takeaction.sandyhookpromise.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1582309049
54.230.111.87200 OK 21 kB URL GET HTTP/2 takeaction.sandyhookpromise.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1582309049
IP 54.230.111.87:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectsandyhookpromise-oa.edge.targetedaction.net
FingerprintED:D6:9F:A8:F6:3D:16:B5:2B:CF:5D:7E:A8:A3:D5:8E:22:7E:F7:EC
ValiditySun, 23 Jul 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Hash e005d98929dc3297d79081c79d64f11e
499abee1fd497504a07778872511ccb62e20ec22
94e5f30b86c2c14f2c7b4ab614fbd5d32d05c14945ea2e07d9b9789f7935671a
GET /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1582309049 HTTP/1.1
Host: takeaction.sandyhookpromise.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Cookie: SessionKeyCookie=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 20556
date: Tue, 30 Apr 2024 12:54:23 GMT
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
set-cookie: visid_incap_2302165=uVckgeFhSk+MEGCIhS3OB/7pMGYAAAAAQUIPAAAAAACO6on3eB20D6QBDUv/dP40; expires=Tue, 29 Apr 2025 22:43:07 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_878_2302165=5OT/QBIcEkR7xIIjYEgvDP7pMGYAAAAA4SuGNQFyop7RYBHofu31CQ==; path=/; Domain=.everyaction.com; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uvhhbb2z7k_9BBgZTI9KOkPkoZIYUQ3rzHE9pUBxlmfVNg3i9A_wIg==
X-Firefox-Spdy: h2
takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
54.230.111.87200 OK 18 kB URL User Request GET HTTP/2 takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
IP 54.230.111.87:443
Certificate IssuerAmazon
Subjectsandyhookpromise-oa.edge.targetedaction.net
FingerprintED:D6:9F:A8:F6:3D:16:B5:2B:CF:5D:7E:A8:A3:D5:8E:22:7E:F7:EC
ValiditySun, 23 Jul 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (46685), with CRLF line terminators
Hash fed399107ec4521cb80ccd630e3a9e18
8959cfc1fe5fd449bc6e3e0b894efcb95f3f1ee3
c78058ff64e58b081b8b24f9cbe4573697e5993bd3f3a3b64b18c178417c5f8e
GET /a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700 HTTP/1.1
Host: takeaction.sandyhookpromise.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
date: Tue, 30 Apr 2024 12:54:22 GMT
access-control-expose-headers: Request-Context
cache-control: private
content-encoding: gzip
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: SessionKeyCookie=; expires=Tue, 30-Apr-2024 20:54:22 GMT; path=/; HttpOnly; Secure; SameSite=None
nlbi_2302165=ZmwaZV2M4DPzVC4quBP4lwAAAADJclorWNJYR4x68m2QpYEc; path=/; Domain=.everyaction.com; Secure; SameSite=None
visid_incap_2302165=lB3wGGRpQfCD0E4XBiCVof7pMGYAAAAAQUIPAAAAAACUsC3UaDA4JXMBw+QkJLpv; expires=Tue, 29 Apr 2025 22:27:10 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_473_2302165=3slXL3iL+jvC8BMYCm+QBv7pMGYAAAAAdSVROz6+3wpO4pRZ8+xRRg==; path=/; Domain=.everyaction.com; Secure; SameSite=None
x-incap-sess-cookie-hdr: pULLL8hvCQzC8BMYCm+QBv7pMGYAAAAAt74FCN3vqy88v9NDMtlvuA==
x-cdn: Imperva
x-iinfo: 10-5586978-5534503 pNNy RT(1714481662289 2) q(0 0 0 1) r(2 2) U2
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nagq-AeJU-lGY4JMd-Ea-8z9lfPzqA5rRC_mEfk-ylqQnFHvuwVILw==
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/at.js
54.230.111.60200 OK 247 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/at.js
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (36588)
Size 247 kB (247432 bytes)
Hash 7e52e23030b4016e4ffe6b42ac626134
f9b0594b15e6a8d3312d362298bb272ea9445b95
6865469316ef4eeaafad1ba03b0518f413d6811b337549296a5a3c48ed1ba116
GET /ea-actiontag/at.js HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 247432
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 23 Apr 2024 14:37:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Apr 2024 03:09:46 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "a946050451b719fc78d0d357b3a6090f"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KlCwRSD3bzeH9LqtXBM_INw19TS2Vxj9x_FiAHEl-9MytV7m3GE8XA==
age: 35078
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
54.230.111.34200 OK 44 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
IP 54.230.111.34:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65432)
Hash 156be461dd96d02fce3792c020f7748a
1f274912cfc7ee6a07be5cb7f6d61cbf0428f313
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
GET /vgs-collect/2.18.4/vgs-collect.js HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 12:54:11 GMT
Cache-Control: max-age=60
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: wYXZlZKovyQidDcTEreSXPbPrmFGoE_J2kuEjEKFnPGeYoaVQK21sw==
Age: 13
www.googletagmanager.com/gtm.js?id=GTM-NVMNP3J
142.250.74.168200 OK 110 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NVMNP3J
IP 142.250.74.168:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (45042)
Size 110 kB (110509 bytes)
Hash 74b8f8e6d2bea6c778d9186a52853a0a
936cc1a83fd06d9328367a10adf282147138a726
df080a81441ecd8231cc5dfadfa4317cf413f6b4acc85f96ff00d43411a935ee
GET /gtm.js?id=GTM-NVMNP3J HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Apr 2024 12:54:23 GMT
expires: Tue, 30 Apr 2024 12:54:23 GMT
cache-control: private, max-age=900
last-modified: Tue, 30 Apr 2024 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 110509
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
missionwired.s3.amazonaws.com/everyaction-upsell/prod/main.js
52.216.40.65200 OK 6.1 kB URL GET HTTP/1.1 missionwired.s3.amazonaws.com/everyaction-upsell/prod/main.js
IP 52.216.40.65:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subject*.s3.amazonaws.com
FingerprintDC:41:A6:3E:EE:32:6F:36:76:5A:EF:9D:17:AF:14:13:E3:05:C6:D1
ValidityTue, 10 Oct 2023 00:00:00 GMT - Wed, 03 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (6094)
Hash 722d3a69cbd3d3f2b7a02d28d3d882cd
72055125741b9c796e40faf846180b02831505d2
c2361b92ee7c501d8cbacb3e232d9a26ab07bd596b2fffad905c034aa17a21ce
GET /everyaction-upsell/prod/main.js HTTP/1.1
Host: missionwired.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Dg/QXGy2ZShSSz9Z69yDO5afEmTcGdErreIO/pdXH8aVTO9UONNmDSa3sSPVETkNzp/38wBhkJw=
x-amz-request-id: EG0QD2GJKVH7XMHB
Date: Tue, 30 Apr 2024 12:54:24 GMT
Last-Modified: Fri, 03 Nov 2023 19:55:52 GMT
ETag: "722d3a69cbd3d3f2b7a02d28d3d882cd"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 6127
static.everyaction.com/ea-actiontag/at.js
54.230.111.60200 OK 247 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/at.js
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (36588)
Size 247 kB (247432 bytes)
Hash 7e52e23030b4016e4ffe6b42ac626134
f9b0594b15e6a8d3312d362298bb272ea9445b95
6865469316ef4eeaafad1ba03b0518f413d6811b337549296a5a3c48ed1ba116
GET /ea-actiontag/at.js HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 247432
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 23 Apr 2024 14:37:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Apr 2024 03:09:46 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "a946050451b719fc78d0d357b3a6090f"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6kOlSAHSfYpu0LyWWHXn4qw7n4FJELJNXMzgwxwMPg6KBZtvMz4qIA==
age: 35078
X-Firefox-Spdy: h2
fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
216.58.207.227200 OK 14 kB URL GET HTTP/2 fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
IP 216.58.207.227:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 14172, version 1.0
Hash 90f688740d883ec461f589a4b166e838
604181e4c870b3ec636509cc3b541aabbbe1f50c
4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d
GET /s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14172
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 08:05:24 GMT
expires: Fri, 25 Apr 2025 08:05:24 GMT
cache-control: public, max-age=31536000
age: 449339
last-modified: Thu, 10 Sep 2020 17:04:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/logo.png
20.60.58.97200 OK 99 kB URL GET HTTP/1.1 nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/logo.png
IP 20.60.58.97:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintB2:94:09:5D:1D:DB:EB:B2:B5:E5:F1:E7:8C:3E:9C:B6:86:B3:0A:66
ValidityTue, 26 Mar 2024 15:46:48 GMT - Fri, 21 Mar 2025 15:46:48 GMT
File type PNG image data, 400 x 204, 8-bit/color RGBA, non-interlaced
Hash 362035fb8113edadb9b4bea500078a91
8c6884870a0db8def431d01eadaf20ee49b314ce
1c362bf1f46b8bc0b2e9c3f36bc85bd580e9ba0956903f0e52d5a2ba0c044d0a
GET /images/van/SHPRO/SHPRO/1/92586/images/logo.png HTTP/1.1
Host: nvlupin.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 98960
Content-Type: image/png
Last-Modified: Thu, 30 Sep 2021 23:27:38 GMT
ETag: 0x8D98469E425D47B
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ff52c8e0-c01e-0038-53fd-9ae391000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Tue, 30 Apr 2024 12:54:23 GMT
www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
142.250.74.168200 OK 104 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
File type JavaScript source, ASCII text, with very long lines (6600)
Size 104 kB (104459 bytes)
Hash 2688566e765cde75c62f8a074aa7a56d
faab63ee6b81d4e348e3c3d25a18d055b97d8ac9
4a658f3329274925508705f2f93135f7a43c319bec252ba41bfa22c223dffe4e
GET /gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 30 Apr 2024 12:54:24 GMT
expires: Tue, 30 Apr 2024 12:54:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 104459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
az416426.vo.msecnd.net/scripts/b/ai.2.min.js
152.199.19.161200 OK 48 kB URL GET HTTP/2 az416426.vo.msecnd.net/scripts/b/ai.2.min.js
IP 152.199.19.161:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subject*.vo.msecnd.net
Fingerprint86:E0:37:E4:B1:31:51:81:DD:54:33:82:FF:4D:EB:D1:15:5F:65:C4
ValidityTue, 30 Jan 2024 00:00:00 GMT - Thu, 30 Jan 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65409)
Hash 30f39ae5d1d05a439046a7640510b486
716efa29594edae8832bb8b12e7fb19bc06e06fe
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
GET /scripts/b/ai.2.min.js HTTP/1.1
Host: az416426.vo.msecnd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 1657
cache-control: public, max-age=1800, immutable, no-transform
content-md5: MPOa5dHQWkOQRqdkBRC0hg==
content-type: text/javascript; charset=utf-8
date: Tue, 30 Apr 2024 12:54:24 GMT
etag: 0x8DC490392FC747D
expires: Tue, 30 Apr 2024 13:24:24 GMT
last-modified: Wed, 20 Mar 2024 17:31:27 GMT
server: ECAcc (ska/F778)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.18.min.js
x-ms-meta-aijssdkver: 2.8.18
x-ms-meta-lastmodified: 2020-10-07 00:07:47
x-ms-request-id: 41e0ced6-801e-0016-32f9-9ad2a5000000
x-ms-version: 2009-09-19
content-length: 48078
X-Firefox-Spdy: h2
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/profile-PLATINUM2022-seal.png
45.223.139.238200 OK 1.5 kB URL GET HTTP/1.1 prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/profile-PLATINUM2022-seal.png
IP 45.223.139.238:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint2E:EC:B7:2C:A4:55:43:C2:21:D5:E0:36:CE:05:B3:05:1A:1C:39:B7
ValidityThu, 15 Feb 2024 00:45:35 GMT - Tue, 13 Aug 2024 00:45:35 GMT
File type PNG image data, 135 x 135, 8-bit colormap, non-interlaced
Hash e45657d6162477b5eab7462654ac9228
f93f06fd659041dcef3d96159de956f8dc0358e9
87927a182d2e1f6218aa17809f813095a64921c1e70f80d7dfe81c4f9d30dc8b
GET /images/van/SHPRO/SHPRO/1/92586/images/profile-PLATINUM2022-seal.png HTTP/1.1
Host: prod.cdn.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Etag: 0x8DB04739DB0F409
Last-Modified: Wed, 01 Feb 2023 16:44:41 GMT
Content-Type: image/png
Content-Length: 1519
Cache-Control: max-age=300, public
Expires: Tue, 30 Apr 2024 12:59:23 GMT
Date: Tue, 30 Apr 2024 12:54:23 GMT
Set-Cookie: nlbi_2783198=I7rwMDv8KUa9yCqfoj2twwAAAADOlWfwtN4ynLqb5EFx+lYY; path=/; Domain=.cdn.everyaction.com
visid_incap_2783198=/bV/syR4RiKrL2ilLWy7n/7pMGYAAAAAQUIPAAAAAAA6GcGqX3wpeyvo2uZCRu1Q; expires=Tue, 29 Apr 2025 22:20:15 GMT; HttpOnly; path=/; Domain=.cdn.everyaction.com
incap_ses_723_2783198=KEasMTleFD3D57xZspwICv/pMGYAAAAAMI93UUAmYZDIl8q3CcsGDA==; path=/; Domain=.cdn.everyaction.com
x-incap-sess-cookie-hdr: 3JjQcjhmJxHD57xZspwICv/pMGYAAAAAzhRFfivDe1HQJFFQlqtNDA==
X-CDN: Imperva
X-Iinfo: 10-3320589-3318404 2VNN RT(1714481662565 332) q(0 1 1 2) r(5 5) U20
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/2022-top-rated-awards-badge-embed.png
45.223.139.238200 OK 19 kB URL GET HTTP/1.1 prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/2022-top-rated-awards-badge-embed.png
IP 45.223.139.238:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint2E:EC:B7:2C:A4:55:43:C2:21:D5:E0:36:CE:05:B3:05:1A:1C:39:B7
ValidityThu, 15 Feb 2024 00:45:35 GMT - Tue, 13 Aug 2024 00:45:35 GMT
File type PNG image data, 135 x 101, 8-bit/color RGBA, non-interlaced
Hash 06c60258c32d33fe9815da3e47202876
5fc7951314eb4688df1561e18478a3623ccaa8f8
58d84748e5e3ec410c419f02f51bf0a66b0764b71751e5272a72b8047cd73fc8
GET /images/van/SHPRO/SHPRO/1/92586/images/2022-top-rated-awards-badge-embed.png HTTP/1.1
Host: prod.cdn.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Etag: 0x8DB0473C3A87511
Last-Modified: Wed, 01 Feb 2023 16:45:45 GMT
Content-Type: image/png
Content-Length: 18937
Cache-Control: max-age=300, public
Expires: Tue, 30 Apr 2024 12:59:24 GMT
Date: Tue, 30 Apr 2024 12:54:24 GMT
Set-Cookie: nlbi_2783198=7Za4QxSgIHuiqsQJoj2twwAAAADsAzHhN223eWFCf7aSm6pw; path=/; Domain=.cdn.everyaction.com
visid_incap_2783198=/bV/syR4RiKrL2ilLWy7n/7pMGYAAAAAQUIPAAAAAAA6GcGqX3wpeyvo2uZCRu1Q; expires=Tue, 29 Apr 2025 22:19:59 GMT; HttpOnly; path=/; Domain=.cdn.everyaction.com
incap_ses_723_2783198=Gy3GQSp2GQXD57xZspwICv/pMGYAAAAA6aWoBLQI7rQ17s8Ag6yJVQ==; path=/; Domain=.cdn.everyaction.com
x-incap-sess-cookie-hdr: OmXdSVG4zXHD57xZspwICv/pMGYAAAAAx0WzmYjTp5o9cPi3vaO8tw==
X-CDN: Imperva
X-Iinfo: 7-7737219-7736672 2VNN RT(1714481662905 19) q(0 0 0 0) r(4 4) U20
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/four-star.png
45.223.139.238200 OK 14 kB URL GET HTTP/1.1 prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/four-star.png
IP 45.223.139.238:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGlobalSign nv-sa
Subjectimperva.com
Fingerprint2E:EC:B7:2C:A4:55:43:C2:21:D5:E0:36:CE:05:B3:05:1A:1C:39:B7
ValidityThu, 15 Feb 2024 00:45:35 GMT - Tue, 13 Aug 2024 00:45:35 GMT
File type PNG image data, 135 x 135, 8-bit/color RGBA, non-interlaced
Hash 8d8c7c5618ee441a97ec1584d69c16d6
bee10e760e73fc1cb95083ee8376470ca554c1c6
a962d7d17cfa096734d22cb537749f58472cad0800905117de2d07711707f3c1
GET /images/van/SHPRO/SHPRO/1/92586/images/four-star.png HTTP/1.1
Host: prod.cdn.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Etag: 0x8DB0473B1DE784F
Last-Modified: Wed, 01 Feb 2023 16:45:15 GMT
Content-Type: image/png
Content-Length: 14474
Cache-Control: max-age=300, public
Expires: Tue, 30 Apr 2024 12:59:24 GMT
Date: Tue, 30 Apr 2024 12:54:24 GMT
Set-Cookie: nlbi_2783198=EejnfzQoS2Fyfxu0oj2twwAAAABQ1s0tQCX9sscjmIA4Hlon; path=/; Domain=.cdn.everyaction.com
visid_incap_2783198=/bV/syR4RiKrL2ilLWy7n/7pMGYAAAAAQUIPAAAAAAA6GcGqX3wpeyvo2uZCRu1Q; expires=Tue, 29 Apr 2025 22:20:10 GMT; HttpOnly; path=/; Domain=.cdn.everyaction.com
incap_ses_723_2783198=VlmJJfGFlmzD57xZspwICv/pMGYAAAAA6a/pkiwUeD6j49OeBITlFA==; path=/; Domain=.cdn.everyaction.com
x-incap-sess-cookie-hdr: ocZXOFHR/SnD57xZspwICv/pMGYAAAAAZCxgQm0B3+VygtjDkKEuRw==
X-CDN: Imperva
X-Iinfo: 14-8110817-8095262 2VNN RT(1714481662905 21) q(0 0 0 0) r(4 4) U20
dx.mountain.com/spx?dxver=4.0.0&shaid=36016&tdr=&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term=value
34.238.149.65200 OK 4.8 kB URL GET HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=36016&tdr=&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term=value
IP 34.238.149.65:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (17100), with no line terminators
Hash 3907fb93ef78b96a8fe788de42e6ee11
0d1f8a2c3ba72d94a5a3fb8b52f9ce4468e1ebef
3fb85a29691d8dde6afeba3545add32efee837e87075257f6e72f4e82d8c8835
GET /spx?dxver=4.0.0&shaid=36016&tdr=&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Tue, 30 Apr 2024 12:54:23 GMT
x-envoy-upstream-service-time: 3
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
pixel.byspotify.com/ping.min.js
34.117.162.98200 OK 6.2 kB URL GET HTTP/2 pixel.byspotify.com/ping.min.js
IP 34.117.162.98:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subjectpixel.byspotify.com
FingerprintE2:2A:07:53:01:30:82:D1:4C:33:CD:65:D6:C6:32:74:F4:0E:BE:C3
ValidityFri, 26 Apr 2024 14:39:02 GMT - Thu, 25 Jul 2024 15:32:56 GMT
File type JavaScript source, ASCII text, with very long lines (32607), with no line terminators
Hash 32e1f68082d1c053ed8067e29ce85ca9
0cd8b547e4ff5354da3f5d48e4b174b7b52cd99b
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
GET /ping.min.js HTTP/1.1
Host: pixel.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-guploader-uploadid: ABPtcPrFCGqcor_JhEIHkacGlk_vaHtELIN_XoP5dMkrkC3qOAz0xQyOQ_VPS2I2pQ-jKeC-kbbp_DZsVQ
x-goog-generation: 1697050835633914
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 6158
content-encoding: gzip
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 6158
server: UploadServer
via: 1.1 google
date: Tue, 30 Apr 2024 12:29:10 GMT
expires: Tue, 30 Apr 2024 13:29:10 GMT
cache-control: public, max-age=3600
age: 1514
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
etag: "13069f74108a788c598831c3a4ff2cdf"
content-type: application/javascript;
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/extra.min.css
54.230.111.60200 OK 14 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/extra.min.css
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash 405cbfa834a080153662d0f4eb6967a1
7d2a96563cb6e928147ba857e1ec52305b95fb78
7470cf693ac26883a064cc2c693a1553be185953f23ccca25b1779f3cd1638f3
GET /ea-actiontag/extra.min.css HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 14169
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 23 Apr 2024 14:37:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Apr 2024 03:57:53 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "e142f9c0816c55f0175e365ccf641b4c"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yHE7F9of7Fe8VXZXtUk9QqM81dwjXomV_b1wJWJtvRzPwmdetMV7QA==
age: 32798
X-Firefox-Spdy: h2
takeaction.sandyhookpromise.org/_Incapsula_Resource?SWKMTFSR=1&e=0.2998785717058857
54.230.111.87200 OK 1 B URL GET HTTP/2 takeaction.sandyhookpromise.org/_Incapsula_Resource?SWKMTFSR=1&e=0.2998785717058857
IP 54.230.111.87:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectsandyhookpromise-oa.edge.targetedaction.net
FingerprintED:D6:9F:A8:F6:3D:16:B5:2B:CF:5D:7E:A8:A3:D5:8E:22:7E:F7:EC
ValiditySun, 23 Jul 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /_Incapsula_Resource?SWKMTFSR=1&e=0.2998785717058857 HTTP/1.1
Host: takeaction.sandyhookpromise.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Cookie: SessionKeyCookie=; _gcl_au=1.1.847981447.1714481664; _ga_7TKWPVM1K2=GS1.1.1714481664.1.0.1714481664.60.0.0; _ga=GA1.1.1965567978.1714481664; ___utmvc=d4X4EvYDpeL9cltcQN3wFSwG5C1T/hBBqCapJPLdVsk4paLPzkgC0OwpKLtlFRWqCg1xsdkfufh6+FZupmJ55q4sIp44V+JKVvQsH/BinXKIjtVhYQPmsN/Iq/VwfaFkiDvGJ4lGcgDzQxyhzAz4rers+8G0qxVOj/SN8rCdCVfGdM08fz3Ec+M9Pr4eD96hQ8qtaiBvI7U8Ix/RhlLpZxFSKbH/K3hTqgqoE3gWzZVJU4bgUTS4WJXktWm7pEqgXOdtl5hifypTf0cVXAQosbroC0KYvhH+avmGVZXi9kwCWBHHb3EzsFeWAq33ZpL9cBAoFKvzi2hdDLKVQD3fbne0cV90wLHFVEvMPfNBQ7aPXoQJm4EejpHkkdLMVtbPyIfHR7jU4DikHrFrz2ffvPGHvfsYmy4FiJ2OKmskj0c/h6/0XvjMr8zJqE7wx3XBrPPtN5Ww4A5k+8W1/Es7k/XgBYronVKJUeJN4por8AA5Wmj3TkH8reUx4H5/yCf+T3xbUvZod7lc4X1thunuEci50X3GpRKrVqYSfQ/ts92tj4EAK7y5BvSxrLd9BiHcSx51jQMIknXFU8ewxXkkVXK8tdQRAKPxpAycEK8rPOSl0j3rg5+qRox7Q3hT00Pt7kmqFOesztlIyjN6iCvOLFvyz1G5uH/Gg6puaw3Uea/BGSMgyJq0Uh3k6g+9vzdbiszbMemcZi8OClwQLYaaE2BSOCHoisRllNq3QysAFzS6hjoF0wEhfwupsOwIjri1S1df+i57cLCO2TPb98AtidRCQH3eU4CstxUHr3lPsQIscEV0bcUsPgON/gOJkcKYYUpLYd87SzgKKM3seyNS6M6ile4E0j3CmNNxrF7VWPca7pKB/wy6wZg+k+yXrLirY6ud35KKFSpHIiaja2CReKpIwMPO6pPkeqingwsDw9KpvUxbBUlBzZU0HGABN3v9QsYjfhj64cuKJSI4jghRWB5NkblPt5NXzoNvqnbocsGdFy/30HFYX7KAQ2AaPyM47VkVgq56MH+iQEPHt1Wtbre58lrTO4LFcu8K8RdqY6d4hF1WIGk8xk4JjgnKYHboedcJWAIga9MDGgQv4LyanMN4iDmtNmpBhioKXhylwoT/toPH9s/t3sMlYXl7VGtYjN5qoPO18bbG/+7Lqx/VReLUEhineDiBlX0Pws+cg2Z+rHCR57f4KpJMCnE3QFbv6hKs7SzAxUk/es0Yi6HHsoC1BoTEc/rmBqMRijSkhJ3b9dQMYYPTOKqwL+0hLWfznA6vEBu4DWanIHdo8Rd+cPjIMQzV99dVSkU9FVoBKH0tZmvW8Qpgnxy8Jv5EeRamf7pHucWg1EH2Z+LMpCYV4gZfzWwUqRpbOoJ0f5m30m3MjjZ9VVb2AoJpSNqs040eaOkZ10Dtd0reOZEDdAl2cdysBDa+YqQEa8UprHGky8EwIQWylUEQB876jTSyK74vUcXewQ8GxGOg/CDgEzeGbfPSFPlASjwVkTcOLk24pBuAyE3jzw7OqYoajaKZo3B+db71KuZWx3tfrMTSHrP7LpRmQbZXh7dYKF2z5z+TPGfUyWzY+6/bh2n3jG6bG2amIoKkb1RypzBLnelbEFOH2ibbptVOEWggxB8+BKE7GQiW4lqalYQm7LpGtWIUY8Nooq3Mbzyos1V905K7Ne07PWsGEIj9BpUhJNItJ6Pr4VDL8zsAhiUfL7P8BRsUIbMEwSe549OkhD9tQabBI4ZolWgcII/vIpsvjZn7l/sBQq/lcVpb45554fhymQgK/BA7WIfBbnnAhhg0QJrEXCerKF2HuRjvjCSOn3zBKlTDITxW/oc2y2wygPdmoSrHi2gsv6fS24A7N79CbsXSAe7YyDssqO+tgmUu8zI/HXmjOppNKfZ3ytlf5vVqvnildp1nAbBExD7sJjy0ueDqOERCRmdlm4BzkBNKnAEx3IULRilFfSvkELL7MBSSmU+3V1zCOFi1lg28Mtlkb6zfAFp4EdUDAQH4dcyyVxiu0TaCF8uj4oH8Vmvoe4J3NEDgDYLIRrICf57xr2EOJtFrqipN70a1W2ZUUIQ4ij2Z9f1z2B8MfpS1AVsfG0jol/lUgOFrlay18goFpwhyrUoJ8+X62eJRiwauypdkzAjtk1R9D/slKn09SJc2dFoB+JJ6Up7fitE8twBhlFozdlntiAc1qqwbiO2/f15ATjx2L8fCU9BN4hoPFEk1yVa+oY+iyWqYTh30QbGCbliTeN32MP5D/yoFIN3sHBlP7UcU96odNK7aoeleDL/YmqeBupKLb7KG1vxpA2KNffeHEDvBqfuXTVQz3dsLPD7cqPav0CHZveEqIuNEwZyhFtHeOSZjz5Qp92VHQI5jttjXQoqIaWAh54/NZUsw4Pk+HDAe9h1Lv9cdwQTjmGxbSqtUtj4VsDUZedePrJ5vG5xW8inm5WfYaJxACyQxiWpTqsw69nfsKRB51KTa7zzqXhlYJ5viZG+4J6+h7b0CzaO+GJ7Xz7RA/5rJnfxV5hCph/Ba8mzj/KdlLO1E9SMvsYOhzS/iLZj1i5LeaNftFrYm5siXVV7xzsPZK1NcnEp+ec/ZLBh55k9JlDNQI37NX8oeB6sTznRMIqz1mO2tSmMwcol76nVPEahFmiSWRtxufx4Pg0+5aeuLMLY39hSQxf1JZc/LpbNi0FUWkJDNxcvUrfnRJT6sFMxdXQkjxZUjJkU/tegjHcvpOkTKTGf4KUL09UbIVJxK3T//XjNEo30OYA7R3UZczhCCyudHVV51yzK+oZMmkekB+hsnbrmY3lZjkahIfIGNmJR60cGf2qKpjeQxFxl6RGLfvZP16FW+NayjUJuhkZzzjQb3cD+NfDX7OclhDl1u1ViETkQ0iNEsZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==; ai_user=poCuC5pYvu3tvkLIWvhj9N|2024-04-30T12:54:24.664Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 1
date: Tue, 30 Apr 2024 12:54:24 GMT
cache-control: no-cache, no-store
x-robots-tag: noindex
set-cookie: visid_incap_2302165=GjG++hSQSoW/AhvqZXGefwDqMGYAAAAAQUIPAAAAAAB93xXy+MjynDe08o7KAFPy; expires=Tue, 29 Apr 2025 22:27:28 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_730_2302165=kQFHfxAoLUbcioCJNHshCgDqMGYAAAAAOSPYV9qqXPuLhOjB4ZAeoQ==; path=/; Domain=.everyaction.com; Secure; SameSite=None
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PIuom5fcrXMmdukdfiZCJAgEgWODsr3fDRCwNvqQl1WfhrHL9TefcA==
X-Firefox-Spdy: h2
evnt.byspotify.com/
34.111.186.1200 OK 0 B IP 34.111.186.1:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subjectprfx.byspotify.com
Fingerprint66:2D:9D:CB:40:AB:85:AD:83:32:A9:74:38:7E:4D:36:B6:79:C7:B5
ValidityTue, 05 Mar 2024 09:15:10 GMT - Mon, 03 Jun 2024 10:08:23 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS / HTTP/1.1
Host: evnt.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-methods: POST
access-control-allow-headers: content-type
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-allow-credentials: false
content-length: 0
date: Tue, 30 Apr 2024 12:54:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
44.212.189.233/is
44.212.189.233200 OK 32 B IP 44.212.189.233:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subject44.212.189.233
Fingerprint7B:A4:EF:3B:69:88:54:CA:5B:3A:E3:61:73:D8:A1:2E:82:73:67:D2
ValidityFri, 26 Jan 2024 00:00:00 GMT - Sat, 15 Feb 2025 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 74f0c11a63b359097c70aee0c15e22ac
c6a83b07fed05c0f48287bcadcaeafe13d5ffb30
d97ed0d8a134cee334d7bd2842a5cc57fdb083b84797f7b8f3951397d3536763
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /is HTTP/1.1
Host: 44.212.189.233
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 12:54:25 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
evnt.byspotify.com/
34.111.186.1200 OK 2 B IP 34.111.186.1:443
ASN #396982 GOOGLE-CLOUD-PLATFORM
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subjectprfx.byspotify.com
Fingerprint66:2D:9D:CB:40:AB:85:AD:83:32:A9:74:38:7E:4D:36:B6:79:C7:B5
ValidityTue, 05 Mar 2024 09:15:10 GMT - Mon, 03 Jun 2024 10:08:23 GMT
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST / HTTP/1.1
Host: evnt.byspotify.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://takeaction.sandyhookpromise.org/
Content-Type: application/json
Content-Length: 878
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: application/json
content-length: 2
date: Tue, 30 Apr 2024 12:54:25 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
profile.ngpvan.com/identity?callback=_jqjsp
45.60.33.183200 OK 166 B URL GET HTTP/2 profile.ngpvan.com/identity?callback=_jqjsp
IP 45.60.33.183:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert, Inc.
Subject*.ngpvan.com
Fingerprint2D:B2:24:49:27:DE:BE:1B:7D:48:61:CF:B5:98:53:61:A8:1E:63:71
ValidityTue, 07 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash a815f2b8d00428f5398134d98bc7764a
7abd280d001e9948a3989299089fdc70bf0c1d95
f68fa925aa7c9d9f9165f4fa0a108ad5746fcaa5ad25253a6aa78b74bea09482
GET /identity?callback=_jqjsp HTTP/1.1
Host: profile.ngpvan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
date: Tue, 30 Apr 2024 12:54:24 GMT
server: Microsoft-IIS/10.0
content-encoding: gzip
etag: W/"32-er0oDQAemUijmJKZCJ/ccL8MHZU"
vary: Accept-Encoding
content-length: 166
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-powered-by: Express, ASP.NET
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-content-type-options: nosniff
set-cookie: visid_incap_2233503=ieTEjsfkROmuUBR0OLK0YP/pMGYAAAAAQUIPAAAAAAA1PXHJGMGjyh5990zZ/Ze9; expires=Tue, 29 Apr 2025 22:26:37 GMT; HttpOnly; path=/; Domain=.ngpvan.com
nlbi_2233503=Jmx1DUgAABnDCqk4wSMtjAAAAADh17fiss1SHmM0N2wU2Iq1; path=/; Domain=.ngpvan.com
incap_ses_722_2233503=N7gnZ7ldq307VMMJNg8FCgDqMGYAAAAAN4HmlX8XI9JDP31bE7a33w==; path=/; Domain=.ngpvan.com
x-incap-sess-cookie-hdr: rtahFtfEPxY7VMMJNg8FCgDqMGYAAAAALFmmkklYmVNUFW2vN4Nz0w==
x-cdn: Imperva
x-iinfo: 3-6873432-6873435 NNNN CT(101 212 0) RT(1714481663958 34) q(0 0 4 1) r(5 5) U24
X-Firefox-Spdy: h2
secure.everyaction.com/v1/Forms/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
45.60.33.183200 OK 6.5 kB URL GET HTTP/2 secure.everyaction.com/v1/Forms/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
IP 45.60.33.183:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subject*.everyaction.com
Fingerprint17:2A:C9:F8:51:1B:DC:81:1E:E6:D5:8B:30:8F:5B:7A:86:BE:66:C8
ValidityMon, 04 Mar 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
Hash 34dd8d94ec78ecb72418b08511c62698
b2d565f5bdf279c39db1b46c10aec2a2feeed250
1eedbf6bd8978204fd1ffcf3ec0a829e9ca86626f10df9508ec391218a3196a2
GET /v1/Forms/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700 HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 30 Apr 2024 12:54:24 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-expose-headers: Request-Context
cache-control: no-cache
content-encoding: gzip
expires: -1
pragma: no-cache
vary: Accept-Encoding
content-length: 6509
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; expires=Tue, 29 Apr 2025 22:26:35 GMT; HttpOnly; path=/; Domain=.everyaction.com; Secure; SameSite=None
nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; path=/; Domain=.everyaction.com; Secure; SameSite=None
incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==; path=/; Domain=.everyaction.com; Secure; SameSite=None
; Secure; SameSite=None; SameSite=None; Secure
x-incap-sess-cookie-hdr: YFPNbVvFrgQ9VMMJNg8FCgDqMGYAAAAAHA/lI9U+dX6Odvq1zusd9g==
x-cdn: Imperva
x-iinfo: 4-7523558-7523560 NNNN CT(104 223 0) RT(1714481663982 40) q(0 0 3 0) r(4 4) U2
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1874
216.239.34.36204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1874
IP 216.239.34.36:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1874 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://takeaction.sandyhookpromise.org
date: Tue, 30 Apr 2024 12:54:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34 51 kB URL js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:0
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (37132)
Hash 891d22e58a2927b43f5ab135e7bdaa88
870024faaa78f6e2f00dff37f771dcc6db9c55cb
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: 2mSfroUvv0inFfaYDXzfTlSuQLWHh6dv7eiJBCCErX4ZvXT6QM696g==
Age: 25
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKWPVM1K2&cid=1965567978.1714481664>m=45je44t0v867856992z8832047205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=98856419
142.250.74.163200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKWPVM1K2&cid=1965567978.1714481664>m=45je44t0v867856992z8832047205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=98856419
IP 142.250.74.163:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintDE:35:DD:F6:8A:FF:6F:9D:0E:3D:27:DD:E2:B8:DE:CE:A4:6A:C8:C9
ValidityMon, 08 Apr 2024 07:44:18 GMT - Mon, 01 Jul 2024 07:44:17 GMT
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKWPVM1K2&cid=1965567978.1714481664>m=45je44t0v867856992z8832047205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=98856419 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 30 Apr 2024 12:54:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
54.230.111.60200 OK 20 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/styles/intlTelInput.min.css
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type ASCII text, with very long lines (19754)
Hash 7e7462900c78bbf73c9dfde6c0b617fc
3114738cf2bd0244badb59d54a7ed7b472a254c9
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
GET /ea-actiontag/assets/styles/intlTelInput.min.css HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 19755
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 06 Jul 2022 18:06:16 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 29 Apr 2024 23:29:59 GMT
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9wsfg2YYOtRyAiSFvrap39b0JE8YH66KlnPShWBitSDrtLz9F5II-g==
age: 48267
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
54.230.111.60200 OK 21 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/js/intlTelInput.js
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (9887)
Hash 7f1dda305cd6f95d86b0431d1a8d5cd8
55622740e87d7c943609e279a7a16a8d99544369
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
GET /ea-actiontag/assets/js/intlTelInput.js HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 20855
date: Fri, 19 Apr 2024 13:54:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 11 Apr 2023 14:36:16 GMT
etag: "0d84f90a2a517cacd498722e0fe0500e"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BcRvmtfIEvrELlMgdkKc_0WcY1YHma_gP5iR5XQ9xCUA5_eNYdL1Ww==
age: 946804
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
54.230.111.60200 OK 56 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/js/intl-tel.input.utils.js
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1435)
Hash c3c1223d685c11160c4c29b800557da2
f729b4e37e7f2ade4cb59f77ca839eba055bc7a6
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
GET /ea-actiontag/assets/js/intl-tel.input.utils.js HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 56004
date: Fri, 19 Apr 2024 13:54:22 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 12 Apr 2022 14:33:00 GMT
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
cache-control: max-age=31536000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 47u6_Oal42oTRzcJl_6oaCsNKkiC3VNV52YscnqN4DoH5RlwlyX6pQ==
age: 946804
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/images/paypal-logo.png
54.230.111.60200 OK 2.8 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/images/paypal-logo.png
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type PNG image data, 100 x 26, 8-bit/color RGBA, non-interlaced
Hash 459c51e4e024db4720b62513d12edb6a
1545a31cdd1e1dc04fc441e976c016c9fbdc3f7d
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
GET /ea-actiontag/assets/images/paypal-logo.png HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2778
date: Thu, 04 Jan 2024 21:27:43 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
etag: "459c51e4e024db4720b62513d12edb6a"
cache-control: public,max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FqfIOsdaS5w4U2FChukzsElCwjKJ1W-cKhx_kILvzZaNTWKQbZJzhA==
age: 10078003
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/images/cc.png
54.230.111.60200 OK 3.4 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/images/cc.png
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type PNG image data, 180 x 20, 8-bit/color RGBA, non-interlaced
Hash 294b44fc8703a45684537d51e363c045
21183412652fa2a1eb23420ce7bdc3302fe156c3
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
GET /ea-actiontag/assets/images/cc.png HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3392
date: Wed, 24 May 2023 09:21:47 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
etag: "294b44fc8703a45684537d51e363c045"
cache-control: public,max-age=31536000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DsRP3cyhd0hBS9ujKZCgQlpM8sQbkkXCNMv39Zk8KCL33Xjb7M7g9A==
age: 29561559
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
54.230.111.34200 OK 109 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (42634)
Size 109 kB (109323 bytes)
Hash 55ba8f4f8f5789d1d6f863f100a30e86
68b1ef660ea6046389cfed91a21e5399d9c99bd3
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
GET /vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dfNrOeyXnbYejscHggIwSa23OWdKncujhwDo8u8fKyrZJvZGxzunog==
Age: 19
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 15:44:03 GMT
expires: Fri, 25 Apr 2025 15:44:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 421822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33
ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Apr 2024 17:04:50 GMT
expires: Sun, 27 Apr 2025 17:04:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 244175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.everyaction.com/v1/Track/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700&formSessionId=f6fd4c2e-86f3-4aaf-9fe5-2a6ffae59ea4&bName=firefox&dType=desktop&formVersion=4/17/2024%203:47:20%20PM|3/21/2024%205:02:35%20PM&fUrl=aHR0cHM6Ly90YWtlYWN0aW9uLnNhbmR5aG9va3Byb21pc2Uub3JnL2EvYXByaWxtYXRjaDIwMjQtMng%2FYW10T3B0cz0xMCwyNSw1MCwxMDAmY29udGFjdGRhdGE9MVhjU0lNSmYyMlZWaGN4QnRxNWZPM2lRKzJ3OG5BbXBwVUxBMlhTU2tVdFJFZzRrbUgyVHBwM21OUXFvckNBRDhZQXhubUV3Ti9ST2U4UVZZb2RjdTNTTThNcHZ3SEIySmVtZ1krc1Z6ZGVJRnZhcnlOdmxxYytWcGZqUm5KQjB4ZkhHQklheDh1ZFZSMW1IR0hiekhnRjJXK0M3aHpOQnpQSFpHK3I4QXBVPSZzb3VyY2U9ZV8yMDI0MDQyNV9wXzUmdXRtX3NvdXJjZT1zaHAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249ZnImZW1jaT01MjY2ZjA2ZC0xMjAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmZW1kaT01NWQ3OGMxYi01NzAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmY2VpZD0xMDIwMDcwMA%3D%3D&fRef=
45.60.33.183200 OK 0 B URL GET HTTP/2 secure.everyaction.com/v1/Track/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700&formSessionId=f6fd4c2e-86f3-4aaf-9fe5-2a6ffae59ea4&bName=firefox&dType=desktop&formVersion=4/17/2024%203:47:20%20PM|3/21/2024%205:02:35%20PM&fUrl=aHR0cHM6Ly90YWtlYWN0aW9uLnNhbmR5aG9va3Byb21pc2Uub3JnL2EvYXByaWxtYXRjaDIwMjQtMng%2FYW10T3B0cz0xMCwyNSw1MCwxMDAmY29udGFjdGRhdGE9MVhjU0lNSmYyMlZWaGN4QnRxNWZPM2lRKzJ3OG5BbXBwVUxBMlhTU2tVdFJFZzRrbUgyVHBwM21OUXFvckNBRDhZQXhubUV3Ti9ST2U4UVZZb2RjdTNTTThNcHZ3SEIySmVtZ1krc1Z6ZGVJRnZhcnlOdmxxYytWcGZqUm5KQjB4ZkhHQklheDh1ZFZSMW1IR0hiekhnRjJXK0M3aHpOQnpQSFpHK3I4QXBVPSZzb3VyY2U9ZV8yMDI0MDQyNV9wXzUmdXRtX3NvdXJjZT1zaHAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249ZnImZW1jaT01MjY2ZjA2ZC0xMjAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmZW1kaT01NWQ3OGMxYi01NzAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmY2VpZD0xMDIwMDcwMA%3D%3D&fRef=
IP 45.60.33.183:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subject*.everyaction.com
Fingerprint17:2A:C9:F8:51:1B:DC:81:1E:E6:D5:8B:30:8F:5B:7A:86:BE:66:C8
ValidityMon, 04 Mar 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/Track/JVonxiRzzUuM1DCeJzB_YA2?amtOpts=10%2C25%2C50%2C100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU%3D&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700&formSessionId=f6fd4c2e-86f3-4aaf-9fe5-2a6ffae59ea4&bName=firefox&dType=desktop&formVersion=4/17/2024%203:47:20%20PM|3/21/2024%205:02:35%20PM&fUrl=aHR0cHM6Ly90YWtlYWN0aW9uLnNhbmR5aG9va3Byb21pc2Uub3JnL2EvYXByaWxtYXRjaDIwMjQtMng%2FYW10T3B0cz0xMCwyNSw1MCwxMDAmY29udGFjdGRhdGE9MVhjU0lNSmYyMlZWaGN4QnRxNWZPM2lRKzJ3OG5BbXBwVUxBMlhTU2tVdFJFZzRrbUgyVHBwM21OUXFvckNBRDhZQXhubUV3Ti9ST2U4UVZZb2RjdTNTTThNcHZ3SEIySmVtZ1krc1Z6ZGVJRnZhcnlOdmxxYytWcGZqUm5KQjB4ZkhHQklheDh1ZFZSMW1IR0hiekhnRjJXK0M3aHpOQnpQSFpHK3I4QXBVPSZzb3VyY2U9ZV8yMDI0MDQyNV9wXzUmdXRtX3NvdXJjZT1zaHAmdXRtX21lZGl1bT1lbWFpbCZ1dG1fY2FtcGFpZ249ZnImZW1jaT01MjY2ZjA2ZC0xMjAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmZW1kaT01NWQ3OGMxYi01NzAzLWVmMTEtOTZmMy03YzFlNTIxYjA3ZjkmY2VpZD0xMDIwMDcwMA%3D%3D&fRef= HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:24 GMT
access-control-expose-headers: Request-Context
cache-control: no-cache
expires: -1
pragma: no-cache
content-length: 0
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-incap-sess-cookie-hdr: JtSOLcziOXk9VMMJNg8FCgDqMGYAAAAAcKlovCtTiGyw2bkBWMwt/g==
x-cdn: Imperva
set-cookie: ; Secure; SameSite=None; SameSite=None; Secure
x-iinfo: 4-7523558-7523560 PNNN RT(1714481663982 745) q(0 0 0 -1) r(1 1) U2
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
54.230.111.60200 OK 9.2 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/assets/images/fast-action.svg
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash babd47dc25531a9faeadc04f1afa1910
16156e1a0c9cbf2abae8cf6db2b1fa5081c11920
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
GET /ea-actiontag/assets/images/fast-action.svg HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 9203
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Apr 2024 00:52:07 GMT
cache-control: max-age=86400
etag: "babd47dc25531a9faeadc04f1afa1910"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: De_zxv5Z2UNwgsTDqn7Fv0AIw2n8yjuKbqeDPk3dHm2U2J7gqXt1lQ==
age: 44443
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34 51 kB URL js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:0
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (37132)
Hash 891d22e58a2927b43f5ab135e7bdaa88
870024faaa78f6e2f00dff37f771dcc6db9c55cb
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: Yk31kJfQnyIjGNAzfGpsCQOr2KQpLPMHWOJ_JTun-h28A1gLMAosFg==
Age: 25
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34 51 kB URL js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:0
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (37132)
Hash 891d22e58a2927b43f5ab135e7bdaa88
870024faaa78f6e2f00dff37f771dcc6db9c55cb
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: 4zgKiJ8GTJpnWK7hR6433d-RKw7zVCbtq0hhHHtLmCfGH-DSpUts4A==
Age: 25
doublethedonation.com/api/css/ddplugin.css
20.172.164.4200 OK 13 kB URL GET HTTP/2 doublethedonation.com/api/css/ddplugin.css
IP 20.172.164.4:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subjectwww.doublethedonation.com
Fingerprint21:7F:85:75:8A:D5:7E:AE:DE:FA:D2:87:BD:BB:D5:67:A7:60:92:61
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65517), with no line terminators
Hash 6518bac2b7aa6fc972aec21d610027fd
7a960327793956f21310b2f9b332f4e83f23801f
c10d13a29fca8e48333f10be721d9f9840926fa4ece25e0cbb89ac8556a88eef
GET /api/css/ddplugin.css HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:25 GMT
content-type: text/css; charset=utf-8
content-length: 13197
server: nginx
last-modified: Fri, 26 Apr 2024 00:41:34 GMT
vary: Accept-Encoding
etag: "662af83e-338d"
content-encoding: br
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
X-Firefox-Spdy: h2
fastaction.ngpvan.com/api/v2/identity
45.60.33.183200 OK 253 B URL GET HTTP/2 fastaction.ngpvan.com/api/v2/identity
IP 45.60.33.183:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert, Inc.
Subject*.ngpvan.com
Fingerprint2D:B2:24:49:27:DE:BE:1B:7D:48:61:CF:B5:98:53:61:A8:1E:63:71
ValidityTue, 07 Nov 2023 00:00:00 GMT - Wed, 06 Nov 2024 23:59:59 GMT
Hash 276e5ba182cdea905284316a76379dd3
5effc5ad7295a45646d080f16fa92fb4061d1b36
6198b84cf09973e109db2f5fee69ef12db6a7b25245e7d6ce6dd3807719021f2
GET /api/v2/identity HTTP/1.1
Host: fastaction.ngpvan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-length: 253
content-type: application/json; charset=utf-8
date: Tue, 30 Apr 2024 12:54:25 GMT
server: Microsoft-IIS/10.0
access-control-allow-credentials: true
access-control-allow-origin: https://takeaction.sandyhookpromise.org
content-encoding: gzip
etag: W/"87-Xv/FrXKVpFZG0IDxb6kvtAYdGzY"
vary: Accept-Encoding,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
x-powered-by: Express, ASP.NET
p3p: CP="NOI ADM DEV COM NAV OUR STP"
set-cookie: visid_incap_972453=zttU//0CQSuQNIgqrA2pbgDqMGYAAAAAQUIPAAAAAAA9GLu/ALxbpIy73i5TkMxp; expires=Tue, 29 Apr 2025 22:26:37 GMT; HttpOnly; path=/; Domain=.ngpvan.com
nlbi_972453=ZpWuBfTrWgE3nkiv+GeOKAAAAAB8/udBQorClQuoyHFoWsl2; path=/; Domain=.ngpvan.com
incap_ses_722_972453=/M1KGHlL7zhnVMMJNg8FCgHqMGYAAAAAJSAxWcQ7AhNbDyZU99VQtw==; path=/; Domain=.ngpvan.com
x-incap-sess-cookie-hdr: M+stARo5VH9nVMMJNg8FCgHqMGYAAAAACxo7i+BXDAGY8yOhM3vsqA==
x-cdn: Imperva
x-iinfo: 3-6873432-6873460 NNNN CT(100 229 0) RT(1714481663958 763) q(0 0 3 0) r(4 4) U4
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
54.230.111.34200 OK 109 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (42634)
Size 109 kB (109323 bytes)
Hash 55ba8f4f8f5789d1d6f863f100a30e86
68b1ef660ea6046389cfed91a21e5399d9c99bd3
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
GET /vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4mqT9-x8_RyBGD4nsMdlF4h5rK8Gk7IQC6-vQZ9w0BJ_i9M5HMnN0g==
Age: 19
js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
54.230.111.34200 OK 109 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (42634)
Size 109 kB (109323 bytes)
Hash 55ba8f4f8f5789d1d6f863f100a30e86
68b1ef660ea6046389cfed91a21e5399d9c99bd3
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
GET /vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Max-Age: 3000
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Server: AmazonS3
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 1quyx4Mkk0euXgSKAT_YN2AZoxTb6YC3IHdjQehaatrWRMHXAbZiMA==
Age: 19
doublethedonation.com/api/js/ddplugin.js
20.172.164.4200 OK 97 kB URL GET HTTP/2 doublethedonation.com/api/js/ddplugin.js
IP 20.172.164.4:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subjectwww.doublethedonation.com
Fingerprint21:7F:85:75:8A:D5:7E:AE:DE:FA:D2:87:BD:BB:D5:67:A7:60:92:61
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1253)
Hash 67b2d05260f4613244439f94a5e9ad2b
bd08e5caba9c8b6505ed65763752ff369ab7990e
48e2c1dd587adc0a3c4f91e3b35cbae1df45d9b048527040b1a2acc3fcac0b17
GET /api/js/ddplugin.js HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 97003
server: nginx
last-modified: Fri, 26 Apr 2024 00:41:32 GMT
vary: Accept-Encoding
etag: "662af83c-17aeb"
content-encoding: br
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
X-Firefox-Spdy: h2
doublethedonation.com/api/js/ddplugin.js
20.172.164.4200 OK 97 kB URL GET HTTP/2 doublethedonation.com/api/js/ddplugin.js
IP 20.172.164.4:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subjectwww.doublethedonation.com
Fingerprint21:7F:85:75:8A:D5:7E:AE:DE:FA:D2:87:BD:BB:D5:67:A7:60:92:61
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (1253)
Hash 67b2d05260f4613244439f94a5e9ad2b
bd08e5caba9c8b6505ed65763752ff369ab7990e
48e2c1dd587adc0a3c4f91e3b35cbae1df45d9b048527040b1a2acc3fcac0b17
GET /api/js/ddplugin.js HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 97003
server: nginx
last-modified: Fri, 26 Apr 2024 00:41:32 GMT
vary: Accept-Encoding
etag: "662af83c-17aeb"
content-encoding: br
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
35.81.173.170200 OK 1.5 kB URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
IP 35.81.173.170:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (2757)
Hash 7cdfc73c61feede0220c255a5039a66c
1e82b257dc77e99e185faa712f333a45e159a030
2a5664ee3e51437ec943557f61ede34e42aacaace73f225502fa5fdea24fc498
GET /st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&cb=10926942772860482term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 12:54:25 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=c6425c27-06f0-11ef-be48-0b2d28d46585;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
transfer-encoding: chunked
js.verygoodvault.com/vgs-collect/icons/visa.svg
54.230.111.34200 OK 732 B URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/visa.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash bf0e3c7ebdd4f91c9ef36fefa89822e9
a28a4113dab410be2b84c335688d70e7ca0ee99e
5c18247c9312f3803e50556d2624d849d2ea34f7215933480e9cf4922e51e61d
GET /vgs-collect/icons/visa.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 03:09:30 GMT
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oQgReBmIyJMIg3phjRYd2Lrgrxx1R5qt9Cduxig37kLqq5rJO2qf6Q==
Age: 35302
js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
54.230.111.34200 OK 1.7 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash c962f159de73e843c20331630bc3cd07
cd7283c497e584ca904ebe1a092a2ed5955fa269
e1b25d297cfba1c2041f2161fb06a98489936115ab10122d25a3ffc148fa6e19
GET /vgs-collect/icons/visa-electron.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 01:57:20 GMT
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DwrgYtabAebqAqHc06GAoQW8BEhoiQOPXviHqu4oEIhzxqwpGg4L7w==
Age: 40251
js.verygoodvault.com/vgs-collect/icons/amex.svg
54.230.111.34200 OK 616 B URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/amex.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash d76aac2504772a3c74494f11fd18d87f
9f293d80f214cb06731235f4ab125cd594b99454
8462232b758eeb2c5668c5055a02151b26a1e92911c35a6b54df92bbc0ca9b57
GET /vgs-collect/icons/amex.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 01:37:06 GMT
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: J-QAVnpAIXu_XoBUdbRLx0J81yxqx48z3UPQcq6hrKN_gw4gCXMSkA==
Age: 43998
js.verygoodvault.com/vgs-collect/icons/unionpay.svg
54.230.111.34200 OK 5.0 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/unionpay.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 01249c1708efa3c5c18a35778f20207b
ab033bb1950f6f88ef7df5df58b00b30747e6e63
227fad27b91e11b7b4dfe3d0bd865ac459978c147c5add91872cbef812ea5392
GET /vgs-collect/icons/unionpay.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 03:02:31 GMT
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9Ca35Tp-LGiSCzkfd1C7dR6j7GMtGw7p3-CopWXvOf1vQycLWE4MgQ==
Age: 37172
js.verygoodvault.com/vgs-collect/icons/meeza.svg
54.230.111.34200 OK 6.1 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/meeza.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 07e73ffeb1e07b87f158e34e9900bd96
b117a55effd7f773aca122d3075963e6b974fb88
37cce3f7ecfd27042c282bcf3bad3543ef42776df3053ea0d763633ae2e1b68c
GET /vgs-collect/icons/meeza.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 04:11:27 GMT
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: M6ya4aUmW4BdBHccFE9ZBWYKKLmn0QGqaIg6yOAv4rga7jf0CgIJ8g==
Age: 31379
js.verygoodvault.com/vgs-collect/icons/maestro.svg
54.230.111.34200 OK 3.7 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/maestro.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 3625c25fe4e71c0daa524694d3b3d2e2
feb9852f45f33009a9fec0179cdadfc696e407bc
dcc71f401f7e5d1432ddb8b68455445fe6496eec0a2f33a326a7d780084db667
GET /vgs-collect/icons/maestro.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 01:37:06 GMT
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5lidV5ru1GfaBO97L2gCRsLSjMf4GTjQQcmd7i2T5c5YZ77qYeKzSg==
Age: 41544
js.verygoodvault.com/vgs-collect/icons/jcb.svg
54.230.111.34200 OK 1.5 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/jcb.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash afc9c9bd9dd25718d84aa1b295e3cd4f
a0d9685a58e21495428834847283b05a3fe80c66
83ec65228d22f423ac876699c992bf30b1f142bbdc3f57a6b0161ee7e30a3a55
GET /vgs-collect/icons/jcb.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 03:06:05 GMT
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qiAEKROjQ9o3SRGHyXATecOfesnX-CcEsffEeeJXbVme1Ut-ReMenw==
Age: 35302
js.verygoodvault.com/vgs-collect/icons/mastercard.svg
54.230.111.34200 OK 863 B URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/mastercard.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 8baef8cd0813bb42fe4bd99adf195035
0d274ba2a1f35a03c4a27a9cba61af3c536c9f22
817dde892d03389895b2e56b78fbd6fdbe2de5a19592fa30dbac28a113d0eeca
GET /vgs-collect/icons/mastercard.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 04:33:08 GMT
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: m23_epCeOt7Fa9Zcui0-hO2sZrels0GcIVFDwrecvuCjjSKbbVlINQ==
Age: 30475
js.verygoodvault.com/vgs-collect/icons/hipercard.svg
54.230.111.34200 OK 2.3 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/hipercard.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 39424aebb87e84c688d70ebf51e5cec6
a60b349c1111cba25c9485baf585996d833a0562
ec76a244f6fa839c5a5267978cc55feea10596ccdcf21a51574683806b202d86
GET /vgs-collect/icons/hipercard.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 06:52:42 GMT
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: NbYt4oJc-ULubkOg0yNvaI3lLFnA9CHdQNGuk7pe4eLtL7aGkrYksQ==
Age: 22002
js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
54.230.111.34200 OK 1.2 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 0e30901c80583be81a54ad19e75340a7
53809067bfbb82011ce2d35ae212361d9ef888f8
ae69ad5cfa225ae48e0880efc83da5f030a406097bb4327b2665a410e1ce014b
GET /vgs-collect/icons/forbrugsforeningen.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 30 Apr 2024 03:48:24 GMT
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
ETag: W/"0e30901c80583be81a54ad19e75340a7"
x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ULUsVamBSPIOBc7OC0Pp_NGw2tBTY2vSLbUKlWkhz1_XFpCUM0rsYw==
Age: 32763
nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/shpfi.png
20.60.58.97200 OK 2.1 kB URL GET HTTP/1.1 nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/shpfi.png
IP 20.60.58.97:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerMicrosoft Corporation
Subject*.blob.core.windows.net
FingerprintB2:94:09:5D:1D:DB:EB:B2:B5:E5:F1:E7:8C:3E:9C:B6:86:B3:0A:66
ValidityTue, 26 Mar 2024 15:46:48 GMT - Fri, 21 Mar 2025 15:46:48 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Hash 7abadb2ea4d8bf001bbd02ca57b6b605
4a6fc7a7fa861f402458faa260feb8121583dece
aefc029af48d79560f924ba0147d16b64e525ce4b71144428a41910132ccf858
GET /images/van/SHPRO/SHPRO/1/92586/images/shpfi.png HTTP/1.1
Host: nvlupin.blob.core.windows.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2061
Content-Type: image/png
Last-Modified: Thu, 30 Sep 2021 23:15:59 GMT
ETag: 0x8D9846843654506
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: ff52d05d-c01e-0038-01fd-9ae391000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Date: Tue, 30 Apr 2024 12:54:26 GMT
js.verygoodvault.com/vgs-collect/icons/elo.svg
54.230.111.34200 OK 1.5 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/elo.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 2819c6f92cfc42b73058a840aba885a7
5a17d296333b9e7cba231452cdeb71ad83242b26
54238b8e5886677b3d5d50f8650c010fb8712e8690f14bab5482a47ee1f81cc9
GET /vgs-collect/icons/elo.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 30 Apr 2024 02:04:56 GMT
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V8kESh3o4DEKSIxj-swDs-p9s2kTCnM6c89esiGJsyHhtLn73A_Ahw==
Age: 38971
js.verygoodvault.com/vgs-collect/icons/discover.svg
54.230.111.34200 OK 1.8 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/discover.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 5bd5bab591da0ad8f328376e0f9ebe29
0aa1c4055045d7d8a1a3164236e196a4b094b419
263135100308f02ac00a4897dc904d71f5d071d88289de9df08b251c249f0296
GET /vgs-collect/icons/discover.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 03:52:03 GMT
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: COrohLBjJgH-uJLqxmKyiyaoSjhbTbzbSPqZDwC64ajHXWCJwwhfoQ==
Age: 34124
js.verygoodvault.com/vgs-collect/icons/diners-club.svg
54.230.111.34200 OK 851 B URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/diners-club.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 39a2c40eee9103f96fab5bc8d3dbbeb8
59de031d6fd5f9428177acbdc7b317188dbd93c4
459f1bd18ff2e866c6bff49d12c5dbaaf0bb7a629ee3f5afd299502af6f6887d
GET /vgs-collect/icons/diners-club.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 03:21:44 GMT
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Xs6NMuurzSiP-iGFqqCppW9JN9ZiCkZx2IhQSUtmiwWwE8to-588_w==
Age: 34576
js.verygoodvault.com/vgs-collect/icons/dankort.svg
54.230.111.34200 OK 807 B URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/icons/dankort.svg
IP 54.230.111.34:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations%5B0%5D=validCardNumber&validations%5B1%5D=required&autoComplete=cc-number&formId=randomId3008148061648798828&fieldId=randomId3007067283760816784&createdAt=1714481665769&tnt=dG50dzFwem5sYW0%3D&env=bGl2ZQ%3D%3D&logLevel=default&satellitePort=&vgsCollectSessionId=82d79846-9891-43f0-a196-870218e2b47e&css%5BfontSize%5D=.875rem&css%5BfontFamily%5D=monospace&css%5BlineHeight%5D=1&css%5BbackgroundColor%5D=%23fff&css%5B%26%3A%3Aplaceholder%5D%5Bcolor%5D=%23ced4da&css%5B%26%3A%3Aplaceholder%5D%5BfontWeight%5D=bold
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
File type SVG Scalable Vector Graphics image
Hash 5a58f174478046c4d7105db80bb660f0
2be9104a907a512965bf126ff9985896752899f4
0c3ddff999a6d65755344b21f79525cf0932af58f198b3e5db1fb42ed7aca219
GET /vgs-collect/icons/dankort.svg HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Server: AmazonS3
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Date: Tue, 30 Apr 2024 02:40:07 GMT
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mu97SlErxCgAy44mV3DqZF5fNG_WRH5yJ1ebGjTZ4GZkb9oFt2HGdw==
Age: 36860
payments.braintree-api.com/graphql
13.248.139.42200 OK 675 B URL OPTIONS HTTP/2 payments.braintree-api.com/graphql
IP 13.248.139.42:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectpayments.braintree-api.com
Fingerprint68:08:74:96:7E:51:5F:A1:07:87:AF:FD:7E:96:F8:61:7A:6C:B6:94
ValidityWed, 23 Aug 2023 00:00:00 GMT - Sun, 22 Sep 2024 23:59:59 GMT
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)
Hash e378b351d79bb18d8945e6b779b9957d
fade1239ac0d532784cb2d8f6673d3d0ff088336
9b6224861ad33fdab43095ef21a723704c23c2a0518979f43be5167e5fe2828e
OPTIONS /graphql HTTP/1.1
Host: payments.braintree-api.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,braintree-version,content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:26 GMT
server: nginx
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-max-age: 1800
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: authorization,braintree-version,content-type
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
x-content-type-options: nosniff
paypal-debug-id: 7cfbe329dfcd4
X-Firefox-Spdy: h2
doublethedonation.com/api/v1/plugin_settings?customer_id=hS2fpcymceyXGH4n
20.172.164.4200 OK 287 B URL GET HTTP/2 doublethedonation.com/api/v1/plugin_settings?customer_id=hS2fpcymceyXGH4n
IP 20.172.164.4:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subjectwww.doublethedonation.com
Fingerprint21:7F:85:75:8A:D5:7E:AE:DE:FA:D2:87:BD:BB:D5:67:A7:60:92:61
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
Hash b13d7b33f92cd0503a0b191fb62bd960
dfaedf183426a7b697d2e7135db9983e7876840b
e055d32dc45811798f46a791390be0a2cb073b0c1a09fe16c3b6ba2b584b0bd6
GET /api/v1/plugin_settings?customer_id=hS2fpcymceyXGH4n HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:26 GMT
content-type: application/json; charset=utf-8
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
content-encoding: br
X-Firefox-Spdy: h2
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
192.229.221.25200 OK 3.0 kB URL GET HTTP/2 checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
IP 192.229.221.25:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectwww.paypal.com
Fingerprint4B:C0:E1:F0:16:B3:A4:B3:63:08:41:DF:F2:EF:8D:65:54:1D:30:B1
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 31 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (7892), with no line terminators
Hash fe32f69c95a577153eb5829193e79605
bc5d90c4c7e19dbae620773eca07da3f6f870b19
6d55efade9ac73087908d12850743009e8cb0634976bcdf224bfe87b65174668
GET /web/3.44.2/html/dispatch-frame.min.html HTTP/1.1
Host: checkout.paypal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
cache-control: max-age=86400, s-maxage=31536000, public,max-age=3600
content-type: text/html
date: Tue, 30 Apr 2024 12:54:27 GMT
dc: ccg11-origin-www-1.paypal.com
etag: "662bdc42-1ed4+gzip"
expires: Wed, 01 May 2024 12:54:27 GMT
last-modified: Fri, 26 Apr 2024 16:54:26 GMT
paypal-debug-id: 9c2d608b47851
server: ECAcc (ska/F6C2)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000009c2d608b47851-557f8dc178c68e62-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
content-length: 3026
X-Firefox-Spdy: h2
doublethedonation.com/api/fontello/css/fontello.css
20.172.164.4200 OK 1.7 kB URL GET HTTP/2 doublethedonation.com/api/fontello/css/fontello.css
IP 20.172.164.4:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerSectigo Limited
Subjectwww.doublethedonation.com
Fingerprint21:7F:85:75:8A:D5:7E:AE:DE:FA:D2:87:BD:BB:D5:67:A7:60:92:61
ValiditySat, 20 Jan 2024 00:00:00 GMT - Wed, 19 Feb 2025 23:59:59 GMT
Hash dc46e7f60f25a176d0e74e1242e33d4e
4f9fd509d1e53453b4976f87652f468d7b153515
80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0
GET /api/fontello/css/fontello.css HTTP/1.1
Host: doublethedonation.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://doublethedonation.com/api/css/ddplugin.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:26 GMT
content-type: text/css; charset=utf-8
server: nginx
last-modified: Wed, 24 Apr 2024 16:17:06 GMT
vary: Accept-Encoding
etag: W/"66293082-18f3"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: public, max-age=3600;
content-encoding: br
X-Firefox-Spdy: h2
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 978
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers:
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 966
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers:
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 976
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers:
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
client-analytics.braintreegateway.com/898h6nghqy5q4zr5
3.67.30.77200 OK 0 B URL OPTIONS HTTP/1.1 client-analytics.braintreegateway.com/898h6nghqy5q4zr5
IP 3.67.30.77:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subjectclient-analytics.braintreegateway.com
Fingerprint77:EB:7D:19:E0:3C:FE:B9:64:53:5C:4F:74:FB:F5:57:72:7F:E1:5B
ValidityWed, 24 Jan 2024 00:00:00 GMT - Thu, 23 Jan 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /898h6nghqy5q4zr5 HTTP/1.1
Host: client-analytics.braintreegateway.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 969
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Headers:
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Date: Tue, 30 Apr 2024 12:54:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 0
Connection: keep-alive
px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=171448166599332&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714481666980
52.37.218.4200 OK 450 B URL GET HTTP/1.1 px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=171448166599332&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714481666980
IP 52.37.218.4:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with very long lines (1555), with no line terminators
Hash 29f2f007e70c723c5b62258cff989e33
1100616d25afae5c50685e8e9cef0e6742f5563d
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
GET /st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1965567978.1714481664&shpt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221965567978.1714481664%22%2C%22shpt%22%3A%22Donate%20By%20Friday%20To%20Double%20Your%20Impact%22%2C%22dcm_cid%22%3A%221965567978.1714481664%22%2C%22ga_utm_campaign%22%3A%22fr%22%2C%22ga_utm_source%22%3A%22shp%22%2C%22ga_utm_medium%22%3A%22email%22%2C%22mntnis%22%3A%22act5toY0b3aRWzfcVgd3FNJiJbsEySrL%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A5%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%7D%7D&dcm_cid=1965567978.1714481664&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221714481664%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=171448166599332&shguid=35b0bce9-d250-329d-b012-c0426f88d0bd&shgts=1714481666980 HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: guid=c6425c27-06f0-11ef-be48-0b2d28d46585
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 12:54:27 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: tt=H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA;Domain=px.mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
guid=c6425c27-06f0-11ef-be48-0b2d28d46585;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 13
server: istio-envoy
connection: close
transfer-encoding: chunked
dc.services.visualstudio.com/v2/track
20.50.88.242204 No Content 0 B URL OPTIONS HTTP/2 dc.services.visualstudio.com/v2/track
IP 20.50.88.242:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerMicrosoft Corporation
Subjectprod.ai.ingestion.msftcloudes.com
Fingerprint12:D8:AC:E4:A5:52:FC:5B:79:93:44:5A:E0:45:8D:7E:96:0C:38:E5
ValidityWed, 10 Apr 2024 20:43:52 GMT - Sat, 05 Apr 2025 20:43:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
access-control-allow-origin: *
access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-max-age: 3600
date: Tue, 30 Apr 2024 12:54:27 GMT
X-Firefox-Spdy: h2
dc.services.visualstudio.com/v2/track
20.50.88.242204 No Content 98 B URL OPTIONS HTTP/2 dc.services.visualstudio.com/v2/track
IP 20.50.88.242:443
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerMicrosoft Corporation
Subjectprod.ai.ingestion.msftcloudes.com
Fingerprint12:D8:AC:E4:A5:52:FC:5B:79:93:44:5A:E0:45:8D:7E:96:0C:38:E5
ValidityWed, 10 Apr 2024 20:43:52 GMT - Sat, 05 Apr 2025 20:43:52 GMT
Hash 4ab507030e4ec1aa511a5863e280fcc7
32aa0d46582dd4628fcd49de4f31138118dbf3e0
c3a4d4658e01c906fad0b5ce4bcd8cff850dc0113736ac53c0efce4a86169c74
POST /v2/track HTTP/1.1
Host: dc.services.visualstudio.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Sdk-Context: appId
Content-Length: 27784
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
access-control-allow-origin: *
date: Tue, 30 Apr 2024 12:54:27 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_scroll_depth&tfd=10420
216.239.34.36204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_scroll_depth&tfd=10420
IP 216.239.34.36:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992z8832047205za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_s=3&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=page_scroll_depth&tfd=10420 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: https://takeaction.sandyhookpromise.org
date: Tue, 30 Apr 2024 12:54:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34200 OK 162 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
Size 162 kB (161949 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: 2mSfroUvv0inFfaYDXzfTlSuQLWHh6dv7eiJBCCErX4ZvXT6QM696g==
Age: 25
gs.mountain.com/gs
35.81.162.201200 OK 144 B IP 35.81.162.201:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoDaddy.com, Inc.
Subject*.mountain.com
Fingerprint60:38:AB:C1:29:01:0A:9E:70:DF:E1:A9:65:7C:E4:4D:66:48:51:62
ValidityMon, 12 Jun 2023 16:30:05 GMT - Sun, 23 Jun 2024 07:06:21 GMT
File type JavaScript source, ASCII text, with no line terminators
Hash 24a695ea6d9080f4d6ad7b9969e9cd18
176be5a25117bfc75ae362fbe2805e105f048876
a9f8edba79875bd731d47253bb85bbed74567b143e8477f12a229a0fe7eb1eed
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: guid=c6425c27-06f0-11ef-be48-0b2d28d46585
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
date: Tue, 30 Apr 2024 12:54:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 1
server: istio-envoy
connection: close
region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=scroll&epn.percent_scrolled=90&tfd=5419
216.239.34.36204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=scroll&epn.percent_scrolled=90&tfd=5419
IP 216.239.34.36:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintFC:B1:16:E0:D8:F3:2B:F3:AB:33:E5:E1:23:57:F4:48:66:FD:4D:52
ValidityMon, 08 Apr 2024 06:34:55 GMT - Mon, 01 Jul 2024 06:34:54 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7TKWPVM1K2>m=45je44t0v867856992za200&_p=1714481663242&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1965567978.1714481664&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1714481664&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Faprilmatch2024-2x%3FamtOpts%3D10%2C25%2C50%2C100%26contactdata%3D1XcSIMJf22VVhcxBtq5fO3iQ%2B2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN%2FROe8QVYodcu3SM8MpvwHB2JemgY%2BsVzdeIFvaryNvlqc%2BVpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W%2BC7hzNBzPHZG%2Br8ApU%3D%26source%3De_20240425_p_5%26utm_source%3Dshp%26utm_medium%3Demail%26utm_campaign%3Dfr%26emci%3D5266f06d-1203-ef11-96f3-7c1e521b07f9%26emdi%3D55d78c1b-5703-ef11-96f3-7c1e521b07f9%26ceid%3D10200700&dt=Donate%20By%20Friday%20To%20Double%20Your%20Impact&en=scroll&epn.percent_scrolled=90&tfd=5419 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/3 204 No Content
access-control-allow-origin: https://takeaction.sandyhookpromise.org
date: Tue, 30 Apr 2024 12:54:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34200 OK 162 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
Size 162 kB (161949 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: Yk31kJfQnyIjGNAzfGpsCQOr2KQpLPMHWOJ_JTun-h28A1gLMAosFg==
Age: 25
fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap
142.250.74.106200 OK 3.8 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap
IP 142.250.74.106:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50
ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File type ASCII text, with very long lines (3924), with no line terminators
Hash 5aee6ea2a7de3a8ff46d7f925955f2ef
cfdffd5000653dc97ee787a5742bacebd918d99e
4ed5c8a3a7a11b50a370662b8e4fb6edf11be2476ce9b684ab0b4136ef29c006
GET /css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 30 Apr 2024 12:54:23 GMT
date: Tue, 30 Apr 2024 12:54:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
static.everyaction.com/ea-actiontag/at.min.css
54.230.111.60200 OK 61 kB URL GET HTTP/2 static.everyaction.com/ea-actiontag/at.min.css
IP 54.230.111.60:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subjectstatic.everyaction.com
FingerprintEF:D5:A3:05:91:BA:DD:0D:42:94:66:A9:52:CB:22:5E:CA:76:EE:E7
ValidityMon, 08 Apr 2024 00:00:00 GMT - Wed, 07 May 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ea-actiontag/at.min.css HTTP/1.1
Host: static.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 11704
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 23 Apr 2024 14:37:57 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
date: Tue, 30 Apr 2024 03:22:33 GMT
cache-control: max-age=900, s-maxage=86400, public
etag: "9b245aee6e53a953ee89e790e2050b60"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hIwN3R_yvh7bm_tzh8MBaVVhGJ7mQ_6j_4jULGRe-cHGUakMRMZiMg==
age: 34484
X-Firefox-Spdy: h2
secure.everyaction.com/PayPalClientToken/JVonxiRzzUuM1DCeJzB_YA2
45.60.33.183200 OK 2.4 kB URL GET HTTP/2 secure.everyaction.com/PayPalClientToken/JVonxiRzzUuM1DCeJzB_YA2
IP 45.60.33.183:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerDigiCert Inc
Subject*.everyaction.com
Fingerprint17:2A:C9:F8:51:1B:DC:81:1E:E6:D5:8B:30:8F:5B:7A:86:BE:66:C8
ValidityMon, 04 Mar 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT
File type ASCII text, with very long lines (2360), with no line terminators
Hash d191aa1d331eecef00a29232630db869
74deab59fcfaa0932fabb31dfcff229a6be8164b
31f7946dd2f54e63430bb40731a8704aabdfc6d0dd39617d25dfd123804da9d2
GET /PayPalClientToken/JVonxiRzzUuM1DCeJzB_YA2 HTTP/1.1
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://takeaction.sandyhookpromise.org
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Cookie: visid_incap_823975=DULYLpoxRQqQMZ8aHtrd6ADqMGYAAAAAQUIPAAAAAABYUKRXZY5TYH2uFV81uYjY; nlbi_823975=rFZ+eQtnxQceaOSbxwoUeQAAAADnpPtZvFDuIOY6q3lYnsza; incap_ses_722_823975=KozbbHjjRWM9VMMJNg8FCgDqMGYAAAAAkjXiQJzK8XnSukX+p+DDbw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
date: Tue, 30 Apr 2024 12:54:25 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-incap-sess-cookie-hdr: 4COfcX/1TEw9VMMJNg8FCgHqMGYAAAAAVrtz7a4cHz00jNAaNn7mqQ==
x-cdn: Imperva
set-cookie: ; Secure; SameSite=None; SameSite=None; Secure
x-iinfo: 4-7523558-7523560 PNNN RT(1714481663982 916) q(0 1 1 -1) r(5 5) U18
X-Firefox-Spdy: h2
js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
54.230.111.34200 OK 162 kB URL GET HTTP/1.1 js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
IP 54.230.111.34:443
Requested by https://takeaction.sandyhookpromise.org/a/aprilmatch2024-2x?amtOpts=10,25,50,100&contactdata=1XcSIMJf22VVhcxBtq5fO3iQ+2w8nAmppULA2XSSkUtREg4kmH2Tpp3mNQqorCAD8YAxnmEwN/ROe8QVYodcu3SM8MpvwHB2JemgY+sVzdeIFvaryNvlqc+VpfjRnJB0xfHGBIax8udVR1mHGHbzHgF2W+C7hzNBzPHZG+r8ApU=&source=e_20240425_p_5&utm_source=shp&utm_medium=email&utm_campaign=fr&emci=5266f06d-1203-ef11-96f3-7c1e521b07f9&emdi=55d78c1b-5703-ef11-96f3-7c1e521b07f9&ceid=10200700
Certificate IssuerAmazon
Subject*.verygoodvault.com
FingerprintEA:0C:70:07:94:44:A5:9C:86:20:B6:9B:8E:C9:FF:8F:EF:D5:97:35
ValidityTue, 19 Dec 2023 00:00:00 GMT - Thu, 16 Jan 2025 23:59:59 GMT
Size 162 kB (161949 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vgs-collect/2.18.4/lib/index.html HTTP/1.1
Host: js.verygoodvault.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD
Server: AmazonS3
Content-Encoding: gzip
Via: 1.1 b9b04d42286133992b582a519d8da04e.cloudfront.net (CloudFront), 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
Date: Tue, 30 Apr 2024 12:54:12 GMT
Cache-Control: max-age=60
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA56-P12, OSL50-P1
X-Amz-Cf-Id: 4zgKiJ8GTJpnWK7hR6433d-RKw7zVCbtq0hhHHtLmCfGH-DSpUts4A==
Age: 25
vgs-collect-keeper.apps.verygood.systems/vgs
52.206.154.244200 OK 0 B URL POST HTTP/2 vgs-collect-keeper.apps.verygood.systems/vgs
IP 52.206.154.244:443
Requested by https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html#telemetry=1&tnt=dG50dzFwem5sYW0%3D
Certificate IssuerAmazon
Subject*.apps.verygood.systems
FingerprintF1:DB:B1:76:21:BB:CE:68:86:17:43:6B:85:B8:AF:98:64:9C:CB:C9
ValidityFri, 23 Jun 2023 00:00:00 GMT - Sun, 21 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vgs HTTP/1.1
Host: vgs-collect-keeper.apps.verygood.systems
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1160
Origin: https://js.verygoodvault.com
DNT: 1
Connection: keep-alive
Referer: https://js.verygoodvault.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 30 Apr 2024 12:54:26 GMT
content-length: 0
access-control-allow-origin: https://js.verygoodvault.com
vary: Origin
x-powered-by: Express
X-Firefox-Spdy: h2