support.defenders.org Open in urlscan Pro
104.18.33.71 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://defenders.org/
Effective URL:
https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Submission: On August 25 via api (August 25th 2024, 9:42:30 pm UTC) from US — Scanned from CA

Summary HTTP 69 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 29 IPs in 2 countries across 20 domains to perform 69 HTTP transactions. The main IP is 104.18.33.71, located in and belongs to CLOUDFLARENET, US. The main domain is support.defenders.org.
TLS certificate: Issued by E5 on July 18th 2024. Valid for: 3 months.

This is the only time support.defenders.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	23.185.0.2 23.185.0.2	54113 (FASTLY) (FASTLY)
1 8	104.18.33.71 104.18.33.71	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	23.201.183.177 23.201.183.177	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.80.42 142.250.80.42	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.167.37.48 3.167.37.48	16509 (AMAZON-02) (AMAZON-02)
3	142.250.80.40 142.250.80.40	15169 (GOOGLE) (GOOGLE)
1	142.251.41.3 142.251.41.3	15169 (GOOGLE) (GOOGLE)
2	35.166.165.90 35.166.165.90	16509 (AMAZON-02) (AMAZON-02)
3	157.240.241.1 157.240.241.1	32934 (FACEBOOK) (FACEBOOK)
4	54.225.28.140 54.225.28.140	14618 (AMAZON-AES) (AMAZON-AES)
5	23.206.172.61 23.206.172.61	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
1	3.168.122.104 3.168.122.104	16509 (AMAZON-02) (AMAZON-02)
2	74.121.140.211 74.121.140.211	30419 (PAEDAE-INC) (PAEDAE-INC)
1	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
2	142.250.80.34 142.250.80.34	15169 (GOOGLE) (GOOGLE)
3	216.239.38.181 216.239.38.181	15169 (GOOGLE) (GOOGLE)
1	172.253.122.156 172.253.122.156	15169 (GOOGLE) (GOOGLE)
2	142.250.65.195 142.250.65.195	15169 (GOOGLE) (GOOGLE)
1	52.85.61.58 52.85.61.58	16509 (AMAZON-02) (AMAZON-02)
4	142.250.65.164 142.250.65.164	15169 (GOOGLE) (GOOGLE)
1	18.214.210.6 18.214.210.6	14618 (AMAZON-AES) (AMAZON-AES)
3	150.171.27.10 150.171.27.10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	157.240.241.35 157.240.241.35	32934 (FACEBOOK) (FACEBOOK)
1	52.72.145.167 52.72.145.167	14618 (AMAZON-AES) (AMAZON-AES)
3	52.85.61.2 52.85.61.2	16509 (AMAZON-02) (AMAZON-02)
1	142.250.72.99 142.250.72.99	15169 (GOOGLE) (GOOGLE)
1 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
69	29

2 23.185.0.2 (United States) 1 redirects

ASN54113 (FASTLY, US)

defenders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.33.71 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

support.defenders.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.201.183.177 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-183-177.deploy.static.akamaitechnologies.com

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.42 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.167.37.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-167-37-48.iad61.r.cloudfront.net

cdn.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.80.40 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.3 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.166.165.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-165-90.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.225.28.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-28-140.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.206.172.61 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-172-61.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.122.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-104.jfk52.r.cloudfront.net

js.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.121.140.211 (Reston, United States)

ASN30419 (PAEDAE-INC, US)

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.130 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.38.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.122.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.61.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-58.ewr53.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.65.164 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.210.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-210-6.compute-1.amazonaws.com

api.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 150.171.27.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.241.35 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-lga3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.145.167 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-145-167.compute-1.amazonaws.com

ad.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.85.61.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-2.ewr53.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.72.99 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	defenders.org 2 redirects defenders.org support.defenders.org	133 KB
7	google.com analytics.google.com — Cisco Umbrella Rank: 238 www.google.com — Cisco Umbrella Rank: 10	1023 B
6	rackcdn.com acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com — Cisco Umbrella Rank: 269272	150 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	140 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	5 KB
4	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 45244	40 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 77 td.doubleclick.net — Cisco Umbrella Rank: 481 stats.g.doubleclick.net — Cisco Umbrella Rank: 252	2 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 4688	10 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 534	15 KB
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 2631 insight.adsrvr.org — Cisco Umbrella Rank: 1486 match.adsrvr.org — Cisco Umbrella Rank: 505	6 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	76 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	308 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
2	google.ca www.google.ca — Cisco Umbrella Rank: 9677	127 B
2	mathtag.com pixel.mathtag.com — Cisco Umbrella Rank: 4337	1 KB
2	ipredictive.com js.ipredictive.com — Cisco Umbrella Rank: 15542 ad.ipredictive.com — Cisco Umbrella Rank: 11115	3 KB
2	nextdoor.com ads.nextdoor.com — Cisco Umbrella Rank: 9143 flask.nextdoor.com — Cisco Umbrella Rank: 8476	4 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	246 KB
2	neverbounce.com cdn.neverbounce.com — Cisco Umbrella Rank: 94620 api.neverbounce.com — Cisco Umbrella Rank: 217670	29 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 4508	8 KB
69	20

	Domain	Requested by
8	support.defenders.org	1 redirects support.defenders.org
6	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com	support.defenders.org
5	analytics.tiktok.com	support.defenders.org analytics.tiktok.com
4	www.facebook.com	support.defenders.org
4	www.google.com	support.defenders.org www.gstatic.com
4	js.verygoodvault.com	support.defenders.org js.verygoodvault.com
4	tags.srv.stackadapt.com	support.defenders.org tags.srv.stackadapt.com
3	bat.bing.com	support.defenders.org bat.bing.com
3	analytics.google.com	www.googletagmanager.com
3	connect.facebook.net	support.defenders.org connect.facebook.net
3	www.googletagmanager.com	support.defenders.org www.googletagmanager.com
3	fonts.googleapis.com	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
2	www.google.ca	support.defenders.org
2	td.doubleclick.net	www.googletagmanager.com
2	pixel.mathtag.com	support.defenders.org
2	defenders.org	1 redirects
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	www.gstatic.com	www.google.com
1	ad.ipredictive.com	js.ipredictive.com
1	flask.nextdoor.com	support.defenders.org
1	api.neverbounce.com	cdn.neverbounce.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	js.ipredictive.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	ads.nextdoor.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.neverbounce.com	support.defenders.org
1	stackpath.bootstrapcdn.com	acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
69	30

This site contains links to these domains. Also see Links.

Domain
defenders.org

Subject Issuer	Validity	Valid
support.defenders.org E5	`2024-07-18` - `2024-10-16`	3 months	crt.sh
*.ssl.cf5.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-24` - `2024-11-27`	a year	crt.sh
upload.video.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
bootstrapcdn.com WE1	`2024-07-23` - `2024-10-21`	3 months	crt.sh
neverbounce.com Amazon RSA 2048 M03	`2024-01-29` - `2025-02-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
nextdoor.com Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
*.ipredictive.com Amazon RSA 2048 M02	`2024-02-12` - `2025-03-11`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-23` - `2025-04-30`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.doubleclick.net WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.com WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.google.ca WR2	`2024-07-30` - `2024-10-22`	3 months	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
defenders.org R11	`2024-08-01` - `2024-10-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Frame ID: 7733B78F3DDD88042E95333CD6266C27
Requests: 58 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/1057285272?random=1724622143141&cv=11&fst=1724622143141&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&hn=www.googleadservices.com&frm=0&tiba=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&npa=0&pscdl=noapi&auid=994382328.1724622143&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 759033F6F7CE61D8C6B5E520F7DD7BED
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-GVV6YX8Y4E&gacid=1261189313.1724622143&gtm=45je48l0v875794897z86703658za200zb6703658&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=461955552
Frame ID: 26E76FD8E922B1E46DDF425453559230
Requests: 1 HTTP requests in this frame

Frame: https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js
Frame ID: B3DE5A83AB844BCD019ECBAC7FBD48FF
Requests: 2 HTTP requests in this frame

Frame: https://ad.ipredictive.com/d/track/event?upid=111242&cache_buster=1724622143&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&ps=0
Frame ID: CD55B10BADCDB0CAEBC9459EC21C8B14
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Frame ID: 1E1F588180AC4DF6214AC30908FAFA7A
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Frame ID: 5E3927ACBBAB9FA45CA7A05B13C831EF
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Frame ID: 134A0587331FB8A63924E9F9578FCC93
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zdXBwb3J0LmRlZmVuZGVycy5vcmc6NDQz&hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=normal&cb=909hz5q682zl
Frame ID: 8F775FD5CD9D1442FFD518D0EE1C6FA8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1
Frame ID: B20A15C3F4C17181A5807898EF9ED39C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H
Frame ID: E040765448E5239100A12828FCDCDECF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Defenders of Wildlife | Fight the Faces of Extinction!

Page URL History Show full URLs

http://defenders.org/ HTTP 307
https://defenders.org/ HTTP 302
https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

69
Requests

99 %
HTTPS

0 %
IPv6

20
Domains

30
Subdomains

29
IPs

2
Countries

1176 kB
Transfer

3430 kB
Size

37
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://defenders.org/

Search URL Search Domain Scan URL

URL: https://defenders.org/defenders-wildlife-privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://defenders.org/defenders-of-wildlife-cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://defenders.org/ HTTP 307
https://defenders.org/ HTTP 302
https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js

Request Chain 64

https://insight.adsrvr.org/track/up?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/upb/?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1

69 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1 Show response
support.defenders.org/page/71661/donate/
Redirect Chain

http://defenders.org/
https://defenders.org/
https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

36 KB
9 KB

258ms
178ms

Document
text/html

104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eca3d595535caba0a195853677f4469ff47ad7581b3b08692423e8156f9d2f01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8b8ec06419b1ab3b-YYZ
content-encoding: br
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Sun, 25 Aug 2024 21:42:22 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

accept-ranges: bytes
age: 0
cache-control: must-revalidate, no-cache, private
content-language: en
content-length: 570
content-type: text/html; charset=utf-8
date: Sun, 25 Aug 2024 21:42:21 GMT
expires: Sun, 19 Nov 1978 05:00:00 GMT
location: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
server: nginx
strict-transport-security: max-age=300
vary: Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-drupal-dynamic-cache: UNCACHEABLE
x-frame-options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe2-a-bb6646cfc-ptz64
x-served-by: cache-chi-kigq8000138-CHI, cache-yyz4554-YYZ
x-styx-req-id: e8e86dc8-632a-11ef-9e82-062ecced9631
x-timer: S1724622142.887819,VS0,VE104

GET
H/1.1 200
OK takeover.style.css
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 215 KB
31 KB 160ms
47ms Stylesheet
text/css 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/takeover.style.css?v=1706043334000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e46c3dcea43d010f9d80f5e952680feca85df73f8ce34cae90154e73db130760

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2024 20:55:34 GMT
ETag: 124f809f9b1ffa49863c97b0a039c392
Vary: Accept-Encoding
Content-Type: text/css
X-Timestamp: 1706043333.91760
Cache-Control: public, max-age=455
X-Object-Meta-Enid: 1706043333740
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx9cc6d51d8bdb431fadc90-0066cb8eb6iad3
Content-Length: 31710
Expires: Sun, 25 Aug 2024 21:49:57 GMT

GET
H2 200 enPage.css
support.defenders.org/pageassets/css/ 46 KB
9 KB 249ms
247ms Stylesheet
text/css 104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/pageassets/css/enPage.css?v=4.0.0

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8210b002c51550eb271577baa262bfa71a159c989cc2e03acb993c621423661d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: gzip
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains
age: 4264
content-length: 8929
last-modified: Wed, 14 Aug 2024 15:22:00 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8b8ec0655ab2ab3b-YYZ
expires: Sun, 25 Aug 2024 22:12:22 GMT

GET
H2 200 pagedata.js Show response
support.defenders.org/page/71661/ 8 KB
2 KB 274ms
273ms Script
text/javascript 104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/71661/pagedata.js?locale=en-US&ea.profile.id=0

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c400c9a480e1a5cd354e929f19b5714d6752bc48f7128eb80d793a2ba25895bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8b8ec0655ab7ab3b-YYZ
content-type: text/javascript

GET
H2 200 enPage.js Show response
support.defenders.org/pageassets/js/ 195 KB
56 KB 270ms
269ms Script
application/javascript 104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab5cf3d36b476cd8a2939e3b7a58af36cb31a61bd24e8659189b5c91bf881a76

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: gzip
content-security-policy: default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
last-modified: Wed, 14 Aug 2024 15:22:00 GMT
server: cloudflare
cf-cache-status: HIT
age: 4264
strict-transport-security: max-age=15552000; includeSubDomains
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 8b8ec0655ab8ab3b-YYZ
expires: Sun, 25 Aug 2024 22:12:22 GMT

GET
H/1.1 200
OK logo-white.png
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 8 KB
8 KB 149ms
38ms Image
image/png 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/logo-white.png?v=1606165842000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c58ca353473b6167dce127ba600a74757e1fc6eb3f2c2caafd7a77c46edd0018

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Last-Modified: Mon, 23 Nov 2020 21:10:43 GMT
ETag: 699fa220a38970fdfe7c9d7c35e0538d
Content-Type: image/png
X-Timestamp: 1606165842.12436
Cache-Control: public, max-age=461
X-Object-Meta-Enid: 1606165841585
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx572bf0f2effc48cbb6d44-0066cb8eb7iad3
Content-Length: 7750
Expires: Sun, 25 Aug 2024 21:50:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 140ms
56ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900

Requested by

Host: acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/takeover.style.css?v=1706043334000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

472700da53b5c2e7c8e21b3314b7b13ee282abbbb8127e34b4dd8c26c906f505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 21:01:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
625 B 143ms
59ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat+Alternates:500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

7a9db86be2231f6e1c69840ba668a81d412f0c3ed1cfe630bed053130422d259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 21:42:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 102ms
73ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 876
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 10217958
cdn-cachedat: 03/18/2024 12:59:19
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e07030f9921d09bce8159ebf1b933479
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 8b8ec066f90fa1f9-YYZ
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 445 B
414 B 140ms
57ms Stylesheet
text/css 142.250.80.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Swanky+and+Moo+Moo&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.42 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f10.1e100.net

Software

ESF /

Resource Hash

d3ff47b33f6e790d82238d78c7eb82b32483cc0cc53a9d32846ed3c79c84ebea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 21:42:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H/1.1 200
OK applepay.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 5 KB
2 KB 40ms
40ms Script
application/x-javascript 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/applepay.js?v=1663865692000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a8234e3601e48bb1837e8db8b9a2492014b054265d837cd9817dc22d5171f37

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Sep 2022 16:54:53 GMT
ETag: f16cfd11182d3dd8a635f48613b69da2
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Timestamp: 1663865692.41302
Cache-Control: public, max-age=457
X-Object-Meta-Enid: 1663865692212
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx681fc9199ab8472294a57-0066cb8eb6iad3
Content-Length: 1637
Expires: Sun, 25 Aug 2024 21:49:59 GMT

GET
H/1.1 200
OK takeover.bundle.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 115 KB
38 KB 60ms
59ms Script
application/x-javascript 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/takeover.bundle.js?v=1706040962000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8868fe35e43a3dad02df8f14b34e303b7faabaf85e8456579d01428becbd19f0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 23 Jan 2024 20:16:03 GMT
ETag: 9a52163bf7bd2b5340fc49ac232804c5
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Timestamp: 1706040962.18448
Cache-Control: public, max-age=414
X-Object-Meta-Enid: 1706040961999
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx6d1ccadb68d44b4fa32a9-0066cb8eb7iad3
Content-Length: 38594
Expires: Sun, 25 Aug 2024 21:49:16 GMT

GET
H/1.1 200
OK vgs.bundle.js Show response
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 2 KB
1 KB 71ms
71ms Script
application/x-javascript 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/vgs.bundle.js?v=1706044081000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c2889401199073a999df5333484b8c950451a343fa6ec46179348078211b4647

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 May 2024 19:40:35 GMT
ETag: 4323f1784bfe16d98688938429dbb1b3
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Timestamp: 1715370034.61645
Cache-Control: public, max-age=413
X-Object-Meta-Enid: 1715370034461
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx8229ef1159bd4dbe98cd9-0066cb8eb7iad3
Content-Length: 704
Expires: Sun, 25 Aug 2024 21:49:15 GMT

GET
H2 200 NeverBounce.js Show response
cdn.neverbounce.com/widget/dist/ 96 KB
29 KB 551ms
428ms Script
application/javascript 3.167.37.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.167.37.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-167-37-48.iad61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 09:00:51 GMT
x-amz-version-id: null
content-encoding: gzip
last-modified: Mon, 02 Mar 2020 18:37:33 GMT
server: AmazonS3
via: 1.1 615fb4121a4d8bc094d80720dc4d32b2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD61-P4
etag: W/"c1e06621030dfcba15b88abbcaa546eb"
age: 45693
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: HA_DMsC1q7tsYxAzmlwrLRdbvDlGqxokTinkewuh_bknEUGJ7EyDIg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 344 KB
111 KB 160ms
74ms Script
application/javascript 142.250.80.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.40 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

13676148fef839548f3e9c5106d8383fe9d3f6a82a7cfd0146693cbb0316a043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113697
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H/1.1 200
OK wolf-closeup.jpg
acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/ 68 KB
69 KB 122ms
121ms Image
image/jpeg 23.201.183.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com/10063/wolf-closeup.jpg?v=1669049885000
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.183.177 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-183-177.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 683d2c3662055d8661f8d87a0b7121a3ca9a3d2e1b36fc381ccd56a60ca56660

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:22 GMT
Last-Modified: Mon, 21 Nov 2022 16:58:05 GMT
ETag: 7ab86d233e0add0f43b69172145ceb52
Content-Type: image/jpeg
X-Timestamp: 1669049884.85997
Cache-Control: public, max-age=475
X-Object-Meta-Enid: 1669049884665
Accept-Ranges: bytes
Connection: keep-alive
X-Trans-Id: tx86afb8fd38804c40865af-0066cac25aiad3
Content-Length: 70092
Expires: Sun, 25 Aug 2024 21:50:17 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 366ms
33ms Font
font/woff2 142.251.41.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,500,600,700,800,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.3 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://support.defenders.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 23 Aug 2024 06:47:40 GMT
x-content-type-options: nosniff
age: 226482
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Aug 2025 06:47:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 341 KB
110 KB 76ms
75ms Script
application/javascript 142.250.80.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.40 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

06da0eac0ce4b954f318a36de67dff7ed067f0bdce428aea0f3af92a8b9ec276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 112118
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 7 KB
4 KB 466ms
242ms Script
application/javascript 35.166.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.165.90 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-165-90.us-west-2.compute.amazonaws.com

Software

istio-envoy /

Resource Hash

505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .lightning.force.com nextdoor.com .nextdoor.com nextdoor-test.com *.nextdoor-test.com;

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
content-security-policy: frame-ancestors 'self' *.lightning.force.com nextdoor.com *.nextdoor.com nextdoor-test.com *.nextdoor-test.com;
content-encoding: gzip
last-modified: Fri, 23 Aug 2024 18:45:08 GMT
server: istio-envoy
etag: W/"66c8d8b4-1d89"
vary: Accept-Encoding
content-type: application/javascript
x-envoy-upstream-service-time: 1

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 113ms
63ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 21:42:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58912
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=32, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: S6dOd/82TkdbUKEpEiiV0ZhHaBJ+26TebJs7/taEuih4puzYEtn3doCxxuGexbHry/iF91cVVGOlZFWsiHoucw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
87 KB 76ms
75ms Script
application/javascript 142.250.80.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1057285272

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.40 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

184bf34e905bf0fd293f0ff7667ef88a6b46ecaee398a4d9b8ab78d4a2eabaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89195
x-xss-protection: 0
last-modified: Sun, 25 Aug 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 25 Aug 2024 21:42:22 GMT

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 158ms
45ms Script
text/javascript 54.225.28.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.28.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-28-140.compute-1.amazonaws.com
Software: /
Resource Hash: 28b53b4d649bf60e411ab09c39876463b974b995fa05c3290cebda90d3faeb4c

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 21:42:23 GMT
cache-control: max-age=5
content-encoding: gzip
content-type: text/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 175ms
62ms Script
application/javascript 23.206.172.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6B7721U9OSRR6784460&lib=ttq
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5ca4bed2f42648726b9d68e13d73cd48671636444cb3e23f59e814b51a3e4796

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 1ae621c
date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825214223CBD2BCB6F2F05712D475-2DBB36230894919B-00
x-cache: TCP_MISS from a23-58-89-50.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=1, origin; dur=14
content-length: 2037
pragma: no-cache
server: nginx
x-tt-logid: 20240825214223CBD2BCB6F2F05712D475
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.58.89.50
x-tt-trace-host: 017323e79f3991bfcedb6591e129e382bdc2b27e7961e312c73fceee6efad3d27b3a4b05b6ad29a7765b4b6fbc005e0a2e38a5f0750cc0e823dbd64db622d4e76e5f9618fd3d744fec86b66521b602e4ab60feef6ee632ddf8a630753d996c361b
expires: Sun, 25 Aug 2024 21:42:23 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 12 KB
5 KB 150ms
40ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 18:28:09 GMT
Content-Encoding: gzip
Via: 1.1 56e001f87fa53501872a21f09bb07046.cloudfront.net (CloudFront)
Last-Modified: Fri, 07 Jun 2024 09:20:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 11655
x-amz-server-side-encryption: AES256
ETag: W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding: chunked
Vary: accept-encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 1qlLrrpE2zZ1tb6omkyh4Scp_AcadEUfgDTFIaglQbbQCIKb6CJ5UQ==

GET
H2 200 viant_universal_pixel.js Show response
js.ipredictive.com/ 2 KB
3 KB 427ms
316ms Script
application/javascript 3.168.122.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ipredictive.com/viant_universal_pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDPL88
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-104.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:27:58 GMT
via: 1.1 b64fdff42dda37e61c076a0109c42a14.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 00:38:12 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
age: 866
etag: "b9945c83287e6353c078adc3293e6d98"
x-amz-server-side-encryption: AES256
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2530
x-amz-cf-id: YNilEe36y7O3ha4vmDOmR1LBOtSfqHky_7qx4DFaHAINK5DJNDxt2Q==

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 0
566 B 151ms
42ms Image
image/gif 74.121.140.211
PAEDAE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mathtag.com/event/img?mt_id=1490860&mt_adid=239706&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.121.140.211 Reston, United States, ASN30419 (PAEDAE-INC, US),

Reverse DNS

Software

MT3 1637 26565ec master iad iad-pixel-x20 config_version:"2433" /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:23 GMT
Strict-Transport-Security: 31536000
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Server: MT3 1637 26565ec master iad iad-pixel-x20 config_version:"2433"
X-Permitted-Cross-Domain-Policies: all
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
X-XSS-Protection: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ 0
566 B 152ms
43ms Image
image/gif 74.121.140.211
PAEDAE-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mathtag.com/event/img?mt_id=1615498&mt_adid=239706&mt_exem=&mt_excl=&v1=&v2=&v3=&s1=&s2=&s3=

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

74.121.140.211 Reston, United States, ASN30419 (PAEDAE-INC, US),

Reverse DNS

Software

MT3 1637 26565ec master iad iad-pixel-x11 config_version:"2433" /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 25 Aug 2024 21:42:23 GMT
Strict-Transport-Security: 31536000
Referrer-Policy: strict-origin
X-Content-Type-Options: nosniff
Server: MT3 1637 26565ec master iad iad-pixel-x11 config_version:"2433"
X-Permitted-Cross-Domain-Policies: all
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
X-XSS-Protection: 0

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 101ms
100ms Stylesheet
text/css 54.225.28.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.28.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-28-140.compute-1.amazonaws.com
Software: /
Resource Hash: e79246268023b3e5648e3d2095e65fbfbc769c325b010ab5643c0627925d140c

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 21:42:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 125ms
41ms Fetch
image/jpeg 54.225.28.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.28.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-28-140.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 25 Aug 2024 21:42:23 GMT
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
content-type: image/jpeg

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1057285272/ 3 KB
1 KB 482ms
60ms Script
text/javascript 142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1057285272/?random=1724622143141&cv=11&fst=1724622143141&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&hn=www.googleadservices.com&frm=0&tiba=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&npa=0&pscdl=noapi&auid=994382328.1724622143&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1057285272

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.130 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

cafe /

Resource Hash

6cb5358a8fed38a17a8869014ec1426b96dbf83859686a0a137950d0d1d734e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1426
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1057285272
td.doubleclick.net/td/rul/ Frame 7590 0
0 158ms
70ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/1057285272?random=1724622143141&cv=11&fst=1724622143141&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&hn=www.googleadservices.com&frm=0&tiba=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&npa=0&pscdl=noapi&auid=994382328.1724622143&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1057285272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 21:42:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
0 177ms
45ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GVV6YX8Y4E&gtm=45je48l0v875794897z86703658za200zb6703658&_p=1724622142618&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1261189313.1724622143&ecid=496161024&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sid=1724622143&sct=1&seg=0&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&dt=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&_s=1&tfd=1435
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.defenders.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 175ms
45ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GVV6YX8Y4E&gtm=45je48l0v875794897z86703658za200zb6703658&_p=1724622142618&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1261189313.1724622143&ecid=496161024&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1724622143&sct=1&seg=0&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&dt=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.defenders.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 149ms
49ms Ping
text/plain 172.253.122.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GVV6YX8Y4E&cid=1261189313.1724622143&gtm=45je48l0v875794897z86703658za200zb6703658&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.122.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bh-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.defenders.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 26E7 0
0 68ms
66ms Document
text/html 142.250.80.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-GVV6YX8Y4E&gacid=1261189313.1724622143&gtm=45je48l0v875794897z86703658za200zb6703658&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=461955552

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 21:42:23 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 148ms
98ms Image
image/gif 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GVV6YX8Y4E&cid=1261189313.1724622143&gtm=45je48l0v875794897z86703658za200zb6703658&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0&tag_exp=0&z=1980434241

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1714661645444410 Show response
connect.facebook.net/signals/config/ 63 KB
13 KB 131ms
130ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1714661645444410?v=2.9.165&r=stable&domain=support.defenders.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

c605ea7b426b2c39c05cb81b6a9517eeff064bb786ec0b058b5a7a0296768b7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 21:42:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=47, rtx=2, c=72, mss=1232, tbw=69419, tp=65, tpl=2, uplat=94, ullat=0
pragma: public
x-fb-debug: lgD89jibe/If7pM7iO4ncSjMq0Z4ENVIBVt8Tyej+ZheGzpHnB+udvj3baZegy5ADR+8f8bSDlgKaGaI9Fi6cw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.23.0/ 131 KB
40 KB 182ms
46ms Script
text/javascript 52.85.61.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.23.0/vgs-collect.js
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-58.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 986396491426dd783041c67d14d8e8bf5dcce5d191da57b9e064ca27f1301e41

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: epxhy2_H1z24Q0N2siXYyxNvtmbsmEaj
Content-Encoding: gzip
Via: 1.1 52b969a4ab7956a248b07efba57c92a4.cloudfront.net (CloudFront)
Date: Sun, 25 Aug 2024 21:41:50 GMT
X-Amz-Cf-Pop: EWR53-P1
Age: 35
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 05 Mar 2024 22:23:54 GMT
Server: AmazonS3
ETag: W/"75046cbcfc188802c39df717cb9cba58"
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: ywTQkX7gNw8rj8hxnWclo-X4wgIX2DGuf1aIAJLPb3ukTry5dCVqvA==

GET
H2 200 pagedata Show response
support.defenders.org/page/71661/donate/1/ 190 B
1 KB 78ms
75ms XHR
application/json 104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/page/71661/donate/1/pagedata

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Accept: application/json, text/javascript
Referer: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Ri6njmtXIryXXWx7aZd9x6L.rV.ebeeV1V0_yA9m_Aw-1724622143-1.0.1.1-_Uw2wRnhSzatf3J_uI8Pt7jQaXp0jGw.pi2NoEaTQUgWVql_5iTpcXq7buaT5Sq_zpZhe1lStQSlOA80qXEov7NWxDv_tjU6lTQeRfBT8jChP6NvB4f1Ihepw.aL7eWdAzRSDhWyNBCWZheHtp2c.Lt1XHmDivdMD_abZK080w0; report-to cf-csp-endpoint
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Ri6njmtXIryXXWx7aZd9x6L.rV.ebeeV1V0_yA9m_Aw-1724622143-1.0.1.1-_Uw2wRnhSzatf3J_uI8Pt7jQaXp0jGw.pi2NoEaTQUgWVql_5iTpcXq7buaT5Sq_zpZhe1lStQSlOA80qXEov7NWxDv_tjU6lTQeRfBT8jChP6NvB4f1Ihepw.aL7eWdAzRSDhWyNBCWZheHtp2c.Lt1XHmDivdMD_abZK080w0"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/json
cf-ray: 8b8ec06bff7eab3b-YYZ
content-length: 129

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
959 B 134ms
55ms Script
text/javascript 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/pageassets/js/enPage.js?v=4.0.0

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

GSE /

Resource Hash

ee18fa1ada74c5d3261424bcc1c4f077510c31a06bee0ff6742f180ed14c57d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Sun, 25 Aug 2024 21:42:23 GMT

GET
H2 200 notify Show response
api.neverbounce.com/v4/poe/ 62 B
282 B 719ms
67ms Script
application/javascript 18.214.210.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.neverbounce.com/v4/poe/notify?key=public_2a16b98854e9f64da433496569f1c51e&event=form.load&callback=__neverbounce_39951

Requested by

Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.214.210.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-210-6.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d85cafc9267f4d8c219e630e4c43c8ad2840f665a8eea06799d82ada5cf581a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private
x-ua-compatible: IE=Edge

GET
H2

200

main.js Show response
support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/ Frame B3DE
Redirect Chain

https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

8 KB
4 KB

36ms
35ms

Script
application/javascript

104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0461e4dfff8239dbdc7a575a4b512902c8848ca7f50c223572644e070a34dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b8ec06cd836ab3b-YYZ

Redirect headers

date: Sun, 25 Aug 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/6790c32b9fc9/main.js?
access-control-allow-origin: *
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray: 8b8ec06c9810ab3b-YYZ
content-length: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
14 KB 197ms
58ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 25 Aug 2024 21:42:22 GMT
last-modified: Sat, 13 Jul 2024 20:42:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 292E00C9D6D14B9BB386FA68819F1167 Ref B: YTO01EDGE0815 Ref C: 2024-08-25T21:42:23Z
etag: "044982565d5da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 14183

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 213 B
411 B 42ms
41ms XHR
text/plain 54.225.28.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=kmnalmC-Fn74l4fGN-kaMA&is_js=true&landing_url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&t=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&tip=gKhjehsoDgcorX4mf0gaO4wlzgjuUlH8IpjlcXnVl1g&host=https%3A%2F%2Fsupport.defenders.org&sa_conv_data_css_value=%270-4bef2d5a-c747-50ed-7c2b-b3f828f12986%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd94bef2d5ac74750ed7c2bb3f828f12986955810e4&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgv8qutgYwAToEED3EAEIEF9K7qw.a9an6nPjWdy7uAwu7FEyG4rSy69s71dqdUBL2T7R35s&sa-user-id-v2=s%253AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%252BOQbX%252FmiKuRQGnYn8fWI9RU2Aa0y8w97%252FMX%252BLz8&sa-user-id=s%253A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%252FDcrjgLhCazRVtCqs
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.225.28.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-225-28-140.compute-1.amazonaws.com
Software: /
Resource Hash: eaecd37c99456618bb416352b3981c2280d42177948cfab9639be2544567dd43

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://support.defenders.org
date: Sun, 25 Aug 2024 21:42:23 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 213
access-control-allow-methods: GET
content-type: text/plain; charset=utf-8

GET
H2 200 main.MTcwODM0ODQ4MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 331 KB
96 KB 43ms
42ms Script
application/javascript 23.206.172.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6B7721U9OSRR6784460&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 1ae6364
date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408230056233E19F1031BD116E70851
x-tt-trace-id: 00-2408230056233E19F1031BD116E70851-3359091D65EB56D1-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-50.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 017f14c8a4d566d6bb225815e09579b7e3a0c2eb774d5d6211da30ba983883da42cf282f57b67bd229fe982e6dc6cc5c858b16693ec769baa4a65d0acb8b9ff92e890491425074b1b469f72c7c3b04f0a78cd8b0981552172489b34aad55b34dfe
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=6
content-length: 97610

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 113ms
103ms Image
text/plain 35.166.165.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=eeb9a512-320c-4ed0-88b5-331c6b6dac3b&vrs=8.4&ev=PAGE_VIEW&pl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&ndclid=&ndclid_src=0&rf=&sem=&tm=GTM&iid=03be13e0-948b-4b1b-ab02-88322b842ebe&pageid=7cf9e8a5-805b-47fa-8957-2d6eea1c04c4&sessionid=6087dc2c-7f58-4c6e-b35b-485cb08f21ba&cd=%7B%7D
Requested by: Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.165.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-165-90.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
context-id: d41dd405-d654-4988-8831-7de069dc1db9

GET
H3 200 926360308284354 Show response
connect.facebook.net/signals/config/ 33 KB
5 KB 85ms
84ms Script
application/x-javascript 157.240.241.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/926360308284354?v=2.9.165&r=stable&domain=support.defenders.org&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110%2C196%2C195%2C197%2C202%2C203%2C204%2C200%2C192%2C128%2C159%2C191%2C193%2C119%2C153%2C141%2C147%2C185%2C186%2C125%2C228%2C113%2C229%2C161%2C116%2C231%2C162%2C132%2C120%2C150%2C144

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-lga3.fbcdn.net

Software

Resource Hash

88e85d4ec893dba78d776cacd3d97805d3cccaae67ea044cba019989b88b3232

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 25 Aug 2024 21:42:23 GMT
document-policy: force-load-at-top
x-fb-server-load: 39
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=2, c=74, mss=1232, tbw=83307, tp=79, tpl=2, uplat=47, ullat=0
pragma: public
x-fb-debug: s1Bd/+zXHBhamvZ7B7zOEureDvsQnTPCbIKyaCYHZGNBIYzm7R3dtJph/ivx073M6jrlVMgJz/E7apw7eVgEJA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 175ms
44ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1714661645444410&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&rl=&if=false&ts=1724622143501&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724622143495.356923614502101523&ler=empty&cdl=API_unavailable&it=1724622143275&coo=false&rqm=GET

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=34, rtx=0, c=10, mss=1316, tbw=2832, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 21:42:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 223ms
92ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1714661645444410&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&rl=&if=false&ts=1724622143501&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724622143495.356923614502101523&ler=empty&cdl=API_unavailable&it=1724622143275&coo=false&rqm=FGET

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x71eab97aeaa384db","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:3972401769496408","24:2915639425171490","7830:3972401769496408","7830:2915639425171490","10853:3972401769496408","10853:2915639425171490","41:3972401769496408","41:2915639425171490","8046:3972401769496408","8046:2915639425171490"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 25 Aug 2024 21:42:23 GMT
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407195702682869704", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=14, mss=1316, tbw=3150, tp=-1, tpl=-1, uplat=52, ullat=0
pragma: no-cache
x-fb-debug: zydiJgXieIbiFyslrgK6UfGv/L8Q4pB0ZWldag9yjSedny/VYKMVULs9wossqJ46NNWSIApu8hGGiLD8Mbaj3w==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407195702682869704"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK event
ad.ipredictive.com/d/track/ Frame CD55 0
0 190ms
41ms Document
text/plain 52.72.145.167
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.ipredictive.com/d/track/event?upid=111242&cache_buster=1724622143&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&ps=0
Requested by: Host: js.ipredictive.com
URL: https://js.ipredictive.com/viant_universal_pixel.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.145.167 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-145-167.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sun, 25 Aug 2024 21:42:23 GMT
X-CI-RTID: 79434465-b5ec-40b7-9d47-82575b2330f3

POST
H2 200 8b8ec06419b1ab3b Show response
support.defenders.org/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B3DE 0
604 B 138ms
130ms XHR
text/plain 104.18.33.71
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://support.defenders.org/cdn-cgi/challenge-platform/h/b/jsd/r/8b8ec06419b1ab3b

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.33.71 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 25 Aug 2024 21:42:23 GMT
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 8b8ec06df8e3ab3b-YYZ
content-length: 0
content-type: text/plain; charset=UTF-8

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.23.0/lib/ Frame 1E1F 0
0 384ms
316ms Document
text/html 52.85.61.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.23.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-2.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age: 17
Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 25 Aug 2024 21:42:08 GMT
ETag: W/"ff4e31ba454bdd596564ae306b8ff3eb"
Last-Modified: Tue, 05 Mar 2024 22:23:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CXaxn46y8cOOoJDwMFQsxSl_qXcfvRAdJgOmtmVO3tM9BMO5HlcpUg==
X-Amz-Cf-Pop: IAD55-P3 EWR53-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: tE_r03YncDs4MASDc94z_YflfgWV0PfC

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.23.0/lib/ Frame 5E39 0
0 380ms
380ms Document
text/html 52.85.61.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.23.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-2.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age: 17
Cache-Control: max-age=60
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 25 Aug 2024 21:42:08 GMT
ETag: W/"ff4e31ba454bdd596564ae306b8ff3eb"
Last-Modified: Tue, 05 Mar 2024 22:23:57 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CXaxn46y8cOOoJDwMFQsxSl_qXcfvRAdJgOmtmVO3tM9BMO5HlcpUg==
X-Amz-Cf-Pop: IAD55-P3 EWR53-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: tE_r03YncDs4MASDc94z_YflfgWV0PfC

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/2.23.0/lib/ Frame 134A 0
0 374ms
374ms Document
text/html 52.85.61.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.23.0/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.23.0/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.61.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-61-2.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Age: 17
Cache-Control: max-age=60
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 25 Aug 2024 21:42:08 GMT
ETag: W/"ff4e31ba454bdd596564ae306b8ff3eb"
Last-Modified: Tue, 05 Mar 2024 22:23:57 GMT
Server: AmazonS3
Vary: Accept-Encoding
Via: 1.1 31f764b3af7bd53499e97e3e9c790b42.cloudfront.net (CloudFront), 1.1 6e01480ef7aa01c23bf600698a613304.cloudfront.net (CloudFront)
X-Amz-Cf-Id: CXaxn46y8cOOoJDwMFQsxSl_qXcfvRAdJgOmtmVO3tM9BMO5HlcpUg==
X-Amz-Cf-Pop: IAD55-P3 EWR53-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: tE_r03YncDs4MASDc94z_YflfgWV0PfC

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/ 538 KB
213 KB 955ms
870ms Script
text/javascript 142.250.72.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.99 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f3.1e100.net

Software

sffe /

Resource Hash

1425b3dc4e809e5488aae10e2eb2511f652c6a9c3845c98c3fe69f07fe0c9e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
Origin: https://support.defenders.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 25 Aug 2024 19:39:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7387
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217366
x-xss-protection: 0
last-modified: Mon, 19 Aug 2024 04:00:58 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Aug 2025 19:39:17 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 41ms
36ms Image
text/plain 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=926360308284354&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&rl=&if=false&ts=1724622143723&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724622143495.356923614502101523&ler=empty&cdl=API_unavailable&cs_est=true&it=1724622143275&coo=false&rqm=GET

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=14, mss=1316, tbw=6865, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 25 Aug 2024 21:42:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 59ms
56ms Image
image/png 157.240.241.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=926360308284354&ev=PageView&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&rl=&if=false&ts=1724622143723&sw=1600&sh=1200&v=2.9.165&r=stable&ec=0&o=4126&fbp=fb.1.1724622143495.356923614502101523&ler=empty&cdl=API_unavailable&cs_est=true&it=1724622143275&coo=false&rqm=FGET

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.241.35 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-lga3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5ca037cfda2a4749","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:7078077572234132","24:5058776260856138","24:4832450126838766","24:4917258811688050","7830:7078077572234132","7830:5058776260856138","7830:4832450126838766","7830:4917258811688050","10853:7078077572234132","10853:5058776260856138","10853:4832450126838766","10853:4917258811688050","41:7078077572234132","41:5058776260856138","41:4832450126838766","41:4917258811688050","8046:7078077572234132","8046:5058776260856138","8046:4832450126838766","8046:4917258811688050"]},"debug_reporting":true,"debug_key":"1"}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Sun, 25 Aug 2024 21:42:23 GMT
x-fb-server-load: 27
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7407195702652698697", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=35, rtx=0, c=14, mss=1316, tbw=7011, tp=-1, tpl=-1, uplat=20, ullat=0
pragma: no-cache
x-fb-debug: o+qUubd3ZyIPkMTNQKsxUDIYOuw7W5bRZjSZAuUAmqvsIrwXgU2pSu5jLfHaSRcEa4qsJJHpILl7pvQf9zRslw==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7407195702652698697"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1057285272/ 42 B
64 B 54ms
53ms Image
image/gif 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1057285272/?random=1724622143141&cv=11&fst=1724619600000&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&hn=www.googleadservices.com&frm=0&tiba=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&npa=0&pscdl=noapi&auid=994382328.1724622143&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfG2O6dQeSPiGgUS0dDfCoX0-PFqA5Qg&random=2598495684&rmt_tld=0&ipr=y

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.ca/pagead/1p-user-list/1057285272/ 42 B
64 B 57ms
57ms Image
image/gif 142.250.65.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/1057285272/?random=1724622143141&cv=11&fst=1724619600000&bg=ffffff&guid=ON&async=1&gtm=45be48l0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&hn=www.googleadservices.com&frm=0&tiba=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&npa=0&pscdl=noapi&auid=994382328.1724622143&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfG2O6dQeSPiGgUS0dDfCoX0-PFqA5Qg&random=2598495684&rmt_tld=1&ipr=y

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:23 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identify_c2008b8c.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
40 KB 39ms
39ms Script
application/javascript 23.206.172.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_c2008b8c.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 1ae645c
date: Sun, 25 Aug 2024 21:42:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202408061913258435689CE415E98077BB
x-tt-trace-id: 00-2408061913258435689CE415E98077BB-195B090BBF7C9BCF-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-58-89-50.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e10cb6773c2b58095eeee787d98a6c6cd1faf5375857e19be7389d71fac41f461d6add66d502e5160f2a482999dbfaa1924d08666268999c55dd10ce86a8b1a994e58b6b0cb129c18bcbf1c6cc18af01f6503f5a19064d77be3454f9f673ae03
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 40268

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 89ms
87ms Ping
text/plain 23.206.172.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ae646b
date: Sun, 25 Aug 2024 21:42:23 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240825214223DBE09F0F1C0014364EF2-32366B743F0A90AA-00
x-cache: TCP_MISS from a23-58-89-50.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=32, cdn-cache; desc=MISS, edge; dur=6, origin; dur=45
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240825214223DBE09F0F1C0014364EF2
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 45,23.58.89.50
x-tt-trace-host: 017323e79f3991bfcedb6591e129e382bdc2b27e7961e312c73fceee6efad3d27b1fc984984ce84eb15b40d495aef35bd8654be34af9886aac1962ed04c9452310fc96de334dfd45ca735e63d41b0261f5d5ad133e50a66359d802fc60ef2887ff
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 21:42:23 GMT

GET
H2 200 4051602.js Show response
bat.bing.com/p/action/ 334 B
406 B 86ms
85ms Script
application/javascript 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4051602.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 25 Aug 2024 21:42:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5DFF59F8D5A84835B3A60145570D1C20 Ref B: YTO01EDGE0815 Ref C: 2024-08-25T21:42:23Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=1800

GET
H2 204 0
bat.bing.com/action/ 0
360 B 52ms
52ms Image
text/plain 150.171.27.10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4051602&Ver=2&mid=1187b7ca-0af6-47e1-91ee-543210695923&sid=ea139850632a11efa9f73f962b601d21&vid=ea13d770632a11efa3b083fbeb0db46e&vids=1&msclkid=N&pi=918639831&lg=en-CA&sw=1600&sh=1200&sc=24&tl=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&p=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&r=&lt=1627&evt=pageLoad&sv=1&cdb=AQAQ&rn=558526

Requested by

Host: support.defenders.org
URL: https://support.defenders.org/page/71661/donate/1?ea.tracking.id=web_home_content

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

150.171.27.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 25 Aug 2024 21:42:22 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 41C8DAFC1E044A0991233A19956070DD Ref B: YTO01EDGE0815 Ref C: 2024-08-25T21:42:23Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
718 B 77ms
76ms Ping
text/plain 23.206.172.61
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTcwODM0ODQ4MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.172.61 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-172-61.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1ae652a
date: Sun, 25 Aug 2024 21:42:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24082521422493CB14B5FFF568A7A0FB-5433013E6A960B1C-00
x-cache: TCP_MISS from a23-58-89-50.deploy.akamaitechnologies.com (AkamaiGHost/11.6.1.1-c253c574b3c2af32d59c15ea70b89e46) (-)
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=13, origin; dur=26
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024082521422493CB14B5FFF568A7A0FB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 27,23.58.89.50
x-tt-trace-host: 017323e79f3991bfcedb6591e129e382bdc2b27e7961e312c73fceee6efad3d27ba010586b5ef8348e70c14db90536e754e7b6dfce3d2ef986beb2f2523e44b88a94977ab29473838d34d7ca8775b86486dfaa81a54cf60a90444909eeefc14774
access-control-allow-headers: Authorization,*
expires: Sun, 25 Aug 2024 21:42:24 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 8F77 0
0 142ms
72ms Document
text/html 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H&co=aHR0cHM6Ly9zdXBwb3J0LmRlZmVuZGVycy5vcmc6NDQz&hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&size=normal&cb=909hz5q682zl

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n_-tXp78642LV_jztH1MdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-n_-tXp78642LV_jztH1MdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 21:42:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame B20A
Redirect Chain

https://insight.adsrvr.org/track/up?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/upb/?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1

0
0

45ms
44ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Sun, 25 Aug 2024 21:42:25 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 415
date: Sun, 25 Aug 2024 21:42:25 GMT
location: https://match.adsrvr.org/track/upb/?adv=muomgar&ref=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&upid=2xjomfe&upv=1.1.0&paapi=1
server: Kestrel

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame E040 0
0 58ms
57ms Document
text/html 142.250.65.164
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=i7X0JrnYWy9Y_5EYdoFM79kV&k=6LdjFAUTAAAAAOR0XkVp_ORlGPrlOB_WMer01f2H

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/i7X0JrnYWy9Y_5EYdoFM79kV/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.164 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s71-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-y7C6MNrBlhazSah-DAsTFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://support.defenders.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-y7C6MNrBlhazSah-DAsTFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 25 Aug 2024 21:42:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 favicon.png
defenders.org/themes/custom/particle/apps/drupal/ 50 KB
50 KB 245ms
245ms Other
image/png 23.185.0.2
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://defenders.org/themes/custom/particle/apps/drupal/favicon.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.185.0.2 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

0e5f147435f26bbcf8594ef67e683d5e7b2ef4e9906c13e0d32127377105d448

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-cache-hits: 40, 0
strict-transport-security: max-age=300
date: Sun, 25 Aug 2024 21:42:26 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe2-a-bb6646cfc-7xr4f
age: 433119
x-cache: HIT, HIT
content-length: 51030
x-served-by: cache-chi-kigq8000100-CHI, cache-yyz4554-YYZ
last-modified: Tue, 20 Aug 2024 21:08:56 GMT
server: nginx
x-timer: S1724622147.785902,VS0,VE4
etag: "66c505e8-c756"
content-type: image/png
x-styx-req-id: 7d17be8b-5f3a-11ef-ae47-aab4a42908cf
cache-control: max-age=31622400
accept-ranges: bytes
expires: Thu, 21 Aug 2025 21:23:48 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
0 49ms
47ms Fetch
text/plain 216.239.38.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-GVV6YX8Y4E&gtm=45je48l0v875794897za200zb6703658&_p=1724622142618&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1261189313.1724622143&ecid=496161024&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1724622143&sct=1&seg=0&dl=https%3A%2F%2Fsupport.defenders.org%2Fpage%2F71661%2Fdonate%2F1%3Fea.tracking.id%3Dweb_home_content&dt=Defenders%20of%20Wildlife%20%7C%20Fight%20the%20Faces%20of%20Extinction!&en=scroll&epn.percent_scrolled=90&_et=31&tfd=6470
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GVV6YX8Y4E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://support.defenders.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Aug 2024 21:42:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://support.defenders.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
support.defenders.org/page	1969-12-31 23:59:59	Name: JSESSIONID Value: krwx5Mdzl74bn9DjxalXjjS1uI5spTt-ksiKMt18.use2-prd-web3
.defenders.org/page	1970-01-20 23:03:45	Name: en_sessionId Value: 7a389d3a2f874dbd80c33dd2384563b9-use2-prd-web3
.defenders.org/	1970-01-20 23:05:08	Name: SESStakeover Value: true
.support.defenders.org/	1970-01-20 23:03:43	Name: __cf_bm Value: 1.1GmLRyZ8_sytDLYO0pMrkCdkmJN_ugF_CkChOoPkM-1724622142-1.0.1.1-2To2ScAMtaz3G0QAdgexLlDYOvOyCoZJ9dr2Ai3zipbKe8DBqnOFcncWUGSbN2GeLVrEjgiek63Q1gFBFv26DWnXktb68rvQQssflhJ_7y0
.defenders.org/	1970-01-21 01:13:18	Name: _gcl_au Value: 1.1.994382328.1724622143
tags.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id Value: s%3A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%2FDcrjgLhCazRVtCqs
.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id Value: s%3A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%2FDcrjgLhCazRVtCqs
tags.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id-v2 Value: s%3AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%2BOQbX%2FmiKuRQGnYn8fWI9RU2Aa0y8w97%2FMX%2BLz8
.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id-v2 Value: s%3AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%2BOQbX%2FmiKuRQGnYn8fWI9RU2Aa0y8w97%2FMX%2BLz8
tags.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id-v3 Value: s%3AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgv8qutgYwAToEED3EAEIEF9K7qw.a9an6nPjWdy7uAwu7FEyG4rSy69s71dqdUBL2T7R35s
.srv.stackadapt.com/	1970-01-21 07:49:18	Name: sa-user-id-v3 Value: s%3AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgv8qutgYwAToEED3EAEIEF9K7qw.a9an6nPjWdy7uAwu7FEyG4rSy69s71dqdUBL2T7R35s
support.defenders.org/	1970-01-21 07:49:18	Name: sa-user-id Value: s%253A0-4bef2d5a-c747-50ed-7c2b-b3f828f12986.RsBIbXf2l41YyH5Ay0CjDPsq1l%252FDcrjgLhCazRVtCqs
support.defenders.org/	1970-01-21 07:49:18	Name: sa-user-id-v2 Value: s%253AS-8tWsdHUO18K7P4KPEphpVYEOQ.63f7%252BOQbX%252FmiKuRQGnYn8fWI9RU2Aa0y8w97%252FMX%252BLz8
support.defenders.org/	1970-01-21 07:49:18	Name: sa-user-id-v3 Value: s%253AAQAKIKM6FfCdCG96t9AjW-vbP-Mj2KbCkAURqZw2zgS6JWBkENYBGAQgv8qutgYwAToEED3EAEIEF9K7qw.a9an6nPjWdy7uAwu7FEyG4rSy69s71dqdUBL2T7R35s
.tiktok.com/	1970-01-21 08:25:18	Name: _ttp Value: 2lATzUq6nIsdMSYNn6vINjfNV8s
.defenders.org/	1970-01-21 08:39:42	Name: _ga Value: GA1.1.1261189313.1724622143
.defenders.org/	1970-01-21 08:39:42	Name: _ga_GVV6YX8Y4E Value: GS1.1.1724622143.1.0.1724622143.60.0.496161024
support.defenders.org/	1970-01-20 23:13:46	Name: AWSALB Value: oyJxE6ogji29v2L52DuRI6qnLvLEuauFOVUO9nTC+Yz9vnjx6dfqQ1gr6qmv4KC2/bxIoYfpiw1aUCsgpju+fp661OvavrfoNqo42j8hKXtf/roHpfuD81nuA5yj
support.defenders.org/	1970-01-20 23:13:46	Name: AWSALBCORS Value: oyJxE6ogji29v2L52DuRI6qnLvLEuauFOVUO9nTC+Yz9vnjx6dfqQ1gr6qmv4KC2/bxIoYfpiw1aUCsgpju+fp661OvavrfoNqo42j8hKXtf/roHpfuD81nuA5yj
.defenders.org/	1970-01-20 23:48:20	Name: ndp_session_id Value: 6087dc2c-7f58-4c6e-b35b-485cb08f21ba
.defenders.org/	1970-01-21 01:13:18	Name: _fbp Value: fb.1.1724622143495.356923614502101523
.ipredictive.com/	1970-01-21 07:49:18	Name: cu Value: dd457d0a-3840-4849-9e46-4a2d88cc5155\|1724622143682
.defenders.org/	1970-01-21 08:25:18	Name: _tt_enable_cookie Value: 1
.defenders.org/	1970-01-21 08:25:18	Name: _ttp Value: c5hyS02xBiLymU-YUTZWUI4bHHn
.support.defenders.org/	1970-01-21 07:49:18	Name: cf_clearance Value: KWThw30w8gA66O6.ahoJJciAsty07PS4QMGqOnzsotg-1724622143-1.2.1.1-tCYZqFl.p0egCZKEe_Sa_vb2W4uJay0FyaRTc2.Sef__.yc06pZgOQSdv_Eh36WaI6fl0rDSoIy1KB45NWNvTWmRO5qH0DQmBZNIy11Jt06FlAKumCL8bnOkd6Q0rUxZF74rROQ3YqPpSNoGZWwGbkM92RowZkveMTgI0.HOlo0rQzr9Don69SQyuSuuk8UwVU50nKVxokWM1SkiV6HdhBcIIZ60nkpu1qvKvHPecKvmoENXcR2ankZqKnIQnaKS6WU23T2qw8yTWyEZvsKeMlxWVl3VlmCLszlqGFM4crX0TFEqRjRNdXjxsrSACQl950xILByM6XUAALjLn9eKTUf5eMD6qqkupAvLUnZ50btnKpp9Os6USfE2HOfWidN2
.defenders.org/	1970-01-20 23:05:08	Name: _uetsid Value: ea139850632a11efa9f73f962b601d21
.defenders.org/	1970-01-21 08:25:18	Name: _uetvid Value: ea13d770632a11efa3b083fbeb0db46e
.bing.com/	1970-01-21 08:25:18	Name: MUID Value: 34FBA06644F4646F2797B48045DE658A
.bat.bing.com/	1970-01-20 23:13:46	Name: MR Value: 0
.adsrvr.org/	1970-01-21 07:49:18	Name: TDID Value: 9e4c5ee5-39ab-4d8d-b770-2b902ec97b97
.rubiconproject.com/	1970-01-21 07:49:18	Name: audit_p Value: 1\|2zVS3i5bmVhjZBswDK6KG1vJjV5kxXps7QS6c6qYqOLsf3zahXrs4bbhtcdgvSE3DKYDb56COeqM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLt6m4hGdpVJoqZ+2lXL51lRq3IDaYlwL1m4cSq2e0da9aNloLUr3KwQJ2BxkTD4SS1bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.rubiconproject.com/	1970-01-21 07:49:18	Name: khaos Value: M0A3HWPC-E-3RSZ
.rubiconproject.com/	1970-01-21 07:49:18	Name: khaos_p Value: M0A3HWPC-E-3RSZ
.rubiconproject.com/	1970-01-21 07:49:18	Name: audit Value: 1\|2zVS3i5bmVhjZBswDK6KG1vJjV5kxXps7QS6c6qYqOLsf3zahXrs4bbhtcdgvSE3DKYDb56COeqM1KxoLazIt9i2Wk5FrGos0XY24Ec+XLt6m4hGdpVJoqZ+2lXL51lRq3IDaYlwL1m4cSq2e0da9aNloLUr3KwQJ2BxkTD4SS1bOz6AjJtUa8ZnH3r7x5VAdeodiyl5GGjkt77VmXBK7kiCfUmSYXqD+ohH/uuQN8oOr/S07bYDcYQkZmofZQkSVSwKu1RXSJT0/fhu8/pkBO4VeIulq+4M1TRwmTZWV3Xc6UO785F0Pw==
.doubleclick.net/	1970-01-21 08:39:42	Name: IDE Value: AHWqTUlhYDKD_5pB_jJaAa7N6gisdVfNnNaURU-OL8DtOUVcZTlJVcYOpAbhz5jLESc
.adnxs.com/	1970-01-21 08:39:42	Name: receive-cookie-deprecation Value: 1
.adsrvr.org/	1970-01-21 07:49:18	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsIuMu2gpvWoj0QBRIXCghhcHBuZXh1cxILCNiR0vma1qI9EAUSFgoHcnViaWNvbhILCP6v0vma1qI9EAUYBSACKAMyCwjg0NSmsdaiPRAFQg8iDQgBEgkKBXRpZXIxEAFaB211b21nYXJgAQ..

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acb0a5d73b67fccd4bbe-c2d8138f0ea10a18dd4c43ec3aa4240a.ssl.cf5.rackcdn.com
ad.ipredictive.com
ads.nextdoor.com
analytics.google.com
analytics.tiktok.com
api.neverbounce.com
bat.bing.com
cdn.neverbounce.com
connect.facebook.net
defenders.org
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js.adsrvr.org
js.ipredictive.com
js.verygoodvault.com
match.adsrvr.org
pixel.mathtag.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
support.defenders.org
tags.srv.stackadapt.com
td.doubleclick.net
www.facebook.com
www.google.ca
www.google.com
www.googletagmanager.com
www.gstatic.com
104.18.10.207
104.18.33.71
108.139.33.128
142.250.65.164
142.250.65.195
142.250.72.99
142.250.80.34
142.250.80.40
142.250.80.42
142.251.40.130
142.251.41.3
150.171.27.10
157.240.241.1
157.240.241.35
172.253.122.156
18.214.210.6
216.239.38.181
23.185.0.2
23.201.183.177
23.206.172.61
3.167.37.48
3.168.122.104
35.166.165.90
35.71.131.137
52.72.145.167
52.85.61.2
52.85.61.58
54.225.28.140
74.121.140.211
06da0eac0ce4b954f318a36de67dff7ed067f0bdce428aea0f3af92a8b9ec276
0e5f147435f26bbcf8594ef67e683d5e7b2ef4e9906c13e0d32127377105d448
13676148fef839548f3e9c5106d8383fe9d3f6a82a7cfd0146693cbb0316a043
1425b3dc4e809e5488aae10e2eb2511f652c6a9c3845c98c3fe69f07fe0c9e2b
184bf34e905bf0fd293f0ff7667ef88a6b46ecaee398a4d9b8ab78d4a2eabaeb
28b53b4d649bf60e411ab09c39876463b974b995fa05c3290cebda90d3faeb4c
37412337e0163886147739badedad9c26799fad86084b52a5694b96fd0ed4ed6
45408a1abe0c4fb0c8c69f63e1b86df282b2838628884ab3170f4a12b51b3af0
472700da53b5c2e7c8e21b3314b7b13ee282abbbb8127e34b4dd8c26c906f505
505549ac9575aaf296267c006641ea43b9d798f4504d2ebd7920e3fa67e2788c
50a98b0680aaaaa9407001661f18904e29d76402c3da7ad64246413886fc64b3
5ca4bed2f42648726b9d68e13d73cd48671636444cb3e23f59e814b51a3e4796
683d2c3662055d8661f8d87a0b7121a3ca9a3d2e1b36fc381ccd56a60ca56660
6a8234e3601e48bb1837e8db8b9a2492014b054265d837cd9817dc22d5171f37
6cb5358a8fed38a17a8869014ec1426b96dbf83859686a0a137950d0d1d734e8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a9db86be2231f6e1c69840ba668a81d412f0c3ed1cfe630bed053130422d259
8210b002c51550eb271577baa262bfa71a159c989cc2e03acb993c621423661d
82adafd2815d9ca49a6771392b15c4c7683f0490a8825ead54dd2d2594d44c62
8868fe35e43a3dad02df8f14b34e303b7faabaf85e8456579d01428becbd19f0
88e85d4ec893dba78d776cacd3d97805d3cccaae67ea044cba019989b88b3232
986396491426dd783041c67d14d8e8bf5dcce5d191da57b9e064ca27f1301e41
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab5cf3d36b476cd8a2939e3b7a58af36cb31a61bd24e8659189b5c91bf881a76
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c0461e4dfff8239dbdc7a575a4b512902c8848ca7f50c223572644e070a34dff
c2889401199073a999df5333484b8c950451a343fa6ec46179348078211b4647
c400c9a480e1a5cd354e929f19b5714d6752bc48f7128eb80d793a2ba25895bd
c58ca353473b6167dce127ba600a74757e1fc6eb3f2c2caafd7a77c46edd0018
c605ea7b426b2c39c05cb81b6a9517eeff064bb786ec0b058b5a7a0296768b7c
c64cddc349202defdca8bcf51d8a905d5f8810cc76f08c1e6561800f1dd5708a
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
d3ff47b33f6e790d82238d78c7eb82b32483cc0cc53a9d32846ed3c79c84ebea
d85cafc9267f4d8c219e630e4c43c8ad2840f665a8eea06799d82ada5cf581a8
de0a685865e11857eb59fc72c7bc426af104c0307e099ba7377d4afe6503058d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46c3dcea43d010f9d80f5e952680feca85df73f8ce34cae90154e73db130760
e79246268023b3e5648e3d2095e65fbfbc769c325b010ab5643c0627925d140c
eaecd37c99456618bb416352b3981c2280d42177948cfab9639be2544567dd43
eca3d595535caba0a195853677f4469ff47ad7581b3b08692423e8156f9d2f01
ee18fa1ada74c5d3261424bcc1c4f077510c31a06bee0ff6742f180ed14c57d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

support.defenders.org Open in urlscan Pro 104.18.33.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

0 %IPv6

20 Domains

30 Subdomains

29 IPs

2 Countries

1176 kBTransfer

3430 kBSize

37 Cookies

3 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

support.defenders.org Open in urlscan Pro
104.18.33.71 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

0 %
IPv6

20
Domains

30
Subdomains

29
IPs

2
Countries

1176 kB
Transfer

3430 kB
Size

37
Cookies

69 HTTP transactions
0 data transactions