support.defenders.org Open in urlscan Pro
2606:4700:4400::ac40:9ab9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://support.defenders.org/s/2988058/9XSJGWMM
Effective URL:
https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetwo...
Submission: On November 01 via manual (November 1st 2024, 3:54:19 pm UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 25 domains to perform 64 HTTP transactions. The main IP is 2606:4700:4400::ac40:9ab9, located in United States and belongs to CLOUDFLARENET, US. The main domain is support.defenders.org.
TLS certificate: Issued by E6 on September 15th 2024. Valid for: 3 months.

This is the only time support.defenders.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 10	2606:4700:440... 2606:4700:4400::ac40:9ab9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	23.201.249.117 23.201.249.117	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2620:12a:8000::2 2620:12a:8000::2	54113 (FASTLY) (FASTLY)
1	104.22.55.118 104.22.55.118	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.46.122 18.245.46.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
2	52.41.200.180 52.41.200.180	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
4	18.158.246.206 18.158.246.206	16509 (AMAZON-02) (AMAZON-02)
5	2.18.64.21 2.18.64.21	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.172.103.101 18.172.103.101	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.100 18.66.112.100	16509 (AMAZON-02) (AMAZON-02)
2	216.200.232.249 216.200.232.249	30419 (PAEDAE-INC) (PAEDAE-INC)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	3.225.106.95 3.225.106.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.33.121.64 63.33.121.64	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
64	30

10 2606:4700:4400::ac40:9ab9 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

support.defenders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.201.249.117 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-249-117.deploy.static.akamaitechnologies.com

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:12a:8000::2 (United States)

ASN54113 (FASTLY, US)

defenders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.55.118 (None, )

ASN13335 (CLOUDFLARENET, US)

widgets.guidestar.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-122.fra56.r.cloudfront.net

cdn.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.200.180 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-200-180.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.246.206 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-246-206.eu-central-1.compute.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.64.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-64-21.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.103.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-103-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-100.fra56.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.200.232.249 (Frederick, United States)

ASN30419 (PAEDAE-INC, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.106.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-106-95.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.121.64 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-121-64.eu-west-1.compute.amazonaws.com

content.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	defenders.org 3 redirects support.defenders.org defenders.org — Cisco Umbrella Rank: 676899	156 KB
7	rackcdn.com acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 151923	257 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	139 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2579	10 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	344 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	80 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	464 B
2	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 3455	1 KB
2	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 10312 ad.ipredictive.com — Cisco Umbrella Rank: 7780	3 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1442 insight.adsrvr.org — Cisco Umbrella Rank: 945	6 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	15 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1177	61 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 6853 flask.nextdoor.com — Cisco Umbrella Rank: 6540	4 KB
2	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	hotjar.io content.hotjar.io — Cisco Umbrella Rank: 6755	171 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	549 B
1	gstatic.com fonts.gstatic.com	32 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270	7 KB
1	neverbounce.com cdn.neverbounce.com — Cisco Umbrella Rank: 62793	29 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	4 KB
1	guidestar.org widgets.guidestar.org — Cisco Umbrella Rank: 34189	4 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 3678	69 KB
64	25

	Domain	Requested by
10	support.defenders.org	3 redirects support.defenders.org
7	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	support.defenders.org
5	analytics.tiktok.com	support.defenders.org analytics.tiktok.com
4	www.facebook.com	support.defenders.org
4	tags.srv.stackadapt.com	support.defenders.org tags.srv.stackadapt.com
4	www.googletagmanager.com	support.defenders.org www.googletagmanager.com
3	connect.facebook.net	support.defenders.org connect.facebook.net
3	fonts.googleapis.com	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
2	bat.bing.net	bat.bing.com support.defenders.org
2	pixel.mathtag.com	support.defenders.org
2	bat.bing.com	support.defenders.org bat.bing.com
2	defenders.org	support.defenders.org
1	insight.adsrvr.org	js.adsrvr.org
1	flask.nextdoor.com	support.defenders.org
1	content.hotjar.io	script.hotjar.com
1	www.google.de	support.defenders.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	ad.ipredictive.com	js.ipredictive.com
1	script.hotjar.com	static.hotjar.com
1	js.ipredictive.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	ads.nextdoor.com	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	stackpath.bootstrapcdn.com	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
1	cdn.neverbounce.com	support.defenders.org
1	cdnjs.cloudflare.com	support.defenders.org
1	widgets.guidestar.org	support.defenders.org
1	www.googleoptimize.com	support.defenders.org
64	31

This site contains links to these domains. Also see Links.

Domain
defenders.org
give.org
www.guidestar.org

Subject Issuer	Validity	Valid
support.defenders.org E6	`2024-09-15` - `2024-12-14`	3 months	crt.sh
*.ssl.cf5.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-27`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
defenders.org R10	`2024-09-30` - `2024-12-29`	3 months	crt.sh
widgets.guidestar.org WE1	`2024-09-18` - `2024-12-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
neverbounce.com Amazon RSA 2048 M03	`2024-01-29` - `2025-02-25`	a year	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
nextdoor.com Amazon RSA 2048 M02	`2024-10-14` - `2025-11-12`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-10` - `2024-11-08`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M02	`2024-08-09` - `2025-09-07`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2024-02-12` - `2025-03-11`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-23` - `2025-04-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.de WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-01-31` - `2025-03-01`	a year	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 07	`2024-10-27` - `2025-04-25`	6 months	crt.sh

This page contains 5 frames:

Primary Page: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Frame ID: CC55EE84235C26D8E424A0562675D035
Requests: 59 HTTP requests in this frame

Frame: https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 1911069146093829D4932BDB36DABEE3
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsupport.defenders.org
Frame ID: 37D96331D394C9895F7E4407D6A80A36
Requests: 1 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=111242&cache_buster=1730476455&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&ps=0
Frame ID: 40C61AB73653EFDCD961EFE005F8EB9D
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&upid=2xjomfe&upv=1.1.0&paapi=1
Frame ID: E613208936CCC4453237EC7845AFA8DC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Defenders of Wildlife | Wolf Awareness Week Challenge EXTENDED: Now unlock $75,000 to protect wildlife!

Page URL History Show full URLs

https://support.defenders.org/s/2988058/9XSJGWMM HTTP 302
http://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA== HTTP 307
https://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA== HTTP 307
https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

64
Requests

98 %
HTTPS

33 %
IPv6

25
Domains

31
Subdomains

30
IPs

5
Countries

1227 kB
Transfer

3563 kB
Size

29
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://defenders.org/

Search URL Search Domain Scan URL

URL: https://give.org/charity-reviews/national/Animal-Protection/Defenders-of-Wildlife-in-Washington-dc-364

Search URL Search Domain Scan URL

URL: https://www.guidestar.org/profile/53-0183181

Search URL Search Domain Scan URL

URL: https://defenders.org/terms
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://defenders.org/defenders-wildlife-privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://defenders.org/faqs
Title: FAQ

Search URL Search Domain Scan URL

URL: https://defenders.org/defenders-of-wildlife-cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://support.defenders.org/s/2988058/9XSJGWMM HTTP 302
http://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA== HTTP 307
https://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA== HTTP 307
https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

64 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
support.defenders.org/page/74538/donate/
Redirect Chain

https://support.defenders.org/s/2988058/9XSJGWMM
http://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA==
https://support.defenders.org/page/email/click/2988058?campid=QonzAmWc8DGZkArzVWMSmA==
https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appea...

19 KB
6 KB

188ms
188ms

Document
text/html

2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79165748c60dce8998dcb76bfe86cfb9a90b9e0f27fb4a43c49d64e5095f6149

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8dbd0febe9e5d381-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Fri, 01 Nov 2024 15:54:13 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 8dbd0feaeeded381-FRA
content-length: 0
date: Fri, 01 Nov 2024 15:54:13 GMT
location: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains

GET
H/1.1 200
OK main.style.css
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 279 KB
37 KB 74ms
38ms Stylesheet
text/css 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/main.style.css?v=1727278487000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3ef6e1d5bc175b4c47d7f7d43b68acad6d9a7ce4be210864e97c758f1f802142

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=501
Content-Encoding: gzip
ETag: ef0ff2eeaefad5f45face7af08263086
X-Timestamp: 1727278486.21511
Connection: keep-alive
X-Object-Meta-Enid: 1727278486032
Expires: Fri, 01 Nov 2024 16:02:34 GMT
Accept-Ranges: bytes
X-Trans-Id: tx856ad378ea8044e382819-006724f849iad3
Content-Length: 37782
Date: Fri, 01 Nov 2024 15:54:13 GMT
Last-Modified: Wed, 25 Sep 2024 15:34:47 GMT
Content-Type: text/css
Vary: Accept-Encoding

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 190 KB
69 KB 98ms
34ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-52JGPJ6

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38a2631a4d2bac5e2d4d2beb021fe0876743979af5bc9018302d73147c4748c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1169:0"}],}
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1169:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 69593
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 enPage.css
support.defenders.org/pageassets/css/ 46 KB
9 KB 34ms
32ms Stylesheet
text/css 2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/pageassets/css/enPage.css?v=4.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8210b002c51550eb271577baa262bfa71a159c989cc2e03acb993c621423661d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 6735
expires: Fri, 01 Nov 2024 16:24:13 GMT
date: Fri, 01 Nov 2024 15:54:13 GMT
content-type: text/css
last-modified: Fri, 04 Oct 2024 17:33:00 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cache-control: public, max-age=1800
cf-ray: 8dbd0fed2cd8d381-FRA
accept-ranges: bytes
content-length: 8929
server: cloudflare

GET
H2 200 pagedata.js Show response
support.defenders.org/page/74538/ 39 KB
6 KB 510ms
508ms Script
text/javascript 2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/74538/pagedata.js?locale=en-US&ea.profile.id=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9955d85b6a0fe90be1622599922566e14135cb2bdb5c39ca41dfab59b13ff097

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 8dbd0fed2cdcd381-FRA
content-encoding: br
cf-cache-status: DYNAMIC
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: text/javascript
server: cloudflare

GET
H2 200 enPage.js Show response
support.defenders.org/pageassets/js/ 196 KB
56 KB 26ms
25ms Script
application/javascript 2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f850cc9d56013dd4439aa08b0063e802636a690899761422b31badccc5df6c0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cache-control: public, max-age=1800
content-encoding: gzip
cf-cache-status: HIT
age: 6734
cf-ray: 8dbd0fed2cded381-FRA
expires: Fri, 01 Nov 2024 16:24:13 GMT
date: Fri, 01 Nov 2024 15:54:13 GMT
content-type: application/javascript
last-modified: Fri, 04 Oct 2024 17:33:00 GMT
vary: Accept-Encoding
server: cloudflare
x-frame-options: SAMEORIGIN

GET
H2 200 logo.png
defenders.org/themes/custom/particle/dist/assets/ 22 KB
22 KB 67ms
31ms Image
image/png 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://defenders.org/themes/custom/particle/dist/assets/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

231ac83d60eab6d329fdeee13def1e63fc0287d5fd9358f8d13c060ed0670e14

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-pantheon-styx-hostname: styx-fe2-a-5466c7c5b8-xw494
etag: "672396d4-5800"
age: 87187
expires: Sat, 01 Nov 2025 15:41:06 GMT
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:54:13 GMT
content-type: image/png
last-modified: Thu, 31 Oct 2024 14:40:20 GMT
x-cache-hits: 40, 1
x-served-by: cache-chi-kigq8000021-CHI, cache-fra-etou8220135-FRA
strict-transport-security: max-age=300
cache-control: max-age=31622400
x-timer: S1730476454.989678,VS0,VE7
x-styx-req-id: 8b117624-979e-11ef-8cbe-56e4174d1869
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 22528
server: nginx

GET
H/1.1 200
OK 2014.+-+Snowy+Gray+Wolf+-+Yellowstone+National+Park+-+Sam+Parks+copy.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 164 KB
164 KB 61ms
27ms Image
image/jpeg 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/2014.+-+Snowy+Gray+Wolf+-+Yellowstone+National+Park+-+Sam+Parks+copy.jpg?v=1725480856000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 851a2151539f9a6fd95b5b640d06ecbbb73a57f68f955c7b773d1d6f53ded2e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=650
ETag: 7b98d773883c0068d19841568bd13fa2
X-Timestamp: 1725480856.55351
Connection: keep-alive
X-Object-Meta-Enid: 1725480856383
Expires: Fri, 01 Nov 2024 16:05:03 GMT
Accept-Ranges: bytes
X-Trans-Id: tx43d20935e1c84ec4b2b97-006723d72diad3
Content-Length: 167918
Date: Fri, 01 Nov 2024 15:54:13 GMT
Last-Modified: Wed, 04 Sep 2024 20:14:17 GMT
Content-Type: image/jpeg

GET
H/1.1 200
OK bbb.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 3 KB
3 KB 20ms
19ms Image
image/png 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/bbb.png?v=1677166605000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 02d2283d94979d45add984ec44efa1fb3ed811d2414e1ed07032311fdac06784

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=588
ETag: 6fb8bc16bdfbb2a4e24151baf1c7dbda
X-Timestamp: 1677166605.62628
Connection: keep-alive
X-Object-Meta-Enid: 1677166605442
Expires: Fri, 01 Nov 2024 16:04:02 GMT
Accept-Ranges: bytes
X-Trans-Id: txd99a199189a34fb3ae83c-006723d72eiad3
Content-Length: 2690
Date: Fri, 01 Nov 2024 15:54:14 GMT
Last-Modified: Thu, 23 Feb 2023 15:36:46 GMT
Content-Type: image/png

GET
H/1.1 200
OK cn.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 11 KB
11 KB 48ms
21ms Image
image/png 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/cn.png?v=1695071175000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52f1f3902be065a43f3692b6e8238dd23acbc0f16407070622679cfc603d69ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=532
ETag: 8f264c807782109a8aeb204dad2a6210
X-Timestamp: 1695071175.63022
Connection: keep-alive
X-Object-Meta-Enid: 1695071175475
Expires: Fri, 01 Nov 2024 16:03:06 GMT
Accept-Ranges: bytes
X-Trans-Id: txa1a63a27e9f54ebfa008d-006723d72eiad3
Content-Length: 10831
Date: Fri, 01 Nov 2024 15:54:14 GMT
Last-Modified: Mon, 18 Sep 2023 21:06:16 GMT
Content-Type: image/png

GET
H2 200 7794201
widgets.guidestar.org/TransparencySeal/ 13 KB
4 KB 454ms
382ms Image
image/svg+xml 104.22.55.118
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.guidestar.org/TransparencySeal/7794201
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.55.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8cf009b50548fdb783d38eeb86342d0f4746bd56e2b0bda8e88eaafcca685f5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache
x-aspnet-version: 4.0.30319
content-encoding: br
cf-cache-status: DYNAMIC
pragma: no-cache
cf-ray: 8dbd0fee6e69bc01-FRA
expires: -1
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: image/svg+xml
x-powered-by: ASP.NET
server: cloudflare

GET
H/1.1 200
OK applepay-session.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 5 KB
2 KB 50ms
50ms Script
application/x-javascript 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/applepay-session.js?v=1706640429000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fbd49b98070a96c79e776a44c31dbe3d96e64019fd214dbdfd5776c8e6b8b59f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=551
Content-Encoding: gzip
ETag: 0dbaf7cfb2f071b20fc01d9ed2a46cec
X-Timestamp: 1706640429.09052
Connection: keep-alive
X-Object-Meta-Enid: 1706640428922
Expires: Fri, 01 Nov 2024 16:03:25 GMT
Accept-Ranges: bytes
X-Trans-Id: txb069753b97844a8cbe71b-006724f849iad3
Content-Length: 1598
Date: Fri, 01 Nov 2024 15:54:14 GMT
Last-Modified: Tue, 30 Jan 2024 18:47:10 GMT
Content-Type: application/x-javascript
Vary: Accept-Encoding

GET
H3 200 numeral.min.js Show response
cdnjs.cloudflare.com/ajax/libs/numeral.js/2.0.6/ 11 KB
4 KB 33ms
18ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/numeral.js/2.0.6/numeral.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e51d5239ad46aeb9d33965c65a0fa8473c72ab03b09279f1c79ca82afbf0197

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03f2b-2cb4"
age: 136509
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kxTBPkKCv1IyC8vhcf3B8JS1hJzeue11qnQDjQFBIjRL8UrSBYM617RGGMmxdMV%2BiPNcfBWOtWxAC76fTxJI87ERaDPhQAahF3%2BxAkaPlt4qWN5qRjUZPlJRlE4o5YJRFCKoCfyP"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 15:54:14 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:13:31 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8dbd0fee58ebd2e2-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3639
server: cloudflare

GET
H/1.1 200
OK mainnew.bundle.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 115 KB
38 KB 49ms
49ms Script
application/x-javascript 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/mainnew.bundle.js?v=1715363659000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2b374a781573fc878e986808b4e71d15135e88b55de2634860ebb84d00e5584f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=552
Content-Encoding: gzip
ETag: f8c2d3e2c6059baa9b1c5082ffc1c10b
X-Timestamp: 1715363659.35345
Connection: keep-alive
X-Object-Meta-Enid: 1715363659182
Expires: Fri, 01 Nov 2024 16:03:26 GMT
Accept-Ranges: bytes
X-Trans-Id: txde6ff35e309c4603aa710-006724f849iad3
Content-Length: 38526
Date: Fri, 01 Nov 2024 15:54:14 GMT
Last-Modified: Fri, 10 May 2024 17:54:20 GMT
Content-Type: application/x-javascript
Vary: Accept-Encoding

GET
H/1.1 200
OK vgs.bundle.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 2 KB
1 KB 34ms
33ms Script
application/x-javascript 23.201.249.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/vgs.bundle.js?v=1715370034000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.249.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-249-117.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c2889401199073a999df5333484b8c950451a343fa6ec46179348078211b4647

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Cache-Control: public, max-age=552
Content-Encoding: gzip
ETag: 4323f1784bfe16d98688938429dbb1b3
X-Timestamp: 1715370034.61645
Connection: keep-alive
X-Object-Meta-Enid: 1715370034461
Expires: Fri, 01 Nov 2024 16:03:26 GMT
Accept-Ranges: bytes
X-Trans-Id: tx254dfe23ed2f424b93454-006724f84aiad3
Content-Length: 704
Date: Fri, 01 Nov 2024 15:54:14 GMT
Last-Modified: Fri, 10 May 2024 19:40:35 GMT
Content-Type: application/x-javascript
Vary: Accept-Encoding

GET
H2 200 NeverBounce.js Show response
cdn.neverbounce.com/widget/dist/ 96 KB
29 KB 113ms
55ms Script
application/javascript 18.245.46.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.46.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-46-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-amz-cf-pop: FRA56-P9
content-encoding: gzip
x-amz-version-id: null
etag: W/"c1e06621030dfcba15b88abbcaa546eb"
age: 47661
via: 1.1 f0393fc6725f4d719cff14263a50d286.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: _rsdB7csdQfLQhEqu05bvcuiteY2SGRrGbgOkwoICDAnCMXx_BNWdQ==
date: Fri, 01 Nov 2024 02:39:54 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 02 Mar 2020 18:37:33 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 79ms
43ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900

Requested by

Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/main.style.css?v=1727278487000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19815341115775c1e66e7d1672bd2b4b52268af19583f258297da3969af8882b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:47:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 2 KB
644 B 158ms
122ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat+Alternates:500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c3d19768e6fd079d4ec912fbd8827734b119d2a7fea3aae458b1667525a79f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:54:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 76ms
57ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
etag: "269550530cc127b6aa5a35925a7de6ce"
age: 768097
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:14 GMT
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-cache: HIT
cdn-cachedat: 09/26/2024 11:08:39
cdn-requestpullcode: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31919000
cdn-requestpullsuccess: True
timing-allow-origin: *
cdn-requesttime: 0
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 57a513b031fd067713652bdf3654e97f
cross-origin-resource-policy: cross-origin
cdn-pullzone: 252412
cdn-proxyver: 1.04
cf-ray: 8dbd0fedea47d360-FRA
access-control-allow-origin: *
cdn-edgestorageid: 1109
server: cloudflare
cdn-requestcountrycode: US

GET
H2 200 css2
fonts.googleapis.com/ 437 B
412 B 157ms
122ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Swanky+and+Moo+Moo&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d83e20ee2c0cf4365aac49a85649117aeb366f418117e1aae923d099f4ae1e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 01 Nov 2024 15:54:14 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 363 KB
117 KB 84ms
31ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2568ec255cd147324aa528f4cdad250da8cf91221812d170db416fc5211448d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 119570
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 45ms
13ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://support.defenders.org
Referer: https://fonts.googleapis.com/

Response headers

age: 285904
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 29 Oct 2025 08:29:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 29 Oct 2024 08:29:10 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H2 200 pagedata Show response
support.defenders.org/page/74538/donate/1/ 190 B
545 B 137ms
137ms XHR
application/json 2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/74538/donate/1/pagedata

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/javascript
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8dbd0ff1d9bcd381-FRA
content-length: 129
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/json
server: cloudflare

GET
H2

200

main.js Show response
support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 1911
Redirect Chain

https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

28ms
27ms

Script
application/javascript

2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Protocol

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31ea72f224ca38f3c1c0ebf88d6a5a0350e4304c8f45293c40c97842cf1f4108

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding: br
x-content-type-options: nosniff
cf-ray: 8dbd0ff37e20d381-FRA
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

strict-transport-security: max-age=15552000; includeSubDomains
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray: 8dbd0ff32d53d381-FRA
access-control-allow-origin: *
content-length: 0
date: Fri, 01 Nov 2024 15:54:14 GMT
vary: Accept-Encoding
server: cloudflare

POST
H3 200 collect
www.google.com/ccm/ 0
0 57ms
24ms Ping
text/plain 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1&scrsrc=www.googletagmanager.com&frm=0&rnd=1628062685.1730476455&auid=1774259759.1730476455&npa=1&gtm=45He4au0v6703658za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&tft=1730476454923&tfd=1539&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 427 KB
134 KB 59ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cde2e6b77fc8561b7972d91a7c61e53a6beee3077d8a1bed82791a7fcb4f5ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 137234
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 586ms
196ms Script
application/javascript 52.41.200.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.41.200.180 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-41-200-180.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
etag: W/"67201a8d-1d89"
x-envoy-upstream-service-time: 1
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 23:13:17 GMT
server: istio-envoy
vary: Accept-Encoding

GET
H2 200 hotjar-5171066.js Show response
static.hotjar.com/c/ 13 KB
5 KB 96ms
48ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-5171066.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

f2968448d33e8ec31ce2a52171233ebf09677f2f9f0e6ffcb009a065856802de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
content-encoding: br
etag: W/eb0c5d87b5e4ccffc521c10e918aff6b
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-cache-hit: 1
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
x-amz-cf-id: P2j54eQOXsE8yTs_XrfH_KNK7mDqnCNhDbeRAjg-GYMLE-xt4xP9Yw==
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-amz-cf-pop: FRA56-P2

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 297ms
30ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "028e0691d20db1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 26814B515BF646F58705DC94699332BF Ref B: FRA31EDGE0521 Ref C: 2024-11-01T15:54:15Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14570
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 22:47:44 GMT
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 69ms
51ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-CdtGpeNI' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-CdtGpeNI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=14, rtx=0, c=23, mss=1232, tbw=4476, tp=10, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: epASY4+GgQhgsAUrDYGeTO3R77y8hIJd217H9QxbO60EopENIZeRMqjkBKlGVTQ1oaElnsWl5btEaItdmd2uwQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62068
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
93 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1057285272

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7bcf7cf7eab9beb7334bb93a6a747255e3781394aa2d1d206939f84e7369625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 01 Nov 2024 15:54:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 01 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94505
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 166ms
107ms Script
text/javascript 18.158.246.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.246.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-246-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 022216cd9c443fd02f2b619ec96f76bb81f6d1864baf76b7c5c296db1d20b74c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 270ms
110ms Script
application/javascript 2.18.64.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6B7721U9OSRR6784460&lib=ttq
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 67b9761a2d54404ed5fecbfe6079da8d5426246a73455fa29a4f8a9ccae35d5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: gzip
x-cache-remote: TCP_MISS from a104-78-78-110.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
expires: Fri, 01 Nov 2024 15:54:15 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=7, inner; dur=2
x-cache: TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 74f9d403.40a924ff
x-tt-trace-host: 013d6b12ac1f348d1e7b6cca751f1ffdfc1e036c0976b02a38b367c1cd03c5a592cebac39f37d5d8d9e10f5fbba48dcff3e40c3a1fd2f486a1768cebcb1b805d3981330d3e75586c43623bde67e63eee48d6b808c460aae29a127a1d9dff1aac6779768da810d57641598b286df115ed0d
x-origin-response-time: 7,104.78.78.110
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2411011554158316312DB1B283FFF3E3-3330C5A816F1AC5A-00
content-length: 2091
x-parent-response-time: 96,2.20.179.85
x-tt-logid: 202411011554158316312DB1B283FFF3E3
server: nginx

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 71ms
22ms Script
application/x-javascript 18.172.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-103-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Encoding: gzip
ETag: W/"407149e43d6d6f4c2458e9179af5b3a2"
Age: 31224
Connection: keep-alive
Via: 1.1 10f6ed997c15c1439b3ae1db258c7d16.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 6wga3yosq-I0yHtC7LWdUgyGqMgYk5BMWpKHjMhljDhpPIhUVdnzlQ==
Date: Fri, 01 Nov 2024 07:13:51 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 31 Oct 2024 07:10:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 viant_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
3 KB 80ms
22ms Script
application/javascript 18.66.112.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/viant_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-100.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

vary: Origin
etag: "b9945c83287e6353c078adc3293e6d98"
age: 9
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 2530
x-amz-cf-id: M123Ifu5XUlrt6mO_Kz7lXYQh9rPiZI9W44k0ZKFcaq7K3ZtasUBQA==
date: Fri, 01 Nov 2024 15:54:07 GMT
content-type: application/javascript
last-modified: Tue, 20 Aug 2024 00:38:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 0
565 B 340ms
103ms Image
image/gif 216.200.232.249
PAEDAE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mathtag.com/event/img?mt_id=1490860&mt_adid=239706&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.200.232.249 Frederick, United States, ASN30419 (PAEDAE-INC, US),

Reverse DNS

Software

MT3 1668 f41eadd master ord ord-pixel-x1 config_version:"2786" /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Strict-Transport-Security: 31536000
Cache-Control: no-cache
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=360
Date: Fri, 01 Nov 2024 15:54:15 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: image/gif
X-XSS-Protection: 0
Server: MT3 1668 f41eadd master ord ord-pixel-x1 config_version:"2786"

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 0
565 B 323ms
111ms Image
image/gif 216.200.232.249
PAEDAE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mathtag.com/event/img?mt_id=1615498&mt_adid=239706&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.200.232.249 Frederick, United States, ASN30419 (PAEDAE-INC, US),

Reverse DNS

Software

MT3 1668 f41eadd master ord ord-pixel-x1 config_version:"2786" /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

Strict-Transport-Security: 31536000
Cache-Control: no-cache
Connection: keep-alive
Cross-Origin-Resource-Policy: cross-origin
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: all
Access-Control-Allow-Origin: *
Content-Length: 0
Keep-Alive: timeout=360
Date: Fri, 01 Nov 2024 15:54:15 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Type: image/gif
X-XSS-Protection: 0
Server: MT3 1668 f41eadd master ord ord-pixel-x1 config_version:"2786"

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 37D9 0
0 317ms
13ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fsupport.defenders.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 171342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Oct 2024 16:18:33 GMT
expires: Thu, 30 Oct 2025 16:18:33 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 8dbd0febe9e5d381 Show response
support.defenders.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1911 0
653 B 47ms
43ms XHR
text/plain 2606:4700:4400::ac40:9ab9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/cdn-cgi/challenge-platform/h/b/jsd/r/8dbd0febe9e5d381

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9ab9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
cf-ray: 8dbd0ff3ff6ed381-FRA
content-length: 0
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare

GET
H2 200 modules.625495a901d247c3e8d4.js Show response
script.hotjar.com/ 221 KB
55 KB 59ms
9ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.625495a901d247c3e8d4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-5171066.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-robots-tag: none
content-encoding: br
etag: "862c1be6e71cd836a43ce679991261fd"
age: 345069
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: nq45K_dPKFBXkQ2szNe_CZgYC3oRANCFsM8Fz7hYgwWxzw9_QCMmXw==
date: Mon, 28 Oct 2024 16:03:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Oct 2024 16:02:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 c15415cccc7260d4bd35b1ca2c497c96.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56056
x-amz-cf-pop: FRA60-P9

GET
H3 200 1714661645444410 Show response
connect.facebook.net/signals/config/ 68 KB
14 KB 33ms
33ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1714661645444410?v=2.9.175&r=stable&domain=support.defenders.org&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

821572c891340f2059cab3c8a2fec3d6af15f5a24f328291ed7112cbf4c57f5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-wuH8zgaI' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-wuH8zgaI' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=70, mss=1232, tbw=70300, tp=66, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: Hy4vH4K8sCO6iipA3vXxEp9RTbalimVFGEZtmawQrn4Dm/KPJeE7YA7aSa9D/YovtMJrwFRmdPazXn4nLC3Yvw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 13903
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK event
ad.ipredictive.com/d/track/ Frame 40C6 0
0 413ms
120ms Document
text/plain 3.225.106.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=111242&cache_buster=1730476455&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&ps=0
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/viant_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.106.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-106-95.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 01 Nov 2024 15:54:15 GMT
X-CI-RTID: 9fbd93db-7e45-421a-9ec2-9a8c2e3ff0a2

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 49ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GVV6YX8Y4E&gtm=45je4au0v875794897z86703658za200zb6703658&_p=1730476454202&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101533422~101823848~101878899~101878944~101925629&cid=472902751.1730476455&ecid=373863100&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1730476455&sct=1&seg=0&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&dt=Defenders%20of%20Wildlife%20%7C%20Wolf%20Awareness%20Week%20Challenge%20EXTENDED%3A%20Now%20unlock%20%2475%2C000%20to%20protect%20wildlife!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1721
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://support.defenders.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
549 B 73ms
22ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GVV6YX8Y4E&cid=472902751.1730476455&gtm=45je4au0v875794897z86703658za200zb6703658&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://support.defenders.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 64ms
42ms Image
image/gif 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GVV6YX8Y4E&cid=472902751.1730476455&gtm=45je4au0v875794897z86703658za200zb6703658&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101533422~101823848~101878899~101878944~101925629&tag_exp=101533422~101823848~101878899~101878944~101925629&z=229575951

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 01 Nov 2024 15:54:15 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 926360308284354 Show response
connect.facebook.net/signals/config/ 35 KB
5 KB 11ms
9ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/926360308284354?v=2.9.175&r=stable&domain=support.defenders.org&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C200%2C199%2C201%2C206%2C207%2C208%2C204%2C196%2C132%2C163%2C195%2C197%2C122%2C157%2C145%2C151%2C129%2C232%2C116%2C127%2C233%2C165%2C119%2C235%2C166%2C136%2C123%2C154%2C148%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

dabeb559b51d42411b1efc394551ff5e7fc5097493671eba73113ad0b0c2079b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-31nWyMLb' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-31nWyMLb' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=6, c=76, mss=1232, tbw=92204, tp=87, tpl=6, uplat=1, ullat=-1
pragma: public
x-fb-debug: UI0bgk505917w9EP04xotd2hu/CD4GqZ1e3H/iX9C1TPAhWIup8TESBMOV4hUGOYGjrjMNodCdGECPs3rTjsgw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 5306
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 30ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1714661645444410&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&rl=&if=false&ts=1730476455126&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730476455123.48149028925971937&ler=empty&cdl=API_unavailable&it=1730476455057&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2932, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 226ms
204ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1714661645444410&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&rl=&if=false&ts=1730476455126&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730476455123.48149028925971937&ler=empty&cdl=API_unavailable&it=1730476455057&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432339781746110731"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xba46ea990a54726a","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["3972401769496408","4893019647396942"]},"debug_reporting":true,"debug_key":"682517027489786185"}
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: QxlYatO3gkDa0Vvn4xxHauuLR0AGbpgx4Q2r3pnLO5G2oePSnG4M0VZxDpO/+NRxAkqn16XlaZBQXOqPQqS88g==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432339781746110731", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=12, mss=1297, tbw=3443, tp=-1, tpl=-1, uplat=195, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 99ms
98ms Stylesheet
text/css 18.158.246.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.246.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-246-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 47af9e72968c9f2bbe4f52df21af3ce3f713700915a491de1051d25146cccc3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 111ms
97ms Fetch
image/jpeg 18.158.246.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.246.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-246-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: image/jpeg

POST
H2 200 / Show response
content.hotjar.io/ 56 B
171 B 175ms
58ms XHR
application/json 63.33.121.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.hotjar.io/?site_id=5171066&gzip=1
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.625495a901d247c3e8d4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.33.121.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-33-121-64.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 55d453ecb7e488a9db95b62a6adf2f6dd816cd2dec946c74bd2e7efc307ba43c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://support.defenders.org/

Response headers

access-control-max-age: 86400
access-control-allow-origin: *
content-length: 56
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 8ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926360308284354&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&rl=&if=false&ts=1730476455184&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730476455123.48149028925971937&ler=empty&cdl=API_unavailable&cs_est=true&it=1730476455057&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1297, tbw=3297, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
909 B 170ms
170ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926360308284354&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&rl=&if=false&ts=1730476455184&sw=1600&sh=1200&v=2.9.175&r=stable&ec=0&o=12318&fbp=fb.1.1730476455123.48149028925971937&ler=empty&cdl=API_unavailable&cs_est=true&it=1730476455057&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432339781353193471"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: sGXzb7lkQt9iAnWaTVAvQxrRFkKwj0AOShVoKQnh6UgM09O4VyqToMu9PCkQ+9JN7W6vt0cBSPLJ8syt/zCY6g==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432339781353193471", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=12, mss=1297, tbw=6519, tp=-1, tpl=-1, uplat=162, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 main.MTJhNGMzN2YwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 342 KB
95 KB 14ms
14ms Script
application/javascript 2.18.64.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6B7721U9OSRR6784460&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-cache: TCP_HIT from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=18
x-tt-trace-id: 00-24102412350324BE6FB237655795831B-386077514D51FE6C-00
content-length: 97029
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024102412350324BE6FB237655795831B
server: nginx
x-akamai-request-id: 40a927af
x-tt-trace-host: 01065a2385fa2aba8a15366ad8d7e7dcf7f1094eb67277ef5aa3f4cd223f082b9aa63f359125699cc5e077f1b135e20d17d4d219a3cf05b372aeeb99632b6eac8769851d570b9e990939ccb23c8b3e5b2761f47085af1b9bd3496e5c5faf8b63a7

GET
H2 200 4051602.js Show response
bat.bing.com/p/action/ 362 B
415 B 33ms
33ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4051602.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 595B31191F9442BFB6C5F50F08DAC061 Ref B: FRA31EDGE0521 Ref C: 2024-11-01T15:54:15Z
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 15:54:14 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 12ms
12ms Script
application/javascript 2.18.64.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-cache: TCP_MEM_HIT from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=10
x-tt-trace-id: 00-2408300225259566A772C0142480CD10-602315FD6571BF12-00
content-length: 39455
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202408300225259566A772C0142480CD10
server: nginx
x-akamai-request-id: 40a928bc
x-tt-trace-host: 013c7db2a56d644dc8fd7f6e7ecd689b12a07851d62b1d7cbea7620bdccb515c6097130239d0d03cd7097d4e2c6d6c93d708d19d604bda57f5f1af32042e6c53070f89e179ae570644e5bbf2061d1e6fc869a20a793784dee2941056a3936597ab

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
717 B 220ms
218ms Ping
text/plain 2.18.64.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://support.defenders.org/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 01 Nov 2024 15:54:15 GMT
server-timing: inner; dur=72, cdn-cache; desc=MISS, edge; dur=6, origin; dur=163
x-cache: TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Fri, 01 Nov 2024 15:54:15 GMT
x-akamai-request-id: 40a928ec
access-control-allow-headers: Authorization,*
x-tt-trace-host: 013d6b12ac1f348d1e7b6cca751f1ffdfce34b81e8bfca13ef5bcda494f1da81b4260fd7da48c2e19d44bdfbdc639c2fc9f5aa52bf138d84cedff6bef74fe0b44af906585bf196c53af2ac7cf489b04ffd2619d561143d720f2966541c5dcb2267
x-origin-response-time: 163,2.20.179.85
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241101155415DFD7FEF02A1F2D0210BD-05AD26609B1F111D-00
content-length: 0
x-tt-logid: 20241101155415DFD7FEF02A1F2D0210BD
server: nginx

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 213 B
411 B 101ms
100ms XHR
text/plain 18.158.246.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=kmnalmC-Fn74l4fGN-kaMA&is_js=true&landing_url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&t=Defenders%20of%20Wildlife%20%7C%20Wolf%20Awareness%20Week%20Challenge%20EXTENDED%3A%20Now%20unlock%20%2475%2C000%20to%20protect%20wildlife!&tip=xTlwcO9e1SQC9Iu4z8Rs7vlfHCwP-YktZWftsKikfws&host=https%3A%2F%2Fsupport.defenders.org&sa_conv_data_css_value=%270-d56e520c-f8ad-5277-5e61-7124e4beee03%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9d56e520cf8ad52775e617124e4beee03515f0525&l_src=&l_src_d=&u_src=engagingnetworks&u_src_d=2024-11-01T15%3A54%3A15.127Z&shop=false&sa-user-id-v3=s%253AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBENYBGAQgp_OTuQYwAToEQiu0oEIE1lH6Ew.VRZjBgZ5bb2ft76%252Fkaue7DiibNcF86QSDbJ4iabSdeE&sa-user-id-v2=s%253A1W5SDPitUndeYXEk5L7uA1FfBSU.raML9QRDvDIJZ%252FGPiMXROF2jF2gXWxZFou6yPU%252BHksk&sa-user-id=s%253A0-d56e520c-f8ad-5277-5e61-7124e4beee03.XM86yqQ7jzsTk35sBuoxWa%252FqyjQuyDo4nXaa6Wl18IA
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.158.246.206 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-246-206.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: eaecd37c99456618bb416352b3981c2280d42177948cfab9639be2544567dd43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: https://support.defenders.org
content-length: 213
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

POST
H2 204 0
bat.bing.net/actionp/ 0
345 B 118ms
76ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=4051602&Ver=2&mid=ac4dddf0-1080-4875-b3a6-1bfcd9c64ac9&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BBF031CF854C48F18707A54A82E54133 Ref B: FRA31EDGE0216 Ref C: 2024-11-01T15:54:15Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 15:54:14 GMT

GET
H2 204 0
bat.bing.net/action/ 0
119 B 117ms
77ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=4051602&Ver=2&mid=ac4dddf0-1080-4875-b3a6-1bfcd9c64ac9&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Defenders%20of%20Wildlife%20%7C%20Wolf%20Awareness%20Week%20Challenge%20EXTENDED%3A%20Now%20unlock%20%2475,000%20to%20protect%20wildlife!&p=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&r=&lt=1512&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=382489
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 13EB8B27574F4F11AB307C50681468A9 Ref B: FRA31EDGE0216 Ref C: 2024-11-01T15:54:15Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Fri, 01 Nov 2024 15:54:14 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
878 B 328ms
327ms Ping
text/plain 2.18.64.21
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.64.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-18-64-21.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://support.defenders.org/

Response headers

x-cache-remote: TCP_MISS from a104-78-78-69.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 01 Nov 2024 15:54:15 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=119, origin; dur=197, inner; dur=193
x-cache: TCP_MISS from a2-20-179-85.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-2fb65fbfa7ad4f98bbb706cf20e2b5f6) (-)
date: Fri, 01 Nov 2024 15:54:15 GMT
x-akamai-request-id: 3752856b.40a92e2d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 013d6b12ac1f348d1e7b6cca751f1ffdfc1e036c0976b02a38b367c1cd03c5a5924931b1f0cb03fc01140bb6268020c4797e1a5d310831478fbc50d11241aa18defee6d57f4477040e7bf5e8ba827a79fc8bdc3c16d5e3a5baa032de3996de584a242f330a7593ac49b41dffd18362636d
x-origin-response-time: 197,104.78.78.69
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2411011554153D62CC5B1B13780970EB-7D211E474E3B8948-00
content-length: 0
x-parent-response-time: 294,2.20.179.85
x-tt-logid: 202411011554153D62CC5B1B13780970EB
server: nginx

GET
H2 204 pixel
flask.nextdoor.com/ 0
111 B 222ms
186ms Image
text/plain 52.41.200.180
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=eeb9a512-320c-4ed0-88b5-331c6b6dac3b&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&ndclid=&ndclid_src=0&rf=&sem=&tm=GTM&iid=655a1590-151e-4a51-97fa-bedfe7ea5f01&pageid=790263a5-c363-44df-8fd7-7cf17689501a&sessionid=ad7937c2-ff6e-48b6-9403-30f1155ddd7a&cd=%7B%7D
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/74538/donate/1?supporter.appealCode=3WDE2501B1XX2&utm_medium=email&utm_source=engagingnetworks&utm_campaign=103024_WAWAppeal8.2_Donor&utm_content=103024+WAW+Appeal+8.2+-+Donor&ea.url.id=2988058&forwarded=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.41.200.180 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-41-200-180.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

context-id: 059b6830-a15f-428f-bd7b-9141ad659e4b
date: Fri, 01 Nov 2024 15:54:15 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy

GET
H2 200 up
insight.adsrvr.org/track/ Frame E613 0
0 109ms
32ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F74538%2Fdonate%2F1%3Fsupporter.appealCode%3D3WDE2501B1XX2%26utm_medium%3Demail%26utm_source%3Dengagingnetworks%26utm_campaign%3D103024_WAWAppeal8.2_Donor%26utm_content%3D103024%2BWAW%2BAppeal%2B8.2%2B-%2BDonor%26ea.url.id%3D2988058%26forwarded%3Dtrue&upid=2xjomfe&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Fri, 01 Nov 2024 15:54:15 GMT
server: Kestrel

GET
H2 200 favicon.png
defenders.org/themes/custom/particle/apps/drupal/ 50 KB
50 KB 14ms
14ms Other
image/png 2620:12a:8000::2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://defenders.org/themes/custom/particle/apps/drupal/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0e5f147435f26bbcf8594ef67e683d5e7b2ef4e9906c13e0d32127377105d448

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://support.defenders.org/

Response headers

x-pantheon-styx-hostname: styx-fe2-a-5466c7c5b8-4wffj
etag: "67225f15-c756"
age: 87188
expires: Sat, 01 Nov 2025 15:41:08 GMT
x-cache: HIT, HIT
date: Fri, 01 Nov 2024 15:54:15 GMT
content-type: image/png
last-modified: Wed, 30 Oct 2024 16:30:13 GMT
x-cache-hits: 37, 0
x-served-by: cache-chi-kigq8000100-CHI, cache-fra-etou8220135-FRA
strict-transport-security: max-age=300
cache-control: max-age=31622400
x-timer: S1730476456.751571,VS0,VE6
x-styx-req-id: 8bef40de-979e-11ef-abbe-f2b03c6e3d3f
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 51030
server: nginx

Verdicts & Comments Add Verdict or Comment

78 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
support.defenders.org/page	1969-12-31 23:59:59	Name: JSESSIONID Value: 4UGblvEWIhbBEwUzJypPTKRaqgLpJsuo0pfcszdC.use2-prd-web2
.defenders.org/page	1970-01-21 00:41:20	Name: en_sessionId Value: a4709322ba3341febab02b230c6e416e-use2-prd-web2
.support.defenders.org/	1970-01-21 00:41:18	Name: __cf_bm Value: NfPbBPkAwIlWlAGyxlrE7KbdDHzg_cvoCktODmv57uQ-1730476453-1.0.1.1-WzmFXNLiTwH7kOZjVhKxh1kFfb3vURxIiCxKOa5RgiQ7vkSTQQgqM9O1Kt9o_NBz4xEU14sdbNe92v14hupUfxTsS6VPCo20Kginxced6Gs
widgets.guidestar.org/	1970-01-21 00:51:21	Name: AWSALBCORS Value: CGaBs8PaR3ZEoMhx/wWDrmQ/VUnA/OlOjPwJ7Dm6k1nR+rN4Y9TH+sbpSvdSF4nGSne0KMPCzSCp0/Dzl6VKEEbs17xeHbA6+Wv7Tlgbw7JUHfeMqOwgDwb86bBX
support.defenders.org/	1970-01-21 00:51:21	Name: AWSALB Value: Qx9q/rkGOrWPFFjXH7SuF1IpbeNNgVH7k/msTVBS/hRyFgFdmQGKJYHpUEUgD9BPCcxX8caEk+mxnHcSiIwlPFRa3mCH+5PgtDFBSecaIviCSck+/E85MNqg1up0
support.defenders.org/	1970-01-21 00:51:21	Name: AWSALBCORS Value: Qx9q/rkGOrWPFFjXH7SuF1IpbeNNgVH7k/msTVBS/hRyFgFdmQGKJYHpUEUgD9BPCcxX8caEk+mxnHcSiIwlPFRa3mCH+5PgtDFBSecaIviCSck+/E85MNqg1up0
.defenders.org/	1970-01-21 02:50:52	Name: _gcl_au Value: 1.1.1774259759.1730476455
.support.defenders.org/	1970-01-21 09:26:52	Name: cf_clearance Value: 64DghBgwg1grm.JXcEumkkX6aB0A.xyM0xNORrMaEx4-1730476455-1.2.1.1-MqGgtkzE7xpbj2bnnINK62eUj2_8ZyJ1vMM3SjwT.hKwugswymmgJWbL2dK4MyVtLpqrFRVToQUFb59JK2gXZBLJILOOOKNLoeOYCK.qMr7ewDsCF6wXdJQLdpU2tvOO4mokxejvhM7bphk0C3cD0XfSBn1gWHs3OCLASQZy2f5zdggWzO4WYkIuSdAit.5VowcTp8Lxqd1BytaSTiiYnmT6VBSLYEFvG8g15sGj2HXOugnksbn.wR8faD1XeTwapmXUHZWUT4vPxkhl4kRLwXrYF_.IaDO5BeaVNlFkc1UWu1gieR.FaxMvq38YISfPDi9VhUJL4U5fNHZFHEcmhyhxcLISg75HCZQtV6NCejcr_Icxqko.CREWskqONEHV
tags.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id Value: s%3A0-d56e520c-f8ad-5277-5e61-7124e4beee03.XM86yqQ7jzsTk35sBuoxWa%2FqyjQuyDo4nXaa6Wl18IA
.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id Value: s%3A0-d56e520c-f8ad-5277-5e61-7124e4beee03.XM86yqQ7jzsTk35sBuoxWa%2FqyjQuyDo4nXaa6Wl18IA
tags.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id-v2 Value: s%3A1W5SDPitUndeYXEk5L7uA1FfBSU.raML9QRDvDIJZ%2FGPiMXROF2jF2gXWxZFou6yPU%2BHksk
.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id-v2 Value: s%3A1W5SDPitUndeYXEk5L7uA1FfBSU.raML9QRDvDIJZ%2FGPiMXROF2jF2gXWxZFou6yPU%2BHksk
tags.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id-v3 Value: s%3AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBENYBGAQgp_OTuQYwAToEQiu0oEIE1lH6Ew.VRZjBgZ5bb2ft76%2Fkaue7DiibNcF86QSDbJ4iabSdeE
.srv.stackadapt.com/	1970-01-21 09:26:52	Name: sa-user-id-v3 Value: s%3AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBENYBGAQgp_OTuQYwAToEQiu0oEIE1lH6Ew.VRZjBgZ5bb2ft76%2Fkaue7DiibNcF86QSDbJ4iabSdeE
.defenders.org/	1970-01-21 10:17:16	Name: _ga Value: GA1.1.472902751.1730476455
.defenders.org/	1970-01-21 10:17:16	Name: _ga_GVV6YX8Y4E Value: GS1.1.1730476455.1.0.1730476455.60.0.373863100
.defenders.org/	1970-01-21 02:50:52	Name: _fbp Value: fb.1.1730476455123.48149028925971937
support.defenders.org/	1970-01-21 01:24:28	Name: sa-u-source Value: engagingnetworks
support.defenders.org/	1970-01-21 01:24:28	Name: sa-u-date Value: 2024-11-01T15:54:15.127Z
support.defenders.org/	1970-01-21 09:26:52	Name: sa-user-id Value: s%253A0-d56e520c-f8ad-5277-5e61-7124e4beee03.XM86yqQ7jzsTk35sBuoxWa%252FqyjQuyDo4nXaa6Wl18IA
support.defenders.org/	1970-01-21 09:26:52	Name: sa-user-id-v2 Value: s%253A1W5SDPitUndeYXEk5L7uA1FfBSU.raML9QRDvDIJZ%252FGPiMXROF2jF2gXWxZFou6yPU%252BHksk
support.defenders.org/	1970-01-21 09:26:52	Name: sa-user-id-v3 Value: s%253AAQAKIHdD5aik2sMuu9MUMiKohGwkzzWhkJfMui96JqsVistBENYBGAQgp_OTuQYwAToEQiu0oEIE1lH6Ew.VRZjBgZ5bb2ft76%252Fkaue7DiibNcF86QSDbJ4iabSdeE
.defenders.org/	1970-01-21 09:26:52	Name: _hjSessionUser_5171066 Value: eyJpZCI6IjQ0MDI2NmQ0LTdhMGEtNTk0ZS04YjliLWU1Yjc2MzljMDkyOSIsImNyZWF0ZWQiOjE3MzA0NzY0NTUxNTgsImV4aXN0aW5nIjp0cnVlfQ==
.defenders.org/	1970-01-21 00:41:18	Name: _hjSession_5171066 Value: eyJpZCI6ImFiNDNmNmI0LWRkMDUtNDkzMC04ZTlkLWY0ZmI3YjBkYmVkOSIsImMiOjE3MzA0NzY0NTUxNTgsInMiOjEsInIiOjEsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.tiktok.com/	1970-01-21 10:02:52	Name: _ttp Value: 2oFs31oKAtqCxGhtjOS0KdduSaT
.defenders.org/	1970-01-21 10:02:52	Name: _tt_enable_cookie Value: 1
.defenders.org/	1970-01-21 10:02:52	Name: _ttp Value: qL-NHcs3mh2ShGZrRAzVfN1wxd6
.ipredictive.com/	1970-01-21 09:26:52	Name: cu Value: 324204c6-c002-40b3-8a12-c11470c4d0ec\|1730476455407
.defenders.org/	1970-01-21 01:24:28	Name: ndp_session_id Value: ad7937c2-ff6e-48b6-9403-30f1155ddd7a

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
ad.ipredictive.com
ads.nextdoor.com
analytics.tiktok.com
bat.bing.com
bat.bing.net
cdn.neverbounce.com
cdnjs.cloudflare.com
connect.facebook.net
content.hotjar.io
defenders.org
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
js.adsrvr.org
js.ipredictive.com
pixel.mathtag.com
region1.analytics.google.com
script.hotjar.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
support.defenders.org
tags.srv.stackadapt.com
widgets.guidestar.org
www.facebook.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
104.17.24.14
104.18.10.207
104.22.55.118
13.33.187.74
142.250.185.227
142.250.186.100
142.250.186.67
157.240.253.1
18.158.246.206
18.172.103.101
18.245.46.122
18.66.102.53
18.66.112.100
2.18.64.21
2001:4860:4802:32::36
216.200.232.249
23.201.249.117
2606:4700:4400::ac40:9ab9
2620:12a:8000::2
2620:1ec:33:1::10
2620:1ec:c11::237
2a00:1450:4001:802::200a
2a00:1450:4001:810::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c06::9c
2a03:2880:f177:185:face:b00c:0:25de
3.225.106.95
52.223.40.198
52.41.200.180
63.33.121.64
022216cd9c443fd02f2b619ec96f76bb81f6d1864baf76b7c5c296db1d20b74c
02d2283d94979d45add984ec44efa1fb3ed811d2414e1ed07032311fdac06784
0c3d19768e6fd079d4ec912fbd8827734b119d2a7fea3aae458b1667525a79f8
0e5f147435f26bbcf8594ef67e683d5e7b2ef4e9906c13e0d32127377105d448
15bb0889ad69cbc01dce2d9a2df36be01b6ae97e0e57510dca89a56d095bf0d5
19815341115775c1e66e7d1672bd2b4b52268af19583f258297da3969af8882b
1f850cc9d56013dd4439aa08b0063e802636a690899761422b31badccc5df6c0
231ac83d60eab6d329fdeee13def1e63fc0287d5fd9358f8d13c060ed0670e14
28168751a3267ac9c5f88003ac159fc70033e01cd6667833e52a4ef19e0f5b65
2b374a781573fc878e986808b4e71d15135e88b55de2634860ebb84d00e5584f
2cde2e6b77fc8561b7972d91a7c61e53a6beee3077d8a1bed82791a7fcb4f5ed
2d83e20ee2c0cf4365aac49a85649117aeb366f418117e1aae923d099f4ae1e7
2e51d5239ad46aeb9d33965c65a0fa8473c72ab03b09279f1c79ca82afbf0197
31ea72f224ca38f3c1c0ebf88d6a5a0350e4304c8f45293c40c97842cf1f4108
37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6
38a2631a4d2bac5e2d4d2beb021fe0876743979af5bc9018302d73147c4748c9
3ef6e1d5bc175b4c47d7f7d43b68acad6d9a7ce4be210864e97c758f1f802142
45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0
47af9e72968c9f2bbe4f52df21af3ce3f713700915a491de1051d25146cccc3e
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
52f1f3902be065a43f3692b6e8238dd23acbc0f16407070622679cfc603d69ed
55d453ecb7e488a9db95b62a6adf2f6dd816cd2dec946c74bd2e7efc307ba43c
67b9761a2d54404ed5fecbfe6079da8d5426246a73455fa29a4f8a9ccae35d5c
79165748c60dce8998dcb76bfe86cfb9a90b9e0f27fb4a43c49d64e5095f6149
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8210b002c51550eb271577baa262bfa71a159c989cc2e03acb993c621423661d
821572c891340f2059cab3c8a2fec3d6af15f5a24f328291ed7112cbf4c57f5f
851a2151539f9a6fd95b5b640d06ecbbb73a57f68f955c7b773d1d6f53ded2e6
8cf009b50548fdb783d38eeb86342d0f4746bd56e2b0bda8e88eaafcca685f5c
9955d85b6a0fe90be1622599922566e14135cb2bdb5c39ca41dfab59b13ff097
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
b1b27d92de22d509ebd21de47d14975728928e881bd6c9d1695cc5d38f2942bd
b2568ec255cd147324aa528f4cdad250da8cf91221812d170db416fc5211448d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0d57eff0936a57e0c8d6bc93314585c734e5ade88d6de970e1e305ae5d87224
c2889401199073a999df5333484b8c950451a343fa6ec46179348078211b4647
c87aa708d354d2db657ba47b08aae2cc50653369ccbffa36448d7b47fd3e9fe6
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
dabeb559b51d42411b1efc394551ff5e7fc5097493671eba73113ad0b0c2079b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7bcf7cf7eab9beb7334bb93a6a747255e3781394aa2d1d206939f84e7369625
eaecd37c99456618bb416352b3981c2280d42177948cfab9639be2544567dd43
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2968448d33e8ec31ce2a52171233ebf09677f2f9f0e6ffcb009a065856802de
fbd49b98070a96c79e776a44c31dbe3d96e64019fd214dbdfd5776c8e6b8b59f

support.defenders.org Open in urlscan Pro 2606:4700:4400::ac40:9ab9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

98 %HTTPS

33 %IPv6

25 Domains

31 Subdomains

30 IPs

5 Countries

1227 kBTransfer

3563 kBSize

29 Cookies

7 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

support.defenders.org Open in urlscan Pro
2606:4700:4400::ac40:9ab9 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

98 %
HTTPS

33 %
IPv6

25
Domains

31
Subdomains

30
IPs

5
Countries

1227 kB
Transfer

3563 kB
Size

29
Cookies

64 HTTP transactions
0 data transactions