57 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: 78GQ2N03SC899XBV
x-amz-meta-revision: 4068
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=20, origin; dur=102, cdn;desc="AkamaiION";dur=0,rtt;desc="16";dur=0,cdnip;desc="2a02:26f0:dc:388::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 56129
x-amz-id-2: 8C43ybQXNUUcMNxek+4doh6I/vo7ZqFKdHaQ/bEGrFOsxx48IhOYz8YX5ZH6iU3cG2OqLxFRqZQ=
last-modified: Fri, 02 Feb 2018 19:13:25 GMT
server: AmazonS3
etag: "6694c7ed8b9171d9f3eefe63f9dc621f"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/ 134 KB
44 KB 199ms
35ms Script
application/javascript 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff

Request headers

Referer: https://secure.everyaction.com/
Origin: https://secure.everyaction.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: uQF6CVoMnT1mOHvFavSn8ur6rXtO9Qh9
Content-Encoding: gzip
Via: 1.1 127e1ddb6224f10ae9e484392afd1b6c.cloudfront.net (CloudFront)
Date: Thu, 16 Feb 2023 00:15:57 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 35
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:52 GMT
Server: AmazonS3
ETag: W/"2eb620d1b4f90db03c929f89d188cf80"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: L3LGiUBlBUhuk2vGvY8H9q27E5WhLykbQCPvjdiqPtkanR2jYB64ew==

GET
H2 200 _Incapsula_Resource Show response
secure.everyaction.com/ 141 KB
20 KB 13ms
13ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1577231810
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 43c23c17a242c9023f0c417ebd5644468d1756b823d6252b0a4fd162f36ec153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20617
content-type: application/javascript

GET
H/1.1 404
The specified blob does not exist. background-image.jpg
nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/img/ 215 B
215 B 100ms
100ms Image
application/xml 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/img/background-image.jpg
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/bsdtools.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 34efe94396f7ffb8b5a505d27c6d374c152fcc04982a7b2a5ef57173d2b12b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/bsdtools.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 16 Feb 2023 00:15:57 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Type: application/xml
Access-Control-Allow-Origin: *
x-ms-request-id: 2a8ceec1-301e-0003-619b-41a635000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 215

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 118 KB
47 KB 51ms
14ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/489E) /
Resource Hash: 04c0e76669750440eedbda5b14314f0c3f3f28fb7f6dc719c95ef606af8f8ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 16 Feb 2023 00:15:58 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: h4Oif1EgSoBMW/uWvEgbaw==
age: 1597
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.10.min.js
content-length: 47335
x-ms-lease-status: unlocked
last-modified: Mon, 13 Feb 2023 18:12:26 GMT
server: ECAcc (ama/489E)
x-ms-meta-aijssdkver: 2.8.10
etag: 0x8DB0DEDDD07F1CC
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 8d8fd2ca-501e-007b-0598-414f9c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 16 Feb 2023 00:45:58 GMT

GET
H2 200 _Incapsula_Resource
secure.everyaction.com/ 1 B
35 B 6ms
6ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8810235794925667
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 6ms
6ms Stylesheet
text/css 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ed3c28af5cb61373b2fb6a4f29757b73620733cfb618211ab4c20b8fc01e2a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 15:38:23 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 31055
x-cache: Hit from cloudfront
content-length: 14216
last-modified: Tue, 14 Feb 2023 15:37:34 GMT
server: AmazonS3
etag: "785ce35bbf958461e8ba0d58b523c541"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: eqPrXiuDu6I5DApYVMpKT7Jc8MIYaPE8oy1eanrdq6kdDzx6eiiDfA==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 523ms
440ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

cc1f4ff3b196dd65f0f34801f792cb8cdcd63604e2ec66d9651f868dc52b31f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-2GcnsFeItcCoiZITHufG/PgZ1PQ"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 10-53261578-53261581 NNNN CT(100 204 0) RT(1676506557712 20) q(0 0 3 0) r(4 4) U24
content-length: 192
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 tbEik9B6oEOTcAU1idq9Bg2 Show response
secure.everyaction.com/v1/Forms/ 19 KB
6 KB 184ms
184ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e699509eecd0a7f1e431fc2e6685e0a8dd61695fb6abb31d997a8dd8ffffb390

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:15:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
x-iinfo: 4-102373342-102373344 PNNN RT(1676506556946 1121) q(0 0 0 -1) r(2 2) U18
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-length: 6338
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 8F05 157 KB
50 KB 481ms
443ms Document
text/html 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://secure.everyaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 16 Feb 2023 00:15:59 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront), 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
X-Amz-Cf-Id: P_f3H1UyrmvX326meRPrI2srx2zb3aktGVlxciPtYRCirOwvz05-Hw==
X-Amz-Cf-Pop: FRA60-P3 VIE50-P1
X-Cache: RefreshHit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H2 200 intlTelInput.min.css
static.everyaction.com/ea-actiontag/assets/styles/ 19 KB
20 KB 6ms
6ms Stylesheet
text/css 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 05:18:57 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 68743
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19755
x-amz-cf-id: ugHK7fnSJodbAcV5Owutg1ZrqyIxy_m6OUUZmn2W0uuSlQESPyIRLw==

GET
H2 200 intlTelInput.js Show response
static.everyaction.com/ea-actiontag/assets/js/ 87 KB
21 KB 8ms
7ms Script
application/javascript 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a0038a6e25db3ee0970fc09cffb0fb2b0b81a8f989dcb6b60daaec096c3cf942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 23:26:43 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 12185356
x-cache: Hit from cloudfront
content-length: 20855
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
server: AmazonS3
etag: "4e9eea3ebff6224045ec4e2eb462c4f7"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: -01Cpj3_I2NHFbz8Bgk-1g-kitG8KIG-S0ttGTuEkPRdP_IUFSXzpA==

GET
H2 200 intl-tel.input.utils.js Show response
static.everyaction.com/ea-actiontag/assets/js/ 245 KB
55 KB 7ms
7ms Script
application/javascript 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 26 Nov 2022 23:26:23 GMT
content-encoding: gzip
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 7001376
x-cache: Hit from cloudfront
content-length: 56004
last-modified: Tue, 12 Apr 2022 14:33:00 GMT
server: AmazonS3
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: gTUIGH0QmGp6kQiYiXVqEQwDKGH6hqSSq36PkneOg9DcnKxPjRTfTA==

GET
H/1.1 200
OK tnffbg.jpg
nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/ 258 KB
258 KB 121ms
121ms Image
image/jpeg 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/tnffbg.jpg
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 42282bd4ca48a3bbc5bb5a7fa92f3d66522df903038ed0238f870fc908dde1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Feb 2023 00:15:57 GMT
Last-Modified: Thu, 15 Jul 2021 20:28:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D947CF0D948F9E
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: 2a8cf215-301e-0003-649b-41a635000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 263943

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cc.png
static.everyaction.com/ea-actiontag/assets/images/ 3 KB
4 KB 7ms
7ms Image
image/png 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/cc.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:22:39 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 21941600
x-cache: Hit from cloudfront
content-length: 3392
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Aru0901qw0F7fAIst7n6UU1mLLwxIlZV7yXRiLm9MLuj0pvd3ambWw==

GET
H/1.1 200
OK 911MM_Lockup_2022.png
nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/ 21 KB
22 KB 102ms
101ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/911MM_Lockup_2022.png
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 160f8921ffde0009143b07fa3e4c88a153f298534d05891f03b358381f60c657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 16 Feb 2023 00:15:57 GMT
Last-Modified: Wed, 10 Aug 2022 17:13:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8DA7AF3B5287000
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 400e3742-e01e-004d-5f9b-4188bd000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 21739

GET
H2 200 tbEik9B6oEOTcAU1idq9Bg2
secure.everyaction.com/v1/Track/ 0
144 B 107ms
106ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359&formSessionId=415f3791-9e90-4a35-b945-da1a0a6885e3&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9zZWN1cmUuZXZlcnlhY3Rpb24uY29tL3RiRWlrOUI2b0VPVGNBVTFpZHE5QmcyP3V0bV9tZWRpdW09ZW1haWwmdXRtX3NvdXJjZT05MTFtZW1vcmlhbCZ1dG1fY2FtcGFpZ249MTIyNjIyX2ZpbmFsc3RyZXRjaDEmc291cmNlaWQ9MTIyNDI1NyZlbWNpPTJjNTE0NDMxLTQ3ODEtZWQxMS05ZDdhLTAwMGQzYTllYjkxMyZlbWRpPWJmM2ExNWZjLTJkODUtZWQxMS05ZDdhLTAwMGQzYTllYjkxMyZjZWlkPTMxMjMzNTk%3D&fRef=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 16 Feb 2023 00:15:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 4-102373342-102373344 PNNN RT(1676506556946 1372) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 8E40 157 KB
50 KB 411ms
377ms Document
text/html 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://secure.everyaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 16 Feb 2023 00:15:59 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront), 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: vIeg8NHmfIRKNWvECZgNMpJzJwo9ak4nDyYvkiFHJH1fv5ey82iLiA==
X-Amz-Cf-Pop: FRA60-P3 VIE50-P1
X-Cache: Hit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 1FD5 157 KB
50 KB 409ms
374ms Document
text/html 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990

Request headers

Referer: https://secure.everyaction.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 16 Feb 2023 00:15:59 GMT
ETag: W/"97f82781c5ac2a3b3eba82e1acd3a414"
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront), 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 5nHVmtusijDAYdbHVJY8Jm1lwQ6ZZtjcQrvJgPCcdgkBzEIl_q_WrQ==
X-Amz-Cf-Pop: FRA60-P3 VIE50-P1
X-Cache: Hit from cloudfront
x-amz-version-id: AYlU8OsANyylDz5dU9HvCSPOdq6NIWUJ

GET
H2 200 flags.png
static.everyaction.com/ea-actiontag/assets/images/ 20 KB
20 KB 8ms
7ms Image
image/png 2600:9000:206f:f400:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/flags.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:f400:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:05:08 GMT
via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 21280251
x-cache: Hit from cloudfront
content-length: 20389
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ipmafZhxbqlZ-26yPvDAE5zuxiXH7RNzFwDJx4GWPl2LhxhQMAtQxQ==

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/V4HGmVAVwlQERViRp0_W8Obi/ 2 B
964 B 394ms
381ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/V4HGmVAVwlQERViRp0_W8Obi/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:15:58 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://secure.everyaction.com
x-iinfo: 8-87417387-87417389 NNNN CT(86 177 0) RT(1676506558580 7) q(0 0 3 0) r(4 4) U5
access-control-allow-credentials: true
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 1FD5 326 KB
106 KB 451ms
451ms Script
application/javascript 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
Date: Thu, 16 Feb 2023 00:16:00 GMT
X-Amz-Cf-Pop: VIE50-P1
Transfer-Encoding: chunked
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: -RK0wj01cH6jglJNxZIZKidB-E5R3j5CzSXbIRrypHewcdhBJSO-Mw==

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 8F05 326 KB
106 KB 442ms
442ms Script
application/javascript 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
Date: Thu, 16 Feb 2023 00:16:00 GMT
X-Amz-Cf-Pop: VIE50-P1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: UVfc1rtc3Xt4ciPPfw99_Urq6zMGHOWnqBKEkKkn_G5zoH-u1LHH4g==

GET
H/1.1 200
OK application.ca8d1b8fa577638f88ac.modern.js Show response
js.verygoodvault.com/vgs-collect/2.14.0/lib/ Frame 8E40 326 KB
106 KB 389ms
389ms Script
application/javascript 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: sVrEgyQ8GQan.AjpxIaVceYuM1BXokjx
Content-Encoding: gzip
Via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
Date: Thu, 16 Feb 2023 00:16:00 GMT
X-Amz-Cf-Pop: VIE50-P1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2022 01:07:54 GMT
Server: AmazonS3
ETag: W/"8fc37cf0f7978064257597fe8b81fbed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Vary: Accept-Encoding
X-Amz-Cf-Id: FJzfBZCYeNYAiK1D6Pg0VjoWw1S4HaIbtNK1yRzUcUC5kAQTPrukyQ==

GET
H2 204 V4HGmVAVwlQERViRp0_W8Obi Show response
secure.everyaction.com/Databag/Profile/ 0
233 B 99ms
99ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/V4HGmVAVwlQERViRp0_W8Obi

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.everyaction.com/tbEik9B6oEOTcAU1idq9Bg2?utm_medium=email&utm_source=911memorial&utm_campaign=122622_finalstretch1&sourceid=1224257&emci=2c514431-4781-ed11-9d7a-000d3a9eb913&emdi=bf3a15fc-2d85-ed11-9d7a-000d3a9eb913&ceid=3123359
traceparent: 00-fc81bf85a3784a978bfc6983e8f11936-b1a619b8f0d24ca8-01
Request-Id: |fc81bf85a3784a978bfc6983e8f11936.b1a619b8f0d24ca8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:15:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
x-iinfo: 4-102373342-102373344 PNNN RT(1676506556946 2029) q(0 0 0 -1) r(1 1) U11
access-control-expose-headers: Request-Context
cache-control: private
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 V4HGmVAVwlQERViRp0_W8Obi Show response
secure.ngpvan.com/Databag/Profile/ 0
968 B 501ms
443ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/V4HGmVAVwlQERViRp0_W8Obi

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.everyaction.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:15:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://secure.everyaction.com
x-iinfo: 10-53261578-53261612 NNNN CT(99 207 0) RT(1676506557712 923) q(0 0 3 0) r(4 4) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
DATA 200
OK truncated
/ Frame 8E40 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
1 KB 18ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding: gzip
Via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 04:56:34 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 72423
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: J1WJTtNbvx7R1VAK1nZGufE_4AdUTIOy8HikSPInQg8AwPA4ygy3kw==

GET
H/1.1 200
OK visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
2 KB 19ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding: gzip
Via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 04:12:56 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 72184
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: VVGt3rdEAQJUf6ilQEYUaUhN-YJvdrsrRrDUbCmMx5AdD62Dk2utpQ==

GET
H/1.1 200
OK amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
1 KB 20ms
18ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding: gzip
Via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 07:52:20 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 59310
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Ih7J_9obBxOaTfizO9umUZBy7zCT40aldubEkf5Jm8Dz7ethEXRyaQ==

GET
H/1.1 200
OK maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
4 KB 36ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding: gzip
Via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 02:59:55 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 76565
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: qoeWEKEQO_1ub37Ft3S9wyITL8h7dvzXlQEjxPStHDib-KX877WeMw==

GET
H/1.1 200
OK mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
1 KB 37ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding: gzip
Via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 03:06:16 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 76184
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 5EGbGUv5NjFOTwkucJhVScxeRO3XryylV5o3DLpOVrsPTIlSUuYwMA==

GET
H/1.1 200
OK unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
5 KB 37ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding: gzip
Via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 03:07:25 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 78024
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 4qp_67FhDDtA928ZFfT5BAiyojD9K2LlpTqQgSdfWx6z5nV1v2tQxg==

GET
H/1.1 200
OK meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
7 KB 36ms
18ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding: gzip
Via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 02:20:44 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 79935
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: giefAY81qtXHh40b60su3I8RXU8BOsHSNaIbhhtbhOKixm6TXu8j3Q==

GET
H/1.1 200
OK jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
2 KB 34ms
17ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding: gzip
Via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 07:23:54 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 60759
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: At7FZ0A4aAzKYYmYzCwgqhi7Y72-9IJFmg28gNZzh-nCFEgywE6Y9g==

GET
H/1.1 200
OK hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
3 KB 39ms
22ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding: gzip
Via: 1.1 1c6954b6a2b349a78fb0daa669c3e984.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 03:02:53 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 76387
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: xTjVGSB_RHAUQ3kiInU_oZsIXqU0uIf6an6Og3I7L4RzMel1SD-7zg==

GET
H/1.1 200
OK forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
2 KB 23ms
22ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding: gzip
Via: 1.1 8c71fe23914182493dae4cb15c841346.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 03:07:25 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 76387
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"0e30901c80583be81a54ad19e75340a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: vpDoFEs0zlnp9T8c_jLs2oCJ5nQAVU6UqPoal1Bqg0xvNEzvEuy0rw==

GET
H/1.1 200
OK elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
2 KB 22ms
22ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding: gzip
Via: 1.1 353b8eaf90b8d7986000f2da151952bc.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 08:55:06 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 55254
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: db5MogjBZCWflqlXMM9T0UWr5fydfVN38bcs3FFkmUkAsho6xmPPew==

GET
H/1.1 200
OK discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
2 KB 23ms
23ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding: gzip
Via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 07:48:06 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 59273
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: Co6m4kaKSp0pKHhn2GkiBFMjpk1ybli56m89xZ6ZUHqXGvMmz8tShg==

GET
H/1.1 200
OK diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
1 KB 21ms
21ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding: gzip
Via: 1.1 9127bf22c332a88edd7d5939b5870d1e.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 09:10:07 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 54353
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 3WwPRcLLicCd1EjFau_TuEhuCUsSYut4dnp-x1tYn4J__Zt2Y79gWw==

GET
H/1.1 200
OK dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 8E40 0
1 KB 21ms
21ms Other
image/svg+xml 18.66.15.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-112.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding: gzip
Via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
Date: Wed, 15 Feb 2023 23:29:08 GMT
X-Amz-Cf-Pop: VIE50-P1
Age: 3019
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: zuKKZxZSEfmjHuVWgMZJGHElXxtbp-Hk_AFkTfT73A_TF7hSXD_ruQ==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 267ms
17ms Preflight 13.69.106.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-length: 0
date: Thu, 16 Feb 2023 00:15:58 GMT
x-content-type-options: nosniff

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
281 B 62ms
61ms XHR
application/json 13.69.106.90
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

31011b0ffcd6e342bd17900f2f36303e05a55db177ba6a9e6ead8df061554f77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 535D45F8-5AB1-453A-9CE6-259B8E799B09
strict-transport-security: max-age=31536000
date: Thu, 16 Feb 2023 00:15:58 GMT
x-content-type-options: nosniff
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length: 96

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 8F05 0
157 B 401ms
103ms XHR
text/plain 54.211.187.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.14.0/lib/application.ca8d1b8fa577638f88ac.modern.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.211.187.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-211-187-158.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Thu, 16 Feb 2023 00:16:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
content-length: 0
vary: Origin

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everyaction.com/	1970-01-20 18:27:18	Name: visid_incap_823975 Value: OdSFQ/HYQxCXPl+N/4dumrx17WMAAAAAQUIPAAAAAACvEvEhOLtgoQm0e9ByDskI
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: RuyaN8F0OFEXhJYXxwoUeQAAAADtE++VT3A+gja1QGjdAWKw
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_472_823975 Value: liSLHRSHrzYFMCmtb+KMBr117WMAAAAAOE19wSyOKdeVzXX7jaa1eQ==
.secure.everyaction.com/	1970-01-20 09:41:50	Name: TiPMix Value: 4.75499261605189
.secure.everyaction.com/	1970-01-20 09:41:50	Name: x-ms-routing-name Value: self
.everyaction.com/	1970-01-20 19:17:46	Name: optimizelyEndUserId Value: oeu1676506558014r0.8079538610339838
.everyaction.com/	1970-01-20 19:17:46	Name: optimizelySegments Value: %7B%22179313636%22%3A%22gc%22%2C%22179837428%22%3A%22campaign%22%2C%22179876071%22%3A%22false%22%7D
.everyaction.com/	1970-01-20 19:17:46	Name: optimizelyBuckets Value: %7B%7D
.everyaction.com/	1970-01-20 09:41:46	Name: optimizelyPendingLogEvents Value: %5B%5D
secure.everyaction.com/	1970-01-20 18:27:22	Name: ai_user Value: N+09j9P6thztDiN48elVOq\|2023-02-16T00:15:58.173Z
secure.everyaction.com/	1970-01-20 09:41:48	Name: ai_session Value: DC/7r4pUDz+urlG4MPv0pr\|1676506558213\|1676506558213
.profile.ngpvan.com/	1970-01-20 09:41:50	Name: TiPMix Value: 0.44647292732512556
.profile.ngpvan.com/	1970-01-20 09:41:50	Name: x-ms-routing-name Value: self
profile.ngpvan.com/	1970-01-20 19:17:46	Name: ngpvanuser Value: V4HGmVAVwlQERViRp0_W8Obi
.everyaction.com/	1970-01-20 19:17:46	Name: ProfileDatabagId Value: V4HGmVAVwlQERViRp0_W8Obi
.ngpvan.com/	1970-01-20 18:27:16	Name: visid_incap_1002065 Value: unUaYScJTYeAUbm90V1Ua7517WMAAAAAQUIPAAAAAADMdfWWETSpzpnOKSI/SOmF
.ngpvan.com/	1969-12-31 23:59:59	Name: nlbi_1002065 Value: jz3kSqTMvme+MWlw0IOYSwAAAAA2S9XLI5VQNUoiB6upWKcI
.ngpvan.com/	1969-12-31 23:59:59	Name: incap_ses_1096_1002065 Value: c7z8EwXpK3PoVm31Jcc1D7917WMAAAAArmF8EBxcKXTHrQKzxkN3NQ==
.secure.ngpvan.com/	1970-01-20 09:41:50	Name: TiPMix Value: 45.43632621032055
.secure.ngpvan.com/	1970-01-20 09:41:50	Name: x-ms-routing-name Value: self
.ngpvan.com/	1970-01-20 19:17:46	Name: ProfileDatabagId Value: V4HGmVAVwlQERViRp0_W8Obi

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://nvlupin.blob.core.windows.net/images/van/EA/EA008/1/88240/images/wrapper-assets/img/background-image.jpg Message: Failed to load resource: the server responded with a status of 404 (The specified blob does not exist.)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
az416426.vo.msecnd.net
cdn.optimizely.com
dc.services.visualstudio.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
static.everyaction.com
vgs-collect-keeper.apps.verygood.systems
13.69.106.90
18.66.15.112
20.60.58.97
2600:9000:206f:f400:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:828::200a
2a02:26f0:dc:388::13b8
45.60.33.183
54.211.187.158
04c0e76669750440eedbda5b14314f0c3f3f28fb7f6dc719c95ef606af8f8ca6
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
15f75ea000cea233fe12754cffe6bb7643cdef35af66c7da08ae93ac74e08482
160f8921ffde0009143b07fa3e4c88a153f298534d05891f03b358381f60c657
31011b0ffcd6e342bd17900f2f36303e05a55db177ba6a9e6ead8df061554f77
321ccbdad08edc35d690fd8e9345caf37989fef55c75f59931da2d4995b6b874
34efe94396f7ffb8b5a505d27c6d374c152fcc04982a7b2a5ef57173d2b12b83
379c200e3b9fb94cdc9d561cbee0e2040a430fd76122e94f29576420d77b543c
42282bd4ca48a3bbc5bb5a7fa92f3d66522df903038ed0238f870fc908dde1df
43c23c17a242c9023f0c417ebd5644468d1756b823d6252b0a4fd162f36ec153
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5ed3c28af5cb61373b2fb6a4f29757b73620733cfb618211ab4c20b8fc01e2a2
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
9becf34350867e02aa0bb7377b2f4794da1d558e16a037365e309c3b9dff6497
a0038a6e25db3ee0970fc09cffb0fb2b0b81a8f989dcb6b60daaec096c3cf942
a0ea2cc3d3538d47ededa650526e4fe257df96ba03dba29ef10f4086367e1e29
a375c73719b6d5adad42244dcce431007241beb2ea97692bf4480c75cff2e235
be85f23fb7a0819b9421e35aae547ee9e51865ef40c54f1ef231f17194da3e31
cbf1ade8d5b7be4356388d9efd5187d378ea581a5e8f9c8d54ee0932262836ff
cc1f4ff3b196dd65f0f34801f792cb8cdcd63604e2ec66d9651f868dc52b31f1
dd1d8cd2907b540b21dcf7beaccf32b9daa22d264957dd35b40163b60bd68990
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e699509eecd0a7f1e431fc2e6685e0a8dd61695fb6abb31d997a8dd8ffffb390
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

secure.everyaction.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

44 %IPv6

9 Domains

11 Subdomains

10 IPs

4 Countries

1396 kBTransfer

3777 kBSize

21 Cookies

1 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

44 %
IPv6

9
Domains

11
Subdomains

10
IPs

4
Countries

1396 kB
Transfer

3777 kB
Size

21
Cookies

49 HTTP transactions
2 data transactions