urlscan.io logo urlscan.io
SecurityTrails logo

act.ran.org Open in urlscan Pro
74.201.58.154  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://us.e-activist.com/page/email/click/10042/809292?email=ZGnjzhhtruN0/o5b0j2OGXbqWOvOcXPcCJ/vs2nRh9g=&campid=b+Bf8BVo...
Effective URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNe...
Submission: On April 06 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 4 countries across 19 domains to perform 57 HTTP transactions. The main IP is 74.201.58.154, located in United States and belongs to INTERNAP-2BLK, US. The main domain is act.ran.org.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on March 22nd 2021. Valid for: a year.
This is the only time act.ran.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 66.150.209.253 12179 (INTERNAP-...)
1 5 74.201.58.154 12179 (INTERNAP-...)
16 2.18.233.206 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 13.226.159.65 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.130 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.226.159.117 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 2620:119:50e1... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 18.195.25.247 16509 (AMAZON-02)
1 52.21.55.43 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.122 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 13.226.159.42 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
57 24
1    66.150.209.253 (United States)

ASN12179 (INTERNAP-2BLK, US)
us.e-activist.com
5    74.201.58.154 (United States)

ASN12179 (INTERNAP-2BLK, US)
act.ran.org
16    2.18.233.206 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-206.deploy.static.akamaitechnologies.com
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
1    13.226.159.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-65.dus51.r.cloudfront.net
cdn.neverbounce.com
5    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
www.googleadservices.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    13.226.159.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-117.dus51.r.cloudfront.net
static.hotjar.com
1    2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2620:119:50e1:101::6cae:b25 (United States)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    18.195.25.247 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-25-247.eu-central-1.compute.amazonaws.com
api.ipdata.co
1    52.21.55.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-55-43.compute-1.amazonaws.com
api.neverbounce.com
2    2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    13.226.159.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-122.dus51.r.cloudfront.net
script.hotjar.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    13.226.159.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-42.dus51.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Domain Requested by
16 acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com act.ran.org
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
act.ran.org
5 act.ran.org 1 redirects act.ran.org
4 www.google.de act.ran.org
4 www.google.com act.ran.org
3 cdnjs.cloudflare.com act.ran.org
2 stats.g.doubleclick.net www.google-analytics.com
2 www.facebook.com act.ran.org
2 googleads.g.doubleclick.net www.googleadservices.com
2 px.ads.linkedin.com 1 redirects act.ran.org
2 connect.facebook.net act.ran.org
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
act.ran.org
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 api.neverbounce.com cdn.neverbounce.com
1 api.ipdata.co code.jquery.com
1 www.linkedin.com 1 redirects
1 snap.licdn.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 cdn.neverbounce.com act.ran.org
1 code.jquery.com act.ran.org
1 www.googletagmanager.com act.ran.org
1 us.e-activist.com 1 redirects
57 24

This site contains links to these domains. Also see Links.

Domain
ran.org
www.ran.org
Subject Issuer Validity Valid
act.ran.org
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-22 -
2022-03-22		 a year crt.sh
*.ssl.cf5.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-02-12 -
2021-05-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
neverbounce.com
Amazon		 2021-03-14 -
2022-04-12		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-01-19 -
2021-07-19		 6 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-01-06 -
2021-07-05		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.ipdata.co
Amazon		 2020-08-28 -
2021-09-28		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Frame ID: 5D5EAD17C763E21CCD7973D35311F514
Requests: 58 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Frame ID: D844F6D27BDB33F1A78E58A4B9C66183
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://us.e-activist.com/page/email/click/10042/809292?email=ZGnjzhhtruN0/o5b0j2OGXbqWOvOcXPcCJ/vs2nR... HTTP 307
    https://act.ran.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990... HTTP 307
    https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&u... Page URL

Page Statistics

57
Requests

100 %
HTTPS

60 %
IPv6

19
Domains

24
Subdomains

24
IPs

4
Countries

1994 kB
Transfer

3213 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://us.e-activist.com/page/email/click/10042/809292?email=ZGnjzhhtruN0/o5b0j2OGXbqWOvOcXPcCJ/vs2nRh9g=&campid=b+Bf8BVoMuKZkArzVWMSmA== HTTP 307
    https://act.ran.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&ea.campaigner.email=ZGnjzhhtruN0%2Fo5b0j2OGXbqWOvOcXPcCJ%2Fvs2nRh9g= HTTP 307
    https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2983482%26time%3D1617676743741%26url%3Dhttps%253A%252F%252Fact.ran.org%252Fpage%252F27990%252Fdonate%252F1%253Fea.tracking.id%253De_en%2526en_og_source%253De_en%2526utm_medium%253DEmail%2526utm_source%253DEngagingNetworks%2526utm_campaign%253Dfundraising%2526utm_content%253DFundraising%252BCandymakers%252BAppeal%252BApril%252B2021%252BA%2526ea.url.id%253D809292%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&liSync=true

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 1
act.ran.org/page/27990/donate/
Redirect Chain
  • https://us.e-activist.com/page/email/click/10042/809292?email=ZGnjzhhtruN0/o5b0j2OGXbqWOvOcXPcCJ/vs2nRh9g=&campid=b+Bf8BVoMuKZkArzVWMSmA==
  • https://act.ran.org/page/email/redirect?campaignpageurl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngag...
  • https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+...
45 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.201.58.154 , United States, ASN12179 (INTERNAP-2BLK, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
1582666fe1545f3302f2a04d850a04fb4ad292a6aa7eecc3db5dacd0cba29c11
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Host
act.ran.org
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
JSESSIONID=9IRIZMPMVst89_r_n45G0e4n6fao8SxJvWwHZEGp.Server50011
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Encoding
gzip
X-Powered-By
Undertow/1
Set-Cookie
en_sessionId=66800423324d44c1ae56d537decf93d0-server50011; Domain=ran.org; Path=/page; Max-Age=3600; SameSite=None; Secure en_sessionId=66800423324d44c1ae56d537decf93d0-server50011; path=/page; domain=ran.org; Max-Age=3600; Expires=Tue, 06-Apr-2021 03:39:02 GMT
Server
WildFly/10
X-Xss-Protection
1; mode=block
Date
Tue, 06 Apr 2021 02:39:02 GMT
Connection
keep-alive
Content-Type
text/html
Content-Length
9776

Redirect headers

Connection
keep-alive
X-Powered-By
Undertow/1
Set-Cookie
JSESSIONID=9IRIZMPMVst89_r_n45G0e4n6fao8SxJvWwHZEGp.Server50011; path=/page
Server
WildFly/10
Location
https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Content-Type
text/html
Content-Length
0
Date
Tue, 06 Apr 2021 02:39:02 GMT
enPage.css
act.ran.org/ea-demo/frontend/pbAssets/build/css/ 		38 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.ran.org/ea-demo/frontend/pbAssets/build/css/enPage.css?v=3.61.0
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.201.58.154 , United States, ASN12179 (INTERNAP-2BLK, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
e80e6503bdd7c5beb22d579ab2666c67451d2afdffcfd9b1b91bc846464eca16

Request headers

Referer
https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:02 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Feb 2021 02:03:10 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
Content-Type
text/css
Connection
keep-alive
Content-Length
7412
pagedata.js
act.ran.org/page/27990/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ran.org/page/27990/pagedata.js?locale=en-US&ea.profile.id=0
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.201.58.154 , United States, ASN12179 (INTERNAP-2BLK, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
9a4a8ff3155a40cd441aa1fda2edc68c6f7d218b56ef9f373926fcbbfbe7863f

Request headers

Referer
https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Server
WildFly/10
Connection
keep-alive
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
text/javascript
enPage.js
act.ran.org/ea-demo/frontend/pbAssets/build/js/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.ran.org/ea-demo/frontend/pbAssets/build/js/enPage.js?v=3.61.0
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
74.201.58.154 , United States, ASN12179 (INTERNAP-2BLK, US),
Reverse DNS
Software
WildFly/10 / Undertow/1
Resource Hash
9d3551a83e25a574fa27cbc49db743402901964aef2156f91c347a4dc5ad9da9

Request headers

Referer
https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Content-Encoding
gzip
Last-Modified
Sat, 20 Feb 2021 02:03:10 GMT
Server
WildFly/10
X-Powered-By
Undertow/1
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
main.css
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		133 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
eff9082556f2aac242ef755494c2faedd7bdead1f71217b061fa85d9ead88cff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 28 Jan 2021 17:41:37 GMT
X-Object-Meta-Enid
1611855695858
ETag
920466c757d6a76268cee42b43243633
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1611855696.15966
Cache-Control
public, max-age=638
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27830
X-Trans-Id
tx1d168f881dc9421599e17-00606bc4b6iad3
Expires
Tue, 06 Apr 2021 02:49:40 GMT
gtm.js
www.googletagmanager.com/ 		218 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f1f871fc952a9c211432e84ee67d000ad1a18174a24dd3d187b50b228aff0961
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62817
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Apr 2021 02:39:03 GMT
Nanang-Sujana_Sumatra.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		404 KB
404 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/Nanang-Sujana_Sumatra.jpg?v=1616522988000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ad2ec0d5a573e698a08a654ab3988c9a441d090ff43720b44b0f4e3de5222b7e

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Tue, 23 Mar 2021 18:09:49 GMT
X-Object-Meta-Enid
1616522988205
ETag
922dd165b516d5c1bef646b74cc365ef
Content-Type
image/jpeg
X-Timestamp
1616522988.49367
Cache-Control
public, max-age=830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
413294
X-Trans-Id
txe0430bfdb1af488a900cf-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:52:53 GMT
main.js
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		108 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
92a45d64d0fad28cf2ec40897b62ce6bedb15d3fa67772b6e8a50ce22aee5e30

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 09 Nov 2020 19:03:11 GMT
X-Object-Meta-Enid
1604948590675
ETag
836e71f919dde6232808eefe5f1b6653
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1604948590.96970
Cache-Control
public, max-age=771
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19476
X-Trans-Id
tx477ae923c2d54b9aa6129-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:51:54 GMT
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
2183479
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
948
cf-request-id
0946a54a0f000097cce40e0000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tyWqFRE1%2BekeymCf4n8v4hXXLuqQc94J74TrWlO2FppirNE2AlyHNFpBtH9QazZ6QqrIUEcteGlfwgnmfZ%2F0vMrc%2F6g%2B2DsdKRTFrlzy1SJ0lisNupaD2LzAdTOuRYc3Rg%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63b7a4bceba097cc-FRA
expires
Sun, 27 Mar 2022 02:39:03 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Origin
https://act.ran.org
Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
gzip
last-modified
Wed, 01 May 2019 21:14:27 GMT
server
nginx
etag
W/"5cca0c33-15851"
vary
Accept-Encoding
x-hw
1617676743.dop216.fr8.t,1617676743.cds285.fr8.hn,1617676743.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
382422
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5676
cf-request-id
0946a54b25000097ccb133a000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6pTKAkWD051FHDN97m947NkJWqsxmhxCkmaYLNxWhpJXrl%2BVINTrOnvnY9ysZjD486PQo9OhGsgdqcvV4Y4BRaMo1lZ4NBKJnhI0PJzUAqT5w4eCxE5N1ZqUvZuiDgYiXQ%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63b7a4beabd497cc-FRA
expires
Sun, 27 Mar 2022 02:39:03 GMT
jquery.cookie.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
4675835
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1119
cf-request-id
0946a54b36000097cce8a6f000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RPUhvtbi9labe9NRkY3DaYLZZORq88ZXZbFv16VXZbn0yDzsGts9rsEtm0YrSS3Mc2oFIwX2gmPyVR1%2By5xQTgxFcYXLWcPGn8XjnRC89QrvPxMHN4IYhvUnMJ%2F1AEdxdw%3D%3D"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
63b7a4bebbd697cc-FRA
expires
Sun, 27 Mar 2022 02:39:03 GMT
gdpr.js
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/gdpr.js?v=1561660285000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c2a44845b7182549f999ae240c0ae04b30fa51723b0c146b25086980d8eafac

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jun 2019 18:31:25 GMT
X-Object-Meta-Enid
1561660284583
ETag
6bd96cde3934a7448f470c684e546b7f
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Timestamp
1561660284.87629
Cache-Control
public, max-age=830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1099
X-Trans-Id
tx77a14f99c3da4887a1e23-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:52:53 GMT
NeverBounce.js
cdn.neverbounce.com/widget/dist/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-65.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 01:10:11 GMT
content-encoding
gzip
last-modified
Mon, 02 Mar 2020 18:37:33 GMT
server
AmazonS3
age
5333
etag
W/"c1e06621030dfcba15b88abbcaa546eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
wOhIhWlTQfEwzVQxPcB5wYJkGFUy6_-U5Ws3ee46o1w5zwm5r8c3kA==
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 19:22:18 GMT
server
Golfe2
age
604
date
Tue, 06 Apr 2021 02:28:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19463
expires
Tue, 06 Apr 2021 04:28:59 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13758
x-xss-protection
0
server
cafe
etag
4262303240453495685
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 06 Apr 2021 02:39:03 GMT
bat.js
bat.bing.com/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:02 GMT
content-encoding
gzip
last-modified
Fri, 02 Apr 2021 18:16:38 GMT
x-msedge-ref
Ref A: B6E9F6E31C344AE8911C31D88749B159 Ref B: FRAEDGE1312 Ref C: 2021-04-06T02:39:03Z
etag
"0c77652ec27d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8885
hotjar-567584.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-567584.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-117.dus51.r.cloudfront.net
Software
/
Resource Hash
63011bd9feb9ff46b4c8e3f5fbd6a4789fec31bc0f75eb59e867a513336016ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-C1
etag
W/11a09c595dfb5e0566147d2846550dc8
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1798
via
1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
x-amz-cf-id
Eb9JxPyTw5QrrnfuBIw49sDvCwPWA5Vf1CkYlT4CfqSacPid7fhQgQ==
insight.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG5HNP
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Jan 2021 22:14:03 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=25018
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1855
HarmoniaSansStd-Black.otf
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/HarmoniaSansStd-Black.otf
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5d064c9a71806f71a3d690d31c46ec352a58784c5c496998a4487521a7dcd066

Request headers

Origin
https://act.ran.org
Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 30 Oct 2019 18:52:22 GMT
X-Object-Meta-Enid
1572461541726
ETag
94fa6f09156ce4e4663f6a4fb9b8b645
Content-Type
application/x-font-otf
Access-Control-Allow-Origin
*
X-Timestamp
1572461541.98146
Cache-Control
public, max-age=806
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48688
X-Trans-Id
txea82ac30d1b94fa69071e-00605dcdddiad3
Expires
Tue, 06 Apr 2021 02:52:29 GMT
truncated
/ 		179 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
card.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		584 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/card.png?v=1572545889000
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9ad973bae6aa691604ad043118ecce329ed20ffd34a7ec21fc066cf9ccdf56a3

Request headers

Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Thu, 31 Oct 2019 18:18:10 GMT
X-Object-Meta-Enid
1572545889037
ETag
96f693e9f1e03fa6728bc816a398b571
Content-Type
image/png
X-Timestamp
1572545889.28869
Cache-Control
public, max-age=779
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
584
X-Trans-Id
tx24bb0ac7e96b4692b72b5-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:52:02 GMT
paypal.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		952 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/paypal.png?v=1572545891000
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e4c5f227a4a2b83bbb483afb28e3d3492135155961d21c503e2f1da7f59e3d1c

Request headers

Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Thu, 31 Oct 2019 18:18:12 GMT
X-Object-Meta-Enid
1572545890751
ETag
dfc544bfcd608427eedbc3c8eaff23d0
Content-Type
image/png
X-Timestamp
1572545891.01723
Cache-Control
public, max-age=830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
952
X-Trans-Id
txb4e5ec22a6614d448b265-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:52:53 GMT
truncated
/ 		574 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
89503e24dedcf15d007e9170a55be5fe332471da9272f1340a5589c76c4beaa2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pre-footer-donation-background.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/pre-footer-donation-background.png
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d3f388e0cadda254d63312b8d1973b205f3b3c52e589bea5499465419fbb8ac1

Request headers

Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Thu, 31 Oct 2019 13:48:26 GMT
X-Object-Meta-Enid
1572529705702
ETag
62241bde892bebf11930449174040661
Content-Type
image/png
X-Timestamp
1572529705.94941
Cache-Control
public, max-age=830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
164806
X-Trans-Id
tx5082e586aa44424c9f51c-00606bc981iad3
Expires
Tue, 06 Apr 2021 02:52:53 GMT
HarmoniaSansStd-Bold.otf
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/HarmoniaSansStd-Bold.otf
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d25b7e2f1787c659111016d922666728f83dd683bf45b995ebff71c054800297

Request headers

Origin
https://act.ran.org
Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 30 Oct 2019 18:52:26 GMT
X-Object-Meta-Enid
1572461545730
ETag
c67a9677df3b0877e3065e751a2e57a9
Content-Type
application/x-font-otf
Access-Control-Allow-Origin
*
X-Timestamp
1572461545.98720
Cache-Control
public, max-age=785
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49852
X-Trans-Id
tx0cb104b49b974d1f923fe-00605ddf6eiad3
Expires
Tue, 06 Apr 2021 02:52:08 GMT
HarmoniaSansStd-Regular.otf
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/HarmoniaSansStd-Regular.otf
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1cf8eb0817757649ab9f6971ed16a3017b8d06c5e4b35416918d65ff64c4a1af

Request headers

Origin
https://act.ran.org
Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 30 Oct 2019 18:52:31 GMT
X-Object-Meta-Enid
1572461549979
ETag
9f80b3d635cda266a505413643f13fb7
Content-Type
application/x-font-otf
Access-Control-Allow-Origin
*
X-Timestamp
1572461550.23681
Cache-Control
public, max-age=830
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47212
X-Trans-Id
txdca82363874b4b9e8ce4c-00605dcdddiad3
Expires
Tue, 06 Apr 2021 02:52:53 GMT
HarmoniaSansStd-SemiBd.otf
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/HarmoniaSansStd-SemiBd.otf
Requested by
Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bdac031083fee55e298fb99582528df22ef08c12a9e072395513ae5477abd312

Request headers

Origin
https://act.ran.org
Referer
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 30 Oct 2019 18:52:35 GMT
X-Object-Meta-Enid
1572461554115
ETag
f3a55a08b2a2fb53f0c6e3e1511c9f9f
Content-Type
application/x-font-otf
Access-Control-Allow-Origin
*
X-Timestamp
1572461554.38913
Cache-Control
public, max-age=778
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
49664
X-Trans-Id
tx7e3eca2a79a2454398ea2-00605ddf6eiad3
Expires
Tue, 06 Apr 2021 02:52:01 GMT
logo-vertical-reverse.svg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		20 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/logo-vertical-reverse.svg?v=1572357150000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8ae0b62bffd89ab0f5f92eeb4dee953a2d8478e71b8b4506711aca841d4721c6

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Oct 2019 13:52:31 GMT
X-Object-Meta-Enid
1572357149798
ETag
2a3c5fc226f24531766ade25de643eee
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Timestamp
1572357150.05081
Cache-Control
public, max-age=617
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8566
X-Trans-Id
txd79e04fffaee47308b963-00605dc9f4iad3
Expires
Tue, 06 Apr 2021 02:49:20 GMT
mission.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/mission.png?v=1572529512000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9ca69d74fc32c178733e9345fe2239f2f493b07e7ff30c550b17e119c5c033f

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 13 Nov 2019 01:08:27 GMT
X-Object-Meta-Enid
1573607306494
ETag
e7f0b3ca08f312af6b54f174a9af3b95
Content-Type
image/png
X-Timestamp
1573607306.76117
Cache-Control
public, max-age=574
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205401
X-Trans-Id
tx718a80dbeb09402a985b7-00606b7cafiad3
Expires
Tue, 06 Apr 2021 02:48:37 GMT
vision.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		267 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/vision.png?v=1572529535000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7dbba2c31da6d1e9ebbbffa41586528ed402e780a0b44d696be8de8df8aef85e

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 13 Nov 2019 01:08:29 GMT
X-Object-Meta-Enid
1573607308316
ETag
e0652a66ca5bdaddb4506948f7b38883
Content-Type
image/png
X-Timestamp
1573607308.56900
Cache-Control
public, max-age=743
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
273718
X-Trans-Id
txcdf54ef6c93c4e42a5a72-00606b7cb0iad3
Expires
Tue, 06 Apr 2021 02:51:26 GMT
values.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/values.png?v=1572529520000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
747a3ffa3ac0ca2d26fb732fa93b8fef889692b86d821626d7c8213112dfdcc4

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Wed, 13 Nov 2019 01:08:28 GMT
X-Object-Meta-Enid
1573607307411
ETag
3e6c2bf1ac5b211cc33eb5d2c8503709
Content-Type
image/png
X-Timestamp
1573607307.69480
Cache-Control
public, max-age=606
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
231644
X-Trans-Id
txda5d5bf6a75942ccbf678-00606b7cb0iad3
Expires
Tue, 06 Apr 2021 02:49:09 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23784
x-fb-rlafr
0
pragma
public
x-fb-debug
TnuDqeA/7jhZNbde0jvpNLTcdZq1ryCDz9/BmqEorhRtGwg0xTOoHXkw+OgKUYn8tKi6o7iORGVLxATRjWGQeA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 06 Apr 2021 02:39:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
guide-star-seal-platinum.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/guide-star-seal-platinum.png?v=1572529039000
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-206.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34d94ccdd2673d9962ab5eb07a39e1a39e314df829feb798e357677da62d42b2

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 06 Apr 2021 02:39:03 GMT
Last-Modified
Thu, 31 Oct 2019 13:37:19 GMT
X-Object-Meta-Enid
1572529038556
ETag
16bfede6470d107eb33510fa35796724
Content-Type
image/png
X-Timestamp
1572529038.82950
Cache-Control
public, max-age=650
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
39498
X-Trans-Id
tx93bc913f6d6d462a97224-00606b1856iad3
Expires
Tue, 06 Apr 2021 02:49:53 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3D...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2983482%26time%3D1617676743741%26url%3Dhttps%253A%252F%252Fact.ran.org%252Fpage%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3D...
0
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&liSync=true
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:04 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-esv5
content-type
application/javascript
content-length
0
x-li-uuid
brRml20kcxYwwbHnICsAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
content-length
0
x-li-uuid
ruK7im0kcxZwOxXMlysAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: 57EBEE18285447679052A2A0D92E512D Ref B: FRAEDGE1311 Ref C: 2021-04-06T02:39:03Z
x-frame-options
sameorigin
date
Tue, 06 Apr 2021 02:39:04 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2983482&time=1617676743741&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
0
bat.bing.com/action/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5500092&tm=gtm001&Ver=2&mid=89dd8d00-7be2-4324-9870-e864403ef6f4&sid=403aa420968111ebb7dd8576a4907598&vid=403ac7b0968111ebac5a593d67c51196&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&p=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&r=&lt=2661&evt=pageLoad&msclkid=N&sv=1&rn=95812
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 06 Apr 2021 02:39:02 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 3923A85C2A784DC0A1E44C162937D89A Ref B: FRAEDGE1312 Ref C: 2021-04-06T02:39:03Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:11:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1666
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 06 Apr 2021 03:11:17 GMT
js
www.google-analytics.com/gtm/ 		89 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PD8K2XR&t=gtm4&cid=1321602175.1617676744
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
347e9e74d1134a245a466c4122acd243a0ca67e620ec1240bb44b6cf162b56dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35862
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 06 Apr 2021 02:39:03 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/984607432/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/984607432/?random=1617676743762&cv=9&fst=1617676743762&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
812bb8e3ead59e47ce1bc2afd147f8819a31102a36472d64ae971f904e0ca2c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1208
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1013073010/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1013073010/?random=1617676743765&cv=9&fst=1617676743765&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae5c7465dcea5e972339808b1a69c8a2647154610a91cd63d0760cc598459986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1208
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.ipdata.co/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.ipdata.co/?api-key=391aedc6e2f52fdc789cdc3b7b1fe138de0dd88efd14f1aabfc298c0&callback=jQuery341012092022301012628_1617676743721&_=1617676743722
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.4.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.25.247 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-25-247.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ce18be73190458cc5654c633a2e2a9606832827f0b7892aa73b6421f94d663bc

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 06 Apr 2021 02:39:03 GMT
x-amzn-requestid
b2803108-0220-48e4-8d02-0251f8fdfd67
x-amz-apigw-id
dVx3PGiuFiAFW0Q=
x-amzn-trace-id
Root=1-606bc9c7-74b3b8825405a87d2a620769;Sampled=0
content-length
1398
content-type
application/json; charset=utf-8
577388339086259
connect.facebook.net/signals/config/ 		241 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/577388339086259?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
989587cb0fe7430cb3d0a2248cec825465d1742aab89521cc160d320094ba26a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70594
x-fb-rlafr
0
pragma
public
x-fb-debug
YCQVgKoJLqoRXMJG4+G34AF1DzvoWTSbtoeEzrrumK1C8CNBQCtMqXntor2CAYAcNcAHVzIcUycLAihJjsDhcA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 06 Apr 2021 02:39:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
notify
api.neverbounce.com/v4/poe/ 		63 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.neverbounce.com/v4/poe/notify?key=public_520ace707aaa95300c65f742af9fb095&event=form.load&callback=__neverbounce_510865
Requested by
Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.55.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-55-43.compute-1.amazonaws.com
Software
nginx /
Resource Hash
00e17566d15c4fc8fa668ce646aae3d8307c7f48a645e6d08c2f3d06cacb68bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:04 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
strict-transport-security
max-age=31536000; includeSubDomains
x-ua-compatible
IE=Edge
/
www.google.com/pagead/1p-user-list/984607432/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/984607432/?random=1617676743762&cv=9&fst=1617674400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&async=1&fmt=3&is_vtc=1&random=2081336051&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/984607432/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/984607432/?random=1617676743762&cv=9&fst=1617674400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&async=1&fmt=3&is_vtc=1&random=2081336051&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1013073010/ 		42 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1013073010/?random=1617676743765&cv=9&fst=1617674400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&async=1&fmt=3&is_vtc=1&random=1643242221&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1013073010/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1013073010/?random=1617676743765&cv=9&fst=1617674400000&num=1&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3o0&sendb=1&frm=0&url=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&tiba=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&async=1&fmt=3&is_vtc=1&random=1643242221&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.0cb976794ef50d89b299.js
script.hotjar.com/ 		217 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.0cb976794ef50d89b299.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-567584.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-122.dus51.r.cloudfront.net
Software
/
Resource Hash
67e0dec4a7a856e51c4bc5cfb2dd7a71b06ea2e935cb38d46b3014041d37fa3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Apr 2021 10:27:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
403916
x-cache
Hit from cloudfront
content-length
58593
access-control-allow-origin
*
last-modified
Thu, 01 Apr 2021 10:26:58 GMT
etag
"9788f73dd0ec050ba354063604c23c0e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
SNNAM5vDKXlSZ0MixRvcUOdXMMDJOMToftpA7crggDKfYPNbvGhN4w==
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=577388339086259&ev=PageView&dl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&rl=&if=false&ts=1617676743817&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1617676743815.1317810552&it=1617676743776&coo=false&rqm=GET
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 06 Apr 2021 02:39:03 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=2121537364&gjid=663128190&_gid=136629771.1617676744&_u=aGDAgEALQAAAAE~&z=1097980156
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Apr 2021 02:39:03 GMT
content-type
text/plain
access-control-allow-origin
https://act.ran.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j89&a=229082262&t=event&ni=0&_s=1&dl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&ul=en-us&de=UTF-8&dt=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ecommerce&ea=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&el=BFREDproductView&_u=aGHACEALRAAAAG~&jid=59683774&gjid=567583615&cid=1321602175.1617676744&tid=UA-278839-1&_gid=136629771.1617676744&_r=1&gtm=2wg3o0PG5HNP&pa=detail&pr1nm=Easter%202021%20-%20Donation%20-%20Email%2FWeb%2027990%20-%2027990&pr1id=27990&z=1549494482
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.ran.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j89&a=229082262&t=pageview&_s=1&dl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&ul=en-us&de=UTF-8&dt=Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALQ~&jid=2121537364&gjid=663128190&cid=1321602175.1617676744&tid=UA-278839-1&_gid=136629771.1617676744&gtm=2wg3o0PG5HNP&z=1736295839
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 05 Apr 2021 14:36:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
43329
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=59683774&gjid=567583615&_gid=136629771.1617676744&_u=aGHACEALRAAAAG~&z=498333312
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 06 Apr 2021 02:39:03 GMT
content-type
text/plain
access-control-allow-origin
https://act.ran.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-5e3cec51ed8e99df6977c199d27812d7.html
vars.hotjar.com/ Frame D844 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-567584.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.159.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-159-42.dus51.r.cloudfront.net
Software
/
Resource Hash
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-5e3cec51ed8e99df6977c199d27812d7.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://act.ran.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://act.ran.org/

Response headers

content-type
text/html
content-length
684
date
Tue, 30 Mar 2021 16:10:32 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"4e332edbbc3b46800c87f197cc7d3bb6"
last-modified
Tue, 30 Mar 2021 14:48:51 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
tWsXidOPvq4NLajpT9Me022950-oAAZZb-Tbmb7HujZXUJlFsI5eVg==
age
556111
ga-audiences
www.google.com/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=2121537364&_u=aGDAgEALQAAAAE~&z=502883462
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=2121537364&_u=aGDAgEALQAAAAE~&z=502883462
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=59683774&_u=aGHACEALRAAAAG~&z=942765064
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-278839-1&cid=1321602175.1617676744&jid=59683774&_u=aGHACEALRAAAAG~&z=942765064
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 06 Apr 2021 02:39:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=577388339086259&ev=Microdata&dl=https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Fea.tracking.id%3De_en%26en_og_source%3De_en%26utm_medium%3DEmail%26utm_source%3DEngagingNetworks%26utm_campaign%3Dfundraising%26utm_content%3DFundraising%2BCandymakers%2BAppeal%2BApril%2B2021%2BA%26ea.url.id%3D809292&rl=&if=false&ts=1617676744320&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Let%27s%20put%20a%20stop%20to%20bad%20eggs%20this%20Easter%20%7C%20Rainforest%20Action%20Network%20-%20Fighting%20for%20People%20and%20Planet%22%2C%22meta%3Adescription%22%3A%22Our%20goal%20to%20fight%20this%20corporate%20giant%20is%20for%20at%20least%2030%20supporters%20to%20donate%20%2430%20or%20more%20today.%20We%27ll%20never%20be%20able%20to%20match%20the%20billions%20of%20dollars%20candymakers%20like%20Ferrero%20have%2C%20but%20with%20your%20support%2C%20we%20can%20shine%20a%20light%20on%20their%20destructive%20practices%20and%20worker%20abuse.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Rainforest%20Action%20Network%20-%20RAN%22%2C%22og%3Atitle%22%3A%22We%E2%80%99re%20challenging%20a%20candy%20giant%20worth%20%2430%20billion%22%2C%22og%3Adescription%22%3A%22Our%20goal%20to%20fight%20this%20corporate%20giant%20is%20for%20at%20least%2030%20supporters%20to%20donate%20%2430%20or%20more%20today.%20We%27ll%20never%20be%20able%20to%20match%20the%20billions%20of%20dollars%20candymakers%20like%20Ferrero%20have%2C%20but%20with%20your%20support%2C%20we%20can%20shine%20a%20light%20on%20their%20destructive%20practices%20and%20worker%20abuse.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Facb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com%2F10042%2FRAN-share-logo-v4.jpg%3Fv%3D1578596688000%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.ran.org%2Fpage%2F27990%2Fdonate%2F1%3Flocale%3Den-US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1617676743815.1317810552&it=1617676743776&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: act.ran.org
URL: https://act.ran.org/page/27990/donate/1?ea.tracking.id=e_en&en_og_source=e_en&utm_medium=Email&utm_source=EngagingNetworks&utm_campaign=fundraising&utm_content=Fundraising+Candymakers+Appeal+April+2021+A&ea.url.id=809292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act.ran.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Apr 2021 02:39:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 06 Apr 2021 02:39:04 GMT

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| pageJson object| EngagingNetworks object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| uetq function| hj object| _hjSettings string| _linkedin_data_partner_id object| _NBSettings function| extendable string| val function| fbq function| _fbq function| enOnSubmit function| enOnError function| $ function| jQuery object| cookieconsent function| getCookie function| lintrk boolean| _already_called_lintrk function| UET object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| SENTRY_RELEASE undefined| Raven object| _nb function| __neverbounce_510865 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| google_optimize

16 Cookies

Domain/Path Name / Value
.ran.org/ Name: _hjFirstSeen
Value: 1
.ran.org/ Name: _gat_UA-278839-1
Value: 1
.act.ran.org/ Name: _gid
Value: GA1.3.136629771.1617676744
.ran.org/ Name: _gcl_au
Value: 1.1.2059704068.1617676743
.act.ran.org/ Name: _ga
Value: GA1.3.1321602175.1617676744
.ran.org/ Name: _gid
Value: GA1.2.136629771.1617676744
.ran.org/ Name: _fbp
Value: fb.1.1617676743815.1317810552
.ran.org/ Name: _ga
Value: GA1.2.1321602175.1617676744
.ran.org/ Name: _uetvid
Value: 403ac7b0968111ebac5a593d67c51196
.ran.org/ Name: _hjid
Value: 1f9dde8d-cce6-4df6-a6e7-118c48afde26
act.ran.org/page Name: JSESSIONID
Value: 9IRIZMPMVst89_r_n45G0e4n6fao8SxJvWwHZEGp.Server50011
.ran.org/ Name: _uetsid
Value: 403aa420968111ebb7dd8576a4907598
.ran.org/page Name: en_sessionId
Value: 66800423324d44c1ae56d537decf93d0-server50011
.ran.org/ Name: _dc_gtm_UA-278839-1
Value: 1
.ran.org/ Name: _hjTLDTest
Value: 1
act.ran.org/page/27990/donate Name: eu_status
Value: true

3 Console Messages

Source Level URL
Text
console-api log URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.js(Line 1126)
Message:
Backgroud https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/IMG-3019_Greenpeace_Victor_Moriyama-BACKGROUND.jpg?v=1572910092000
console-api log URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.js(Line 2893)
Message:
Live Amount: 30
console-api log URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10042/main.js(Line 2896)
Message:
Live Frequency: single

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
act.ran.org
api.ipdata.co
api.neverbounce.com
bat.bing.com
cdn.neverbounce.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
googleads.g.doubleclick.net
px.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
stats.g.doubleclick.net
us.e-activist.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
13.226.159.117
13.226.159.122
13.226.159.42
13.226.159.65
142.250.186.130
18.195.25.247
2.18.233.206
2001:4de0:ac18::1:a:3b
2606:4700::6810:135e
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:82a::2004
2a00:1450:400c:c1b::9d
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.21.55.43
66.150.209.253
74.201.58.154
00e17566d15c4fc8fa668ce646aae3d8307c7f48a645e6d08c2f3d06cacb68bd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1582666fe1545f3302f2a04d850a04fb4ad292a6aa7eecc3db5dacd0cba29c11
1cf8eb0817757649ab9f6971ed16a3017b8d06c5e4b35416918d65ff64c4a1af
1fe2437a79282fb26d2267e40cdb7ac59164d0ee5e5b9f955f05a49f686ab616
347e9e74d1134a245a466c4122acd243a0ca67e620ec1240bb44b6cf162b56dd
34c2659fd8cefa81566bb68fd35fb0e6a2e91d76d0bdc35dbe3ec9f7bd57c833
34d94ccdd2673d9962ab5eb07a39e1a39e314df829feb798e357677da62d42b2
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
5d064c9a71806f71a3d690d31c46ec352a58784c5c496998a4487521a7dcd066
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
63011bd9feb9ff46b4c8e3f5fbd6a4789fec31bc0f75eb59e867a513336016ca
67e0dec4a7a856e51c4bc5cfb2dd7a71b06ea2e935cb38d46b3014041d37fa3c
747a3ffa3ac0ca2d26fb732fa93b8fef889692b86d821626d7c8213112dfdcc4
7dbba2c31da6d1e9ebbbffa41586528ed402e780a0b44d696be8de8df8aef85e
812bb8e3ead59e47ce1bc2afd147f8819a31102a36472d64ae971f904e0ca2c7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cc35989be655e6cbe68540cf835dec34388862a948fbd05850100797c32319
89503e24dedcf15d007e9170a55be5fe332471da9272f1340a5589c76c4beaa2
8ae0b62bffd89ab0f5f92eeb4dee953a2d8478e71b8b4506711aca841d4721c6
8c2a44845b7182549f999ae240c0ae04b30fa51723b0c146b25086980d8eafac
92a45d64d0fad28cf2ec40897b62ce6bedb15d3fa67772b6e8a50ce22aee5e30
989587cb0fe7430cb3d0a2248cec825465d1742aab89521cc160d320094ba26a
9a4a8ff3155a40cd441aa1fda2edc68c6f7d218b56ef9f373926fcbbfbe7863f
9ad973bae6aa691604ad043118ecce329ed20ffd34a7ec21fc066cf9ccdf56a3
9d3551a83e25a574fa27cbc49db743402901964aef2156f91c347a4dc5ad9da9
ad2ec0d5a573e698a08a654ab3988c9a441d090ff43720b44b0f4e3de5222b7e
ae5c7465dcea5e972339808b1a69c8a2647154610a91cd63d0760cc598459986
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bdac031083fee55e298fb99582528df22ef08c12a9e072395513ae5477abd312
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
ce18be73190458cc5654c633a2e2a9606832827f0b7892aa73b6421f94d663bc
d25b7e2f1787c659111016d922666728f83dd683bf45b995ebff71c054800297
d3f388e0cadda254d63312b8d1973b205f3b3c52e589bea5499465419fbb8ac1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c5f227a4a2b83bbb483afb28e3d3492135155961d21c503e2f1da7f59e3d1c
e80e6503bdd7c5beb22d579ab2666c67451d2afdffcfd9b1b91bc846464eca16
e9ca69d74fc32c178733e9345fe2239f2f493b07e7ff30c550b17e119c5c033f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff9082556f2aac242ef755494c2faedd7bdead1f71217b061fa85d9ead88cff
f1f871fc952a9c211432e84ee67d000ad1a18174a24dd3d187b50b228aff0961
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4