Submitted URL: https://click.everyaction.com/k/15558900/164298653/1479041321?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL...
Effective URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl...
Submission: On March 02 via api from BE

Summary

This website contacted 18 IPs in 7 countries across 17 domains to perform 81 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 19th 2019. Valid for: 2 years.
This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 45.60.33.183 19551 (INCAPSULA)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 52.239.157.138 8075 (MICROSOFT...)
3 143.204.101.49 16509 (AMAZON-02)
9 2600:9000:20e... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 2606:2800:234... 15133 (EDGECAST)
1 16 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f12... 32934 (FACEBOOK)
3 143.204.98.128 16509 (AMAZON-02)
2 51.140.6.23 8075 (MICROSOFT...)
2 13.224.194.11 16509 (AMAZON-02)
8 3.132.231.251 16509 (AMAZON-02)
1 88.221.63.221 16625 (AKAMAI-AS)
81 18
Domain Requested by
16 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
secure.everyaction.com
az416426.vo.msecnd.net
10 secure.everyaction.com secure.everyaction.com
az416426.vo.msecnd.net
9 d3rse9xjbp8270.cloudfront.net secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
www.google-analytics.com
8 client-analytics.braintreegateway.com az416426.vo.msecnd.net
5 stats.g.doubleclick.net secure.everyaction.com
5 nvlupin.blob.core.windows.net secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
4 connect.facebook.net secure.everyaction.com
connect.facebook.net
3 d1aqhv4sn5kxtx.cloudfront.net www.googletagmanager.com
secure.everyaction.com
3 www.facebook.com secure.everyaction.com
3 www.googletagmanager.com secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
3 js.verygoodvault.com secure.everyaction.com
js.verygoodvault.com
2 payments.braintree-api.com az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 platform.twitter.com secure.everyaction.com
platform.twitter.com
1 checkout.paypal.com d3rse9xjbp8270.cloudfront.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 fastaction.ngpvan.com d3rse9xjbp8270.cloudfront.net
1 az416426.vo.msecnd.net secure.everyaction.com
1 code.jquery.com secure.everyaction.com
1 click.everyaction.com 1 redirects
81 21

This site contains links to these domains. Also see Links.

Domain
jvp.org
fastaction.ngpvan.com
jewishvoiceforpeace.org
Subject Issuer Validity Valid
*.everyaction.com
Sectigo RSA Domain Validation Secure Server CA
2019-02-19 -
2021-02-18
2 years crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 1
2020-01-28 -
2022-01-28
2 years crt.sh
*.verygoodvault.com
Amazon
2019-05-15 -
2020-06-15
a year crt.sh
*.cloudfront.net
DigiCert Global CA G2
2019-07-17 -
2020-07-05
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2
2018-03-30 -
2020-03-30
2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-01-16 -
2020-04-15
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-02-12 -
2020-05-06
3 months crt.sh
*.ngpvan.com
RapidSSL RSA CA 2018
2018-02-08 -
2021-02-07
3 years crt.sh
dc.services.visualstudio.com
Microsoft IT TLS CA 5
2019-11-18 -
2021-11-18
2 years crt.sh
payments.braintree-api.com
DigiCert SHA2 Extended Validation Server CA
2019-03-04 -
2021-03-08
2 years crt.sh
client-analytics.braintreegateway.com
DigiCert Global CA G2
2018-06-18 -
2020-06-17
2 years crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA
2019-07-31 -
2021-09-29
2 years crt.sh

This page contains 5 frames:

Primary Page: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Frame ID: 4FB533FB1AF5A5D899D25743B1EA536C
Requests: 79 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fsecure.everyaction.com
Frame ID: 0C1AFF4306E8959E6DE51A5CD78E7FD4
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2044576886749751465&formId=randomId204712339643980499&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: 2E18645E28248FD58B7CD3FC5E230A5E
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId207923518019756521&formId=randomId204712339643980499&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: DE857967621DF41F632A94699CCD7E81
Requests: 1 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: 658C3C9E89689FC293FAF9D853C5EA69
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://click.everyaction.com/k/15558900/164298653/1479041321?sourceid=1000437&ms=emft&contactdata=IlckwnR... HTTP 302
    https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

81
Requests

100 %
HTTPS

47 %
IPv6

17
Domains

21
Subdomains

18
IPs

7
Countries

1588 kB
Transfer

3768 kB
Size

25
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.everyaction.com/k/15558900/164298653/1479041321?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO/PH5vMut7N7anWHOi8tBriJynZfJAgCi/GpRZ8AWyERwThAZX/sAnkyyk/yEieW4yHQPyOBcVj3pww==&nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ==&hmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0=&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022 HTTP 302
    https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=689742526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=18&_u=aGHACEALB~&jid=340631424&gjid=894301520&cid=568429542.1583131046&tid=UA-28243511-20&_gid=1473791041.1583131046&_r=1&gtm=2wg2j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000437&cd5=%5BC3%5D%20Standard%20Donate%20Page&cd6=b5-NLp5380at34y9v7fS5Q2&z=1154320578 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=568429542.1583131046&jid=340631424&_gid=1473791041.1583131046&gjid=894301520&_v=j81&z=1154320578

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set b5-NLp5380at34y9v7fS5Q2
secure.everyaction.com/
Redirect Chain
  • https://click.everyaction.com/k/15558900/164298653/1479041321?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO/PH5vMut7N7anWHOi8tBriJynZ...
  • https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgC...
21 KB
8 KB
Document
General
Full URL
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
4210a603acda3a932fe485d119d64f238fd0abb448dc1a598f750599ce1d87e7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
secure.everyaction.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
visid_incap_1392949=CTeuxUzmTSa6az2tH/9RhqOpXF4AAAAAQUIPAAAAAABN8swxhNRMNi3DeNJdinrN; nlbi_1392949=WqezQk2xZU21074tuiPdvwAAAACflDZNtzvp/INZGhyaZvpX; incap_ses_246_1392949=WZDweHyWtiNtkgF6D/hpA6WpXF4AAAAAGBFwmSPBDkl+TGLU4gFZLQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Mon, 02 Mar 2020 06:37:24 GMT
Set-Cookie
visid_incap_823975=FZPedsuMQ7y4NTfDmeJfWqSpXF4AAAAAQUIPAAAAAACFOY1ai9sxrS5EZF87qZGN; expires=Mon, 01 Mar 2021 17:37:20 GMT; path=/; Domain=.everyaction.com nlbi_823975=CifiNRVNk1IqZ+vHOu0ZEgAAAADTuOJuV33TT4Cch5Gy6TGi; path=/; Domain=.everyaction.com incap_ses_246_823975=OvmLPLU2SWy0kgF6D/hpA6WpXF4AAAAAa/VezlkwDaxV6Iu+WJk3eQ==; path=/; Domain=.everyaction.com TiPMix=84.5489824584448; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; SameSite=None; Secure ; Secure; SameSite=None; Secure
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
0-917826-917827 NNNY CT(0 0 0) RT(1583131044066 22) q(0 0 0 0) r(2 2) U12

Redirect headers

Cache-Control
no-cache
Pragma
no-cache
Expires
-1
Location
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
X-Powered-By
ASP.NET
Date
Mon, 02 Mar 2020 06:37:24 GMT
Content-Length
0
Set-Cookie
visid_incap_1392949=CTeuxUzmTSa6az2tH/9RhqOpXF4AAAAAQUIPAAAAAABN8swxhNRMNi3DeNJdinrN; expires=Mon, 01 Mar 2021 17:37:38 GMT; path=/; Domain=.everyaction.com nlbi_1392949=WqezQk2xZU21074tuiPdvwAAAACflDZNtzvp/INZGhyaZvpX; path=/; Domain=.everyaction.com incap_ses_246_1392949=WZDweHyWtiNtkgF6D/hpA6WpXF4AAAAAGBFwmSPBDkl+TGLU4gFZLQ==; path=/; Domain=.everyaction.com
X-CDN
Incapsula
X-Iinfo
11-7848525-7848529 NNNN CT(86 177 0) RT(1583131043627 26) q(0 0 3 1) r(4 4) U11
jquery-3.2.1.min.js
code.jquery.com/
85 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.2.1.min.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Mar 2020 06:37:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 20 Mar 2017 19:01:15 GMT
Server
nginx
ETag
W/"58d026fb-15283"
Vary
Accept-Encoding
X-HW
1583131045.dop054.fr8.t,1583131045.cds159.fr8.shn,1583131045.cds159.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
30125
EA_Callbacks_Embed_Donate.js
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/
23 KB
24 KB
Script
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
41016289e5a7829fb7eaf56232ae725d65264bfbfda98bb094effb883c671bf8

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Mar 2020 06:37:24 GMT
Last-Modified
Wed, 23 Jan 2019 18:51:45 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D68163D260B94C
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
ddfd50d6-601e-0123-345d-f03866000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
23484
jvp-recurring.js
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/
4 KB
5 KB
Script
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/jvp-recurring.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
78f7fa806f3a998e72f68267fb7872bc6da94df6573eeddb157633148f8cc23e

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Mar 2020 06:37:24 GMT
Last-Modified
Wed, 23 Jan 2019 19:04:31 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D681659B3C309A
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
x-ms-request-id
2400904e-c01e-008b-235d-f0aa26000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
4328
script-error
secure.everyaction.com/js/
228 B
1 KB
Script
General
Full URL
https://secure.everyaction.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Iinfo
0-917826-917827 SNNy RT(1583131044066 178) q(0 0 0 -1) r(1 1) U4
Content-Length
258
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified
Mon, 02 Mar 2020 06:37:25 GMT
X-Frame-Options
SAMEORIGIN
Date
Mon, 02 Mar 2020 06:37:24 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
Tue, 02 Mar 2021 06:37:25 GMT
jews-for-peace_donate-page.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/
554 KB
555 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/jews-for-peace_donate-page.png
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
4576358f7bcf6cc28cbe32cb068706808834f17d66e33e8ec27bc8af50dd0798

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Mar 2020 06:37:25 GMT
Last-Modified
Fri, 15 Nov 2019 21:15:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D76A10E394C8FF
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
16714a4d-b01e-00e2-0f5d-f0f58a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
567555
jvp-logo_full.svg
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/
5 KB
6 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/jvp-logo_full.svg
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
58dd92b26521eecae86002911ed654348aa10eb962dc3854582caa5643e792ef

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Mar 2020 06:37:24 GMT
Last-Modified
Thu, 14 Nov 2019 06:24:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D768CB596211F3
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
5949167d-d01e-00db-405d-f0b52e000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
5234
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/
76 KB
24 KB
Script
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-49.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding
gzip
Age
935
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Via
1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Last-Modified
Fri, 13 Dec 2019 10:03:51 GMT
Server
AmazonS3
Date
Mon, 02 Mar 2020 06:37:16 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
LonZ0ZOa3diD0aMVQyg5xXsb5whwWK-8eYNq_nl0MVcfIHlNYw06lQ==
at.js
d3rse9xjbp8270.cloudfront.net/
805 KB
228 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f22c6ae24b608e03249eb0be489e3a53d748b3190582772405ffb93ed12a70b8

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 01:07:44 GMT
content-encoding
gzip
age
19782
x-cache
Hit from cloudfront
status
200
content-length
232907
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified
Tue, 25 Feb 2020 16:21:51 GMT
server
AmazonS3
etag
"ec1dd08462375501a44b0062cd90ec6f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
p12foA-sN9Sw5hS2NFBAl7AYcxj-ZEnmaUh42X09jcyhtSTIBMgnWg==
base-js.gif
secure.everyaction.com/Content/images/
35 B
320 B
Image
General
Full URL
https://secure.everyaction.com/Content/images/base-js.gif
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-Iinfo
0-917826-917756 2VNN RT(1583131044066 694) q(0 0 0 -1) r(4 4)
Date
Mon, 02 Mar 2020 06:37:25 GMT
Last-Modified
Mon, 24 Feb 2020 22:27:52 GMT
X-CDN
Incapsula
Etag
"064cba661ebd51:0"
Content-Length
35
Content-Type
image/gif
_Incapsula_Resource
secure.everyaction.com/
132 KB
19 KB
Script
General
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=385246108
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
69932bbc68cd3d17b9e80859d2ddc9028c1fdfddfdbbff948061ae1ef67b622b

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
19171
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/
77 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKGP5VG
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8f07050edf29d7b852fa21d18d9ea17a83a7d2e4fff06fb41ef7768ecfccbead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 06:37:25 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
25253
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 06:37:25 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/
94 KB
22 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8AAA) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 02 Mar 2020 06:37:25 GMT
content-encoding
gzip
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
402
x-cache
HIT
status
200
content-length
22495
x-ms-lease-status
unlocked
last-modified
Tue, 04 Feb 2020 19:23:51 GMT
server
ECAcc (ama/8AAA)
etag
0x8D7A9A7C460F06C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
92d5b7a3-d01e-00fa-4e5c-f02d03000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
gtm.js
www.googletagmanager.com/
85 KB
27 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab8122460b24a6f0076ca9d12295ca427d186a4071abe3671b40480a187f9c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 06:37:25 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
27298
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 06:37:25 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd11702803f042c8d4ad68bd46bda46c2afaf9c7656379296faa6b0549a75467
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9wHhDPvzFg8WgOcOzbcaig==
status
200
date
Mon, 02 Mar 2020 06:37:25 GMT, Mon, 02 Mar 2020 06:37:25 GMT
expires
Mon, 02 Mar 2020 06:50:42 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1779
x-fb-debug
aqlZWxmMPhu/YrTEpcEyst0tRKEFsEe8Xi11FxHjuipE6/bD1KBdgwbEyMsI4EO6u5SWCf+oSpaJnNJDjxzulA==
x-fb-trip-id
1850256238
x-fb-content-md5
1bc333c60ace70df25e7bec0e70ab66e
etag
"b8833f4231b18f980679e4a29040389a"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 02 Mar 2020 06:37:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Feb 2020 00:16:08 GMT
Server
ECS (fcn/4197)
Age
367
Etag
"b184acc5626add1721a10b1738df2dbe+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Content-Type
application/javascript; charset=utf-8
Content-Length
29101
sdk.js
connect.facebook.net/en_US/
389 KB
113 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=b7a72cc8ef57ed5bc17b827010dd2190&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e49088654cdb561d777ecb0b5b1ef6414c6e894d9383172b8b66f22a3de5e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
script
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
B/6pdOL/hoCanOkOYMPdJQ==
status
200
date
Mon, 02 Mar 2020 06:37:25 GMT, Mon, 02 Mar 2020 06:37:25 GMT
expires
Tue, 02 Mar 2021 06:30:42 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
115273
x-fb-debug
SUFCKUUEQR7veRaXXUX6h12KlHm5yfn7C19Pq+OZ7ZU/MdaMLdXysosMkgE05+9EEsot0oHLVUV5mdGavbEfPw==
x-fb-trip-id
1850256238
x-fb-content-md5
8e3816cd21a322ba27d3cf8b5f4686d4
etag
"12f9fd9fd9d0406d0b9a387dcac61123"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/
44 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
2714
date
Mon, 02 Mar 2020 05:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Mon, 02 Mar 2020 07:52:11 GMT
fbevents.js
connect.facebook.net/en_US/
126 KB
30 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
xM/6lLyV7pknhANHx/ZOe/CFz04/xCZEIVHC0cqL9pWaRW5WK7XrIXOOPcFjBC/7AEXVEqZqHKXQoSUVHr6Uig==
x-fb-trip-id
1850256238
date
Mon, 02 Mar 2020 06:37:25 GMT, Mon, 02 Mar 2020 06:37:25 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
with-js.gif
secure.everyaction.com/Content/images/
35 B
321 B
Image
General
Full URL
https://secure.everyaction.com/Content/images/with-js.gif
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

X-Iinfo
7-9882123-9882117 2VNN RT(1583131044778 60) q(0 0 0 -1) r(4 4)
Date
Mon, 02 Mar 2020 06:37:25 GMT
Last-Modified
Mon, 24 Feb 2020 22:27:52 GMT
X-CDN
Incapsula
Etag
"064cba661ebd51:0"
Content-Length
35
Content-Type
image/gif
widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html
platform.twitter.com/widgets/ Frame 0C1A
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fsecure.everyaction.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40DE) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
541073
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 02 Mar 2020 06:37:25 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Tue, 25 Feb 2020 00:11:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DE)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5825
ec.js
www.google-analytics.com/plugins/ua/
3 KB
3 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 06:33:04 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
261
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
2779
x-xss-protection
0
expires
Mon, 02 Mar 2020 07:33:04 GMT
collect
www.google-analytics.com/
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAL~&jid=1586865224&gjid=692974525&cid=568429542.1583131046&tid=UA-62682497-4&_gid=1473791041.1583131046&gtm=2wg2j0PM473M&z=242066050
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779841
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-62682497-4&cid=568429542.1583131046&jid=1586865224&gjid=692974525&_gid=1473791041.1583131046&_u=YGBAgAAL~&z=1525308762
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 02 Mar 2020 06:37:25 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
536760203565689
connect.facebook.net/signals/config/
447 KB
112 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/536760203565689?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
db862a148ea9755a0fb506fed0193e9638e1a2c671151ee5ac112722fedf3429
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114947
x-xss-protection
0
pragma
public
x-fb-debug
9rY1S52emFOgsa+RtPY07C/7tqx/x3mQLQ96H2MKh5/6HyMNx2NOLjVxbTujPFugS0qh856VyBjFc6TIE2hOUg==
x-fb-trip-id
1850256238
date
Mon, 02 Mar 2020 06:37:25 GMT, Mon, 02 Mar 2020 06:37:25 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
_Incapsula_Resource
secure.everyaction.com/
1 B
123 B
Image
General
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2630993045745673
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
identity
profile.ngpvan.com/
72 B
1 KB
Script
General
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
a92b0f121bb1dc7129a0afadfb2f4d65dec60ad405088382e7be4dcc0e8a9510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 02 Mar 2020 06:37:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
X-Iinfo
5-21242767-21242772 2NNN RT(1583131044985 23) q(0 0 0 0) r(0 1) U1
ETag
W/"48-xD7OnxZowotpO5gfKpr4+sdTMzA"
Content-Type
text/javascript; charset=utf-8
Content-Length
190
X-CDN
Incapsula
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
gtm.js
www.googletagmanager.com/
74 KB
24 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
178472c41d58ab292d43b56d6ca6c8d014522b947af4e0252a012a333fa06e0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Mon, 02 Mar 2020 06:37:25 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
24577
x-xss-protection
0
last-modified
Mon, 02 Mar 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 02 Mar 2020 06:37:25 GMT
at.min.css
d3rse9xjbp8270.cloudfront.net/
111 KB
21 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0cb17862dc210b7118bc21e60db77fae45fe6ebce128b0427bca031fd3010

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 02:27:35 GMT
content-encoding
gzip
age
14991
x-cache
Hit from cloudfront
status
200
content-length
20576
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified
Tue, 25 Feb 2020 16:21:51 GMT
server
AmazonS3
etag
"add53ccab6eb385bcafb92d3af678b8b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
KSibcoorip1xqyuqrsXUfQTT7ywii7dXFkYTJkHfxEF_W-QN8j_OBA==
extra.min.css
d3rse9xjbp8270.cloudfront.net/
92 KB
16 KB
Stylesheet
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d972cb3eb8727e4f2ea30aed262d195a0e504e8d63359e268139931f0c64d253

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Mon, 02 Mar 2020 01:54:38 GMT
content-encoding
gzip
age
16968
x-cache
Hit from cloudfront
status
200
content-length
15885
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified
Tue, 25 Feb 2020 16:21:51 GMT
server
AmazonS3
etag
"151497a0ef802e3be81c7a322803dadc"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
lCwgdMC4K_z-fzRVc3Cuq8xAan4xpJA0vWxkH4x7hVTC26dlk7BS_w==
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEAL~&jid=475116512&gjid=1958134842&cid=568429542.1583131046&tid=UA-153397523-1&_gid=1473791041.1583131046&gtm=2wg2j0TKGP5VG&z=605474982
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779841
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-153397523-1&cid=568429542.1583131046&jid=475116512&gjid=1958134842&_gid=1473791041.1583131046&_u=aGDAgEAL~&z=1028519339
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 02 Mar 2020 06:37:25 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAiEALB~&jid=305943735&gjid=1074037726&cid=568429542.1583131046&tid=UA-153397523-7&_gid=1473791041.1583131046&gtm=2wg2j0TKGP5VG&z=1894941293
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779841
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-153397523-7&cid=568429542.1583131046&jid=305943735&gjid=1074037726&_gid=1473791041.1583131046&_u=aGHAiEALB~&z=728638450
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 02 Mar 2020 06:37:25 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
b5-NLp5380at34y9v7fS5Q2
secure.everyaction.com/v1/Forms/
20 KB
7 KB
XHR
General
Full URL
https://secure.everyaction.com/v1/Forms/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2FPH5vMut7N7anWHOi8tBriJynZfJAgCi%2FGpRZ8AWyERwThAZX%2FsAnkyyk%2FyEieW4yHQPyOBcVj3pww%3D%3D&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
28e8f49ffa0082647299139a12b12b8df2a6de1f3789876c7dde2e6f7582a3c7
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Request-Id
|Nl236.47CyJ
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
12-14068600-14068603 NNNY CT(0 0 0) RT(1583131044956 39) q(0 1 1 -1) r(2 2) U2
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma
no-cache
Last-Modified
Mon, 02 Mar 2020 06:37:26 GMT
Date
Mon, 02 Mar 2020 06:37:25 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
ETag
"040eb5eb-ee37-47df-a07c-85bd263df6e0"
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
-1
/
www.facebook.com/tr/
44 B
349 B
Image
General
Full URL
https://www.facebook.com/tr/?id=536760203565689&ev=PageView&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&rl=&if=false&ts=1583131045994&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1583131045994.548608956&it=1583131045842&coo=false&rqm=GET
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 06:37:26 GMT, Mon, 02 Mar 2020 06:37:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 02 Mar 2020 06:37:26 GMT
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/
8 KB
9 KB
Script
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-128.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Sun, 01 Mar 2020 06:44:15 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Age
85992
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Tue, 06 Aug 2019 21:06:41 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
gB3Izg6sA-RDKySkG-W-w7_E-7-dUAGrISyL3MviS80I98uoBnED_w==
nvtag
profile.ngpvan.com/v2/data/F7H6wlDseydrKHhiiQfZ3aHE/
2 B
1 KB
XHR
General
Full URL
https://profile.ngpvan.com/v2/data/F7H6wlDseydrKHhiiQfZ3aHE/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 02 Mar 2020 06:37:25 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
Express, ASP.NET
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
X-Iinfo
3-11334222-11334228 NNNY CT(0 1 0) RT(1583131045151 21) q(0 0 0 0) r(1 1) U12
Access-Control-Allow-Credentials
true
Content-Length
123
X-CDN
Incapsula
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag
identity
fastaction.ngpvan.com/api/v1/
186 B
1 KB
Script
General
Full URL
https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1583131046193=
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
5e65ce6546c9b5305347b0eabbd795157292acde28fc6d47b669e422aa9e7f76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains
Via
1.1 vegur
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Powered-By
Express
Transfer-Encoding
chunked
P3p
CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo
5-21242870-21242876 NNYN CT(94 219 0) RT(1583131045259 21) q(0 0 4 5) r(5 5) U4
Connection
keep-alive
Content-Encoding
gzip
Etag
W/"ba-3808024839"
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server
Cowboy
Date
Mon, 02 Mar 2020 06:37:26 GMT
Vary
X-HTTP-Method-Override, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/
94 KB
95 KB
Font
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 02 Mar 2020 01:54:40 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
age
16967
x-cache
Hit from cloudfront
status
200
content-length
96388
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"aca35251952e72d9e32d41217f0f97ab"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
oRXLsCq070PYAndYKPDuWLXIwW_O67_Tgm5LkbVyvMU7VkmZ5mOOGg==
gtmtools.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/
4 KB
5 KB
Script
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/gtmtools.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-128.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Mon, 02 Mar 2020 06:27:08 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Age
619
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4233
Last-Modified
Thu, 24 Oct 2019 19:33:08 GMT
Server
AmazonS3
ETag
"9e70537eecebd0e559cbe41c8facec34"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=1800
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
GBwaMCkkYJ2wlyK2KxZOHphX07gELK21MS1d5pyysIDfoH7IErJtvA==
collect
www.google-analytics.com/j/
1 B
108 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j81&a=689742526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=18&_u=aGHACMALBAAAAC~&jid=1828356684&gjid=229246136&cid=568429542.1583131046&tid=UA-153397523-1&_gid=1473791041.1583131046&_r=1&gtm=2wg2j0TKGP5VG&cd1=ContributionForm&cd2=%5BC3%5D%20Standard%20Donate%20Page&cd3=b5-NLp5380at34y9v7fS5Q2&z=1968137179
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 06:37:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
intl-tel.input.utils.js
d3rse9xjbp8270.cloudfront.net/assets/js/
229 KB
52 KB
Script
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Sat, 01 Feb 2020 21:33:26 GMT
content-encoding
gzip
age
2538241
x-cache
Hit from cloudfront
status
200
content-length
52457
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
last-modified
Thu, 03 Oct 2019 17:12:46 GMT
server
AmazonS3
etag
"0e171f16b707862d9a5a9168f0edc967"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
9bUrIq-vHO7aeocj7NDNs6tAfUHRu1VL62Ailkz7FOfViT4wedot8g==
truncated
/
784 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/
20 KB
20 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Sat, 11 Jan 2020 14:13:08 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
age
4379059
x-cache
Hit from cloudfront
status
200
content-length
20389
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
wYB4kd08A2mtJebQvaqEu9WnhxAfxVLJS-q2nPk32iq4ZS2yUSXvuQ==
cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/
3 KB
4 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/cc.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 02:49:20 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
age
445687
x-cache
Hit from cloudfront
status
200
content-length
3392
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"294b44fc8703a45684537d51e363c045"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
g5V6D67kd8E_GE4FOB3k3lPPHBUXc5VuoxfWLsl4m_ZZZ_wuWP7xGA==
b5-NLp5380at34y9v7fS5Q2
secure.everyaction.com/PayPalClientToken/
2 KB
3 KB
XHR
General
Full URL
https://secure.everyaction.com/PayPalClientToken/b5-NLp5380at34y9v7fS5Q2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
584f340b807d4c35fb33747f8d429fefdf92c8512232cc6e8546e7e9b68babdd
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Request-Id
|Nl236.OBniL
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
7-9882123-9882171 NNNY CT(0 0 0) RT(1583131044778 575) q(0 0 0 -1) r(8 8) U2
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma
no-cache
X-Frame-Options
SAMEORIGIN
Date
Mon, 02 Mar 2020 06:37:26 GMT
Vary
Accept-Encoding
Content-Type
text/plain; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
-1
paypal-logo.png
d3rse9xjbp8270.cloudfront.net/assets/images/
3 KB
3 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/paypal-logo.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Tue, 25 Feb 2020 23:34:40 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
age
457367
x-cache
Hit from cloudfront
status
200
content-length
2778
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
server
AmazonS3
etag
"459c51e4e024db4720b62513d12edb6a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
eXLVQQq06an35EXwd-DZHyRcVZM55wtVd0h0_NEVcV7K9Skw2AilMA==
Digital-Logo-Horizontal.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/
23 KB
24 KB
Image
General
Full URL
https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/Digital-Logo-Horizontal.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 02 Mar 2020 06:37:26 GMT
Last-Modified
Mon, 18 Sep 2017 17:28:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D4FEBABB2CD773
Content-Type
image/png
Access-Control-Allow-Origin
*
x-ms-request-id
16714c48-b01e-00e2-615d-f0f58a000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
23661
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utt=216&_u=aGHACEALB~&jid=1260990698&gjid=1564953420&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&_r=1&gtm=2wg2j05L2FSL&z=1890202273
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 06:37:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=689742526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=568429542.1583131046&jid=340631424&_gid=1473791041.1583131046&gjid=894301520&_v=j81&z=1154320578
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=568429542.1583131046&jid=340631424&_gid=1473791041.1583131046&gjid=894301520&_v=j81&z=1154320578
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 02 Mar 2020 06:37:26 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 02 Mar 2020 06:37:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=568429542.1583131046&jid=340631424&_gid=1473791041.1583131046&gjid=894301520&_v=j81&z=1154320578
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGHAiEALB~&jid=983902519&gjid=1880602879&cid=568429542.1583131046&tid=UA-28243511-20&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000437&cd5=%5BC3%5D%20Standard%20Donate%20Page&cd6=b5-NLp5380at34y9v7fS5Q2&z=917172923
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
35 B
102 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-28243511-20&cid=568429542.1583131046&jid=983902519&gjid=1880602879&_gid=1473791041.1583131046&_u=aGHAiEALB~&z=983945440
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Mon, 02 Mar 2020 06:37:26 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j81&a=689742526&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=18&_u=aGHACMALBAAAAC~&jid=1345808705&gjid=1813035654&cid=568429542.1583131046&tid=UA-153397523-7&_gid=1473791041.1583131046&_r=1&gtm=2wg2j0TKGP5VG&cd1=ContributionForm&cd2=%5BC3%5D%20Standard%20Donate%20Page&cd3=b5-NLp5380at34y9v7fS5Q2&z=677334768
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Mon, 02 Mar 2020 06:37:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=536760203565689&ev=InitiateCheckout&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&rl=&if=false&ts=1583131046230&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1583131045994.548608956&it=1583131045842&coo=false&rqm=GET
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 06:37:26 GMT, Mon, 02 Mar 2020 06:37:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 02 Mar 2020 06:37:26 GMT
collect
www.google-analytics.com/
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utt=41&_u=aGHACMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&z=627451556
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b5-NLp5380at34y9v7fS5Q2
secure.everyaction.com/v1/Track/
0
612 B
Image
General
Full URL
https://secure.everyaction.com/v1/Track/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2FPH5vMut7N7anWHOi8tBriJynZfJAgCi%2FGpRZ8AWyERwThAZX%2FsAnkyyk%2FyEieW4yHQPyOBcVj3pww%3D%3D&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Mon, 02 Mar 2020 06:37:26 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
12-14068600-14068603 SNNy RT(1583131044956 465) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
paypal-logo.png
d1aqhv4sn5kxtx.cloudfront.net/images/
3 KB
3 KB
Image
General
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/images/paypal-logo.png
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.98.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-128.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Sun, 01 Mar 2020 13:15:40 GMT
Via
1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Age
62507
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2778
Last-Modified
Fri, 03 May 2019 18:16:37 GMT
Server
AmazonS3
ETag
"459c51e4e024db4720b62513d12edb6a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
Z9BQsdpXIPiKf2jWL8Ba_12ucYzauuj2AR4ugivO2y-I3w6bTKgFkA==
fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/
9 KB
9 KB
Image
General
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:20eb:7e00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 02:23:28 GMT
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
age
15239
x-cache
Hit from cloudfront
status
200
content-length
9203
last-modified
Wed, 08 Jan 2020 18:06:45 GMT
server
AmazonS3
etag
"babd47dc25531a9faeadc04f1afa1910"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
IahLPPDK0Ofr0AJpXcgZNswHy9YOJeq8RNdCDSY9uAqiLOQtePickw==
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utt=134&_u=aGHACMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&z=1256344719
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utt=12&_u=aGHACMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&z=2016331231
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utt=419&_u=aGHACMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&z=878988334
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=457&_u=aGHACMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-28243511-22&_gid=1473791041.1583131046&gtm=2wg2j05L2FSL&z=134205701
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
F7H6wlDseydrKHhiiQfZ3aHE
secure.everyaction.com/Databag/Profile/
0
711 B
XHR
General
Full URL
https://secure.everyaction.com/Databag/Profile/F7H6wlDseydrKHhiiQfZ3aHE
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
X-Requested-With
XMLHttpRequest
Request-Id
|Nl236.UE4VK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Mon, 02 Mar 2020 06:37:26 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
0-917826-917827 SNNy RT(1583131044066 1371) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
F7H6wlDseydrKHhiiQfZ3aHE
secure.ngpvan.com/Databag/Profile/
0
1 KB
XHR
General
Full URL
https://secure.ngpvan.com/Databag/Profile/F7H6wlDseydrKHhiiQfZ3aHE
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Mon, 02 Mar 2020 06:37:26 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://secure.everyaction.com
X-Iinfo
12-14068690-14068696 NNNY CT(0 0 0) RT(1583131045490 22) q(0 0 0 1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 2E18
0
0
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2044576886749751465&formId=randomId204712339643980499&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-49.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
js.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id
Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges
bytes
Server
AmazonS3
Access-Control-Allow-Origin
*
Date
Mon, 02 Mar 2020 06:27:07 GMT
ETag
"9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache
Hit from cloudfront
Via
1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
AfcPD3t25nOcZAh2u5houU0iYVTZkbc3FXYVv9Lf_QBUzpu4riGKCg==
Age
1364
index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame DE85
0
0
Document
General
Full URL
https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId207923518019756521&formId=randomId204712339643980499&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by
Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.49 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-49.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
js.verygoodvault.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022

Response headers

Content-Type
text/html
Content-Length
364
Connection
keep-alive
Last-Modified
Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id
Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges
bytes
Server
AmazonS3
Access-Control-Allow-Origin
*
Date
Mon, 02 Mar 2020 06:27:07 GMT
ETag
"9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache
Hit from cloudfront
Via
1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
pVZ9red542J1FnclJP1fC6JMpUW7tAamwS90ar_ElamJ2p5rtoJUGw==
Age
1364
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=536760203565689&ev=Microdata&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&rl=&if=false&ts=1583131046500&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fnvlupin.blob.core.windows.net%2Fimages%2Fvan%2FJVP%2FJVP%2F1%2F61881%2Fimages%2Fjews-for-peace_donate-page.png%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Atitle%22%3A%22Donate%20to%20Jewish%20Voice%20for%20Peace%22%2C%22og%3Asite_name%22%3A%22EveryAction%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=2&o=30&fbp=fb.1.1583131045994.548608956&it=1583131045842&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Mon, 02 Mar 2020 06:37:26 GMT, Mon, 02 Mar 2020 06:37:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 02 Mar 2020 06:37:26 GMT
collect
www.google-analytics.com/
35 B
102 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=689742526&t=timing&_s=2&dl=https%3A%2F%2Fsecure.everyaction.com%2Fb5-NLp5380at34y9v7fS5Q2%3Fsourceid%3D1000437%26ms%3Demft%26contactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26emci%3D9ca44310-095b-ea11-a94c-00155d039e74%26emdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26ceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2167&pdt=2&dns=12&rrt=457&srt=151&tcp=40&dit=1259&clt=1259&_gst=1221&_gbt=1267&_cst=667&_cbt=1206&_u=aGHAiMALBAAAAC~&jid=&gjid=&cid=568429542.1583131046&tid=UA-62682497-4&_gid=1473791041.1583131046&gtm=2wg2j0PM473M&z=941454790
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 02:26:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2779842
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/
0
311 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type,sdk-context

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 02 Mar 2020 06:37:26 GMT
X-Content-Type-Options
nosniff
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
0
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST
track
dc.services.visualstudio.com/v2/
98 B
521 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
BB4E8855-EC66-4DE7-8AAB-A6E0597EBB96
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Mon, 02 Mar 2020 06:37:26 GMT
Access-Control-Max-Age
3600
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length
98
graphql
payments.braintree-api.com/
0
401 B
XHR
General
Full URL
https://payments.braintree-api.com/graphql
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-11.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
authorization,braintree-version,content-type

Response headers

date
Mon, 02 Mar 2020 06:37:27 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
access-control-max-age
1800
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
status
200
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-origin
https://secure.everyaction.com
content-length
0
x-amz-cf-id
Z42reZUY9TLOezQPQOYpzuAxZ0jSuq9wMLmY5LJ2AABEWRt7NY10dA==
access-control-allow-headers
authorization,braintree-version,content-type
graphql
payments.braintree-api.com/
1 KB
1 KB
XHR
General
Full URL
https://payments.braintree-api.com/graphql
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-11.fra2.r.cloudfront.net
Software
/
Resource Hash
66628cab8b68c43890c601bdf4d9de3d354ac293780b6eeaceee9b80b97a2c04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6IkF1dGh5In0.eyJleHAiOjE1ODMyMTc0NDYsImp0aSI6IjRlMzc3MjY0LTY0NzYtNDI3NC1iNjRhLTZlMTNmYTdmZWQxOCIsInN1YiI6Inl4dmN4eDVrc3htOTg1ZDIiLCJpc3MiOiJBdXRoeSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Inl4dmN4eDVrc3htOTg1ZDIiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwib3B0aW9ucyI6e319.lEuAyHH_QWAduOY7fql8rJMJ94ZMvCeXpoimvrRWPcIYYREx1zoHL51rjwnRmX8bNz9seFIzkgSbklASGCyyZQ
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Braintree-Version
2018-05-10
Content-Type
application/json

Response headers

date
Mon, 02 Mar 2020 06:37:27 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C1
status
200
vary
Braintree-Version, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://secure.everyaction.com
braintree-version
2016-10-07
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-credentials
true
content-length
696
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
x-amz-cf-id
3OihLHwSN9m6ct5AIVgRP1vzXbR6BsFgG2ONA2CpYJUYaKvRyu0YeQ==
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
340 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 02 Mar 2020 06:37:27 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
340 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
dispatch-frame.min.html
checkout.paypal.com/web/3.44.2/html/ Frame 658C
0
0
Document
General
Full URL
https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.221.63.221 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-63-221.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Host
checkout.paypal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022

Response headers

Server
nginx
Content-Type
text/html
Last-Modified
Tue, 25 Feb 2020 20:08:31 GMT
ETag
"5e557ebf-1e9d"
Expires
Tue, 03 Mar 2020 06:37:27 GMT
Cache-Control
max-age=86400
Strict-Transport-Security
max-age=31536000
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Mon, 02 Mar 2020 06:37:28 GMT
Content-Length
3029
Connection
keep-alive
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
340 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
340 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
content-type
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
328 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
328 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
328 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
yxvcxx5ksxm985d2
client-analytics.braintreegateway.com/
0
328 B
XHR
General
Full URL
https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.231.251 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-231-251.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/b5-NLp5380at34y9v7fS5Q2?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022
Origin
https://secure.everyaction.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 02 Mar 2020 06:37:28 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://secure.everyaction.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer function| $ function| jQuery string| loc boolean| contribForm boolean| optback number| elem boolean| split object| mntAmts object| URLamts object| URLndx number| ttlAmts boolean| mntPre number| x boolean| interests boolean| giftmem string| URLms number| scid function| rearrangeFields object| nvtag_callbacks string| memChx function| myPostRender function| myAlterFill boolean| copied boolean| upsold boolean| lbclosed boolean| popped undefined| upAmt function| myPostFill string| memStat boolean| recurring number| userAmt function| myAlterErrors string| eml string| fn string| newStat string| newExp boolean| gdone string| recipName boolean| fn_check boolean| ln_check object| appInsights function| handleScriptLoadError function| fbAsyncInit object| twttr object| FB object| __twttrll object| __twttr object| google_tag_manager string| GoogleAnalyticsObject function| ga function| fbq function| _fbq number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| AI object| Microsoft function| __extends function| _endsWith object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| formview string| url object| param object| intlTelInputUtils

25 Cookies

Domain/Path Name / Value
.everyaction.com/ Name: _gat_UA-153397523-7
Value: 1
.everyaction.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
.everyaction.com/ Name: _gat_UA-28243511-20
Value: 1
.everyaction.com/ Name: _gat_UA-28243511-22
Value: 1
secure.everyaction.com/ Name: ai_session
Value: zNZJY|1583131046181.145|1583131046181.145
.everyaction.com/ Name: _dc_gtm_UA-153397523-7
Value: 1
.everyaction.com/ Name: incap_ses_246_1392949
Value: WZDweHyWtiNtkgF6D/hpA6WpXF4AAAAAGBFwmSPBDkl+TGLU4gFZLQ==
.everyaction.com/ Name: _dc_gtm_UA-153397523-1
Value: 1
secure.everyaction.com/ Name: ai_user
Value: 0Ks3M|2020-03-02T06:37:25.917Z
.secure.everyaction.com/ Name: _dc_gtm_UA-62682497-4
Value: 1
.secure.everyaction.com/ Name: _gid
Value: GA1.3.1473791041.1583131046
.secure.everyaction.com/ Name: _ga
Value: GA1.3.568429542.1583131046
secure.everyaction.com/ Name:
Value:
.secure.everyaction.com/ Name: x-ms-routing-name
Value: self
.everyaction.com/ Name: visid_incap_823975
Value: FZPedsuMQ7y4NTfDmeJfWqSpXF4AAAAAQUIPAAAAAACFOY1ai9sxrS5EZF87qZGN
.secure.everyaction.com/ Name: TiPMix
Value: 84.5489824584448
.everyaction.com/ Name: ProfileDatabagId
Value: F7H6wlDseydrKHhiiQfZ3aHE
.everyaction.com/ Name: nlbi_823975
Value: CifiNRVNk1IqZ+vHOu0ZEgAAAADTuOJuV33TT4Cch5Gy6TGi
.everyaction.com/ Name: _gat_UA-153397523-1
Value: 1
.everyaction.com/ Name: nlbi_1392949
Value: WqezQk2xZU21074tuiPdvwAAAACflDZNtzvp/INZGhyaZvpX
.everyaction.com/ Name: _ga
Value: GA1.2.568429542.1583131046
.everyaction.com/ Name: _gid
Value: GA1.2.1473791041.1583131046
.everyaction.com/ Name: incap_ses_246_823975
Value: OvmLPLU2SWy0kgF6D/hpA6WpXF4AAAAAa/VezlkwDaxV6Iu+WJk3eQ==
.everyaction.com/ Name: visid_incap_1392949
Value: CTeuxUzmTSa6az2tH/9RhqOpXF4AAAAAQUIPAAAAAABN8swxhNRMNi3DeNJdinrN
.everyaction.com/ Name: _fbp
Value: fb.1.1583131045994.548608956

26 Console Messages

Source Level URL
Text
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Downloading: 216.419921875ms
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
0: HeaderHtml
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
1: FooterHtml
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
2: submitForm
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
3: ContributionInformation
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
4: ContactInformation
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
5: PaymentInformation
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19)
Message:
6: Interests
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66)
Message:
truex: 4
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 89)
Message:
true -- true
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Processing: 41.302978515625ms
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 171)
Message:
no memTY
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Render: 134.037109375ms
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 202)
Message:
{"fill_dict":{"SelectAmount":"18.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"ProcessingCurrency":"USD","Amount":"18.00","YesSignMeUpForUpdatesForBinder":true,"SuggestedAmount":"18.00","_source":"None","_value_sources":{"ProcessingCurrency":"defaults","Amount":"defaults","IsRecurring":"defaults","Country":"defaults","YesSignMeUpForUpdatesForBinder":"defaults","Interest_4375316":"defaults","SelectAmount":"defaults","SuggestedAmount":"defaults"}},"fill_source":"None"}
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Fill: 11.7138671875ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Form: 419.54296875ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Total: 456.72998046875ms
console-api log URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 202)
Message:
{"fill_dict":{"SelectAmount":"18.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"ProcessingCurrency":"USD","Amount":"18.00","YesSignMeUpForUpdatesForBinder":true,"SuggestedAmount":"18.00","_source":"None","_value_sources":{"ProcessingCurrency":"defaults","Amount":"defaults","IsRecurring":"defaults","Country":"defaults","YesSignMeUpForUpdatesForBinder":"defaults","Interest_4375316":"defaults","SelectAmount":"defaults","SuggestedAmount":"defaults"}},"fill_source":"None"}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
checkout.paypal.com
click.everyaction.com
client-analytics.braintreegateway.com
code.jquery.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
payments.braintree-api.com
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.194.11
143.204.101.49
143.204.98.128
152.199.19.160
2001:4de0:ac19::1:b:1b
2600:9000:20eb:7e00:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:81b::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.132.231.251
45.60.33.183
51.140.6.23
52.239.157.138
88.221.63.221
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
178472c41d58ab292d43b56d6ca6c8d014522b947af4e0252a012a333fa06e0a
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17
28e8f49ffa0082647299139a12b12b8df2a6de1f3789876c7dde2e6f7582a3c7
41016289e5a7829fb7eaf56232ae725d65264bfbfda98bb094effb883c671bf8
4210a603acda3a932fe485d119d64f238fd0abb448dc1a598f750599ce1d87e7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4576358f7bcf6cc28cbe32cb068706808834f17d66e33e8ec27bc8af50dd0798
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
584f340b807d4c35fb33747f8d429fefdf92c8512232cc6e8546e7e9b68babdd
58dd92b26521eecae86002911ed654348aa10eb962dc3854582caa5643e792ef
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e49088654cdb561d777ecb0b5b1ef6414c6e894d9383172b8b66f22a3de5e16
5e65ce6546c9b5305347b0eabbd795157292acde28fc6d47b669e422aa9e7f76
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0
66628cab8b68c43890c601bdf4d9de3d354ac293780b6eeaceee9b80b97a2c04
69932bbc68cd3d17b9e80859d2ddc9028c1fdfddfdbbff948061ae1ef67b622b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78f7fa806f3a998e72f68267fb7872bc6da94df6573eeddb157633148f8cc23e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
8f07050edf29d7b852fa21d18d9ea17a83a7d2e4fff06fb41ef7768ecfccbead
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db
a92b0f121bb1dc7129a0afadfb2f4d65dec60ad405088382e7be4dcc0e8a9510
ab8122460b24a6f0076ca9d12295ca427d186a4071abe3671b40480a187f9c2f
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
bd11702803f042c8d4ad68bd46bda46c2afaf9c7656379296faa6b0549a75467
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d972cb3eb8727e4f2ea30aed262d195a0e504e8d63359e268139931f0c64d253
db862a148ea9755a0fb506fed0193e9638e1a2c671151ee5ac112722fedf3429
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0cb17862dc210b7118bc21e60db77fae45fe6ebce128b0427bca031fd3010
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f22c6ae24b608e03249eb0be489e3a53d748b3190582772405ffb93ed12a70b8
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc