action.eko.org Open in urlscan Pro
76.76.21.123 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://act.sumofus.org/go/697623?amount=4&currency=USD&t=1008&akid=134437.23049002.jhQmri
Effective URL:
https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=tru...
Submission: On June 20 via manual (June 20th 2024, 9:38:02 am UTC) from BR — Scanned from DE

Summary HTTP 98 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 21 domains to perform 98 HTTP transactions. The main IP is 76.76.21.123, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is action.eko.org.
TLS certificate: Issued by R3 on May 13th 2024. Valid for: 3 months.

This is the only time action.eko.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.241.230.214 54.241.230.214	16509 (AMAZON-02) (AMAZON-02)
2 32	76.76.21.123 76.76.21.123	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:311... 2606:4700:3110::6812:341b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
3	52.218.182.33 52.218.182.33	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:2844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	151.101.1.91 151.101.1.91	54113 (FASTLY) (FASTLY)
4 9	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700:303... 2606:4700:3030::ac43:8b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	76.223.13.31 76.223.13.31	16509 (AMAZON-02) (AMAZON-02)
22	52.29.121.142 52.29.121.142	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::c6... 2606:4700::c6d9:fbfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1 2	34.147.177.40 34.147.177.40	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:2800:233... 2606:2800:233:ce53:4396:b914:64c2:638e	15133 (EDGECAST) (EDGECAST)
98	26

1 54.241.230.214 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-230-214.us-west-1.compute.amazonaws.com

act.sumofus.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 76.76.21.123 (Walnut, United States) 2 redirects

ASN16509 (AMAZON-02, US)

action.eko.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3110::6812:341b (United States)

ASN13335 (CLOUDFLARENET, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o142675.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.logr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.218.182.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

champaign-assets-production.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2844 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:34::36 (United States) 4 redirects

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3030::ac43:8b77 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.223.13.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 52.29.121.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.66.133 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.147.177.40 (London, United Kingdom) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.177.147.34.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lhr.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:ce53:4396:b914:64c2:638e (United States)

ASN15133 (EDGECAST, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	eko.org 2 redirects action.eko.org	926 KB
26	braintreegateway.com 1 redirects client-analytics.braintreegateway.com — Cisco Umbrella Rank: 10560 assets.braintreegateway.com — Cisco Umbrella Rank: 21808	6 KB
7	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3125	2 KB
6	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	150 KB
5	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 8645 b.stats.paypal.com — Cisco Umbrella Rank: 6896 lhr.stats.paypal.com — Cisco Umbrella Rank: 42038 c6.paypal.com — Cisco Umbrella Rank: 10808	24 KB
4	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 11078	5 KB
4	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
3	amazonaws.com champaign-assets-production.s3.us-west-2.amazonaws.com	8 KB
2	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 29245	115 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
2	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 9910	4 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	71 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	169 KB
2	sentry.io o142675.ingest.sentry.io	544 B
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 8842
1	gstatic.com www.gstatic.com	207 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	254 B
1	logr-ingest.com cdn.logr-ingest.com — Cisco Umbrella Rank: 20207	168 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1692	398 B
1	sumofus.org 1 redirects act.sumofus.org — Cisco Umbrella Rank: 934679	224 B
98	21

	Domain	Requested by
32	action.eko.org	2 redirects action.eko.org
22	client-analytics.braintreegateway.com	action.eko.org
5	ka-f.fontawesome.com	action.eko.org
5	region1.analytics.google.com	4 redirects action.eko.org
4	assets.braintreegateway.com	1 redirects action.eko.org
4	payments.braintree-api.com	action.eko.org
4	region1.google-analytics.com	action.eko.org
3	champaign-assets-production.s3.us-west-2.amazonaws.com	action.eko.org
2	c.paypal.com	action.eko.org c.paypal.com
2	songbird.cardinalcommerce.com	action.eko.org songbird.cardinalcommerce.com
2	www.facebook.com	action.eko.org
2	cdn.growthbook.io	action.eko.org
2	connect.facebook.net	action.eko.org connect.facebook.net
2	www.google.com	action.eko.org www.gstatic.com
2	www.googletagmanager.com	action.eko.org
2	o142675.ingest.sentry.io	action.eko.org
1	c6.paypal.com	action.eko.org
1	lhr.stats.paypal.com	action.eko.org
1	b.stats.paypal.com	1 redirects
1	ssl.kaptcha.com	action.eko.org
1	www.gstatic.com	www.google.com
1	www.google.de	action.eko.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	kit.fontawesome.com	action.eko.org
1	cdn.logr-ingest.com	action.eko.org
1	polyfill.io	action.eko.org
1	act.sumofus.org	1 redirects
98	27

This site contains links to these domains. Also see Links.

Domain
news.mongabay.com
apnews.com
eko.org
www.instagram.com
www.youtube.com
twitter.com
www.tiktok.com
www.facebook.com

Subject Issuer	Validity	Valid
action.eko.org R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.polyfill.io Sectigo RSA Domain Validation Secure Server CA	`2024-02-20` - `2025-02-19`	a year	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
logr-ingest.com GTS CA 1P5	`2024-05-30` - `2024-08-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-29` - `2024-06-27`	3 months	crt.sh
cdn.growthbook.io R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google.de WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Frame ID: A61AF3C3DCAFE957BFDCB9FEF8156DE4
Requests: 86 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb24uZWtvLm9yZzo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=l6nmqblq3iy9
Frame ID: 38E3A572714DDB179ED0291138DD0349
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html
Frame ID: D960146FD7FE12EBE1617340C3ADEE74
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802
Frame ID: E0CF6FA347F4AE2EC5DC18480EC33E12
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 91BA875374D7E9F819776B7B4176A8C6
Requests: 1 HTTP requests in this frame

Frame: https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14
Frame ID: F5F504D4CC7E929B94171E52D5717E9D
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html
Frame ID: 91AC71843A46517A43A10558BAA9B9A0
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html
Frame ID: 6D1A84A84222BA69B77681733FBF8155
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Save the Amazon and its people

Page URL History Show full URLs

https://act.sumofus.org/go/697623?amount=4&currency=USD&t=1008&akid=134437.23049002.jhQmri HTTP 302
https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&curren... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

98
Requests

92 %
HTTPS

54 %
IPv6

21
Domains

27
Subdomains

26
IPs

4
Countries

1858 kB
Transfer

6219 kB
Size

9
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://news.mongabay.com/2024/05/new-bill-to-expand-farmlands-in-the-amazon-can-derail-brazils-green-efforts/
Title: New bill to expand farmlands in the Amazon may derail Brazil’s green efforts

Search URL Search Domain Scan URL

URL: https://news.mongabay.com/2024/01/lulas-ambitious-green-agenda-runs-up-against-congresss-agribusiness-might/
Title: Lula’s ambitious green agenda runs up against Congress’s agribusiness might

Search URL Search Domain Scan URL

URL: https://apnews.com/article/brazil-congress-indigenous-rights-fffc3e9ed5ccade64dd0064d375f763a
Title: Brazil’s Congress overrides president’s veto to reinstate legislation threatening Indigenous rights

Search URL Search Domain Scan URL

URL: https://eko.org/
Title: Home

Search URL Search Domain Scan URL

URL: https://eko.org/about
Title: About

Search URL Search Domain Scan URL

URL: https://eko.org/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://eko.org/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eko.movement/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Eko.Movement

Search URL Search Domain Scan URL

URL: https://twitter.com/Eko_Movement

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@eko.movement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Eko.Movement/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://act.sumofus.org/go/697623?amount=4&currency=USD&t=1008&akid=134437.23049002.jhQmri HTTP 302
https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://action.eko.org/api/status/ HTTP 308
https://action.eko.org/api/status

Request Chain 40

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=933505467&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&cu=USD&uid=23049002&sid=1718876277&sct=1&seg=0&ci=134437&cm=email&cn=save-the-amazon-and-its-people&cs=mailing&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&dt=Save%20the%20Amazon%20and%20its%20people&en=add_to_cart&_c=1&_ee=1&pr1=idcustom-amount-from-mailing~nmcustom-amount-from-mailing~lnamount%20from%20mailing~pr4.00~qt1&ep.anonymize_ip=false&ep.value=4.00&tfd=1184&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=1445152044742593078&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F

Request Chain 41

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=933505467&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=3&cu=USD&uid=23049002&sid=1718876277&sct=1&seg=0&ci=134437&cm=email&cn=save-the-amazon-and-its-people&cs=mailing&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&dt=Save%20the%20Amazon%20and%20its%20people&en=begin_checkout&_c=1&_ee=1&pr1=idcustom-amount-from-mailing~nmcustom-amount-from-mailing~lnamount%20from%20mailing~pr4.00~qt1&ep.anonymize_ip=false&ep.value=4.00&tfd=1184&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=3798671016949064904&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F

Request Chain 45

https://action.eko.org/api/status/ HTTP 308
https://action.eko.org/api/status

Request Chain 46

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=933505467&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=4&cu=USD&uid=23049002&sid=1718876277&sct=1&seg=0&ci=134437&cm=email&cn=save-the-amazon-and-its-people&cs=mailing&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&dt=Save%20the%20Amazon%20and%20its%20people&en=add_to_cart&_c=1&_ee=1&pr1=idcustom-amount-from-mailing~nmcustom-amount-from-mailing~lnamount%20from%20mailing~pr4.00~qt1&ep.anonymize_ip=false&ep.value=4.00&_et=26&tfd=1214&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=10469672661578168123&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F

Request Chain 47

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=933505467&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=5&cu=USD&uid=23049002&sid=1718876277&sct=1&seg=0&ci=134437&cm=email&cn=save-the-amazon-and-its-people&cs=mailing&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&dt=Save%20the%20Amazon%20and%20its%20people&en=begin_checkout&_c=1&_ee=1&pr1=idcustom-amount-from-mailing~nmcustom-amount-from-mailing~lnamount%20from%20mailing~pr4.00~qt1&ep.anonymize_ip=false&ep.value=4.00&tfd=1215&_z=fetch HTTP 302
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=9152181710539999613&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F

Request Chain 72

https://assets.braintreegateway.com/data/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802 HTTP 302
https://ssl.kaptcha.com/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802

Request Chain 74

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14 HTTP 302
https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request save-the-amazon-and-its-people Show response
action.eko.org/a/
Redirect Chain

https://act.sumofus.org/go/697623?amount=4&currency=USD&t=1008&akid=134437.23049002.jhQmri
https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008

94 KB
25 KB

269ms
213ms

Document
text/html

76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

d9d3777e44f93e649032c6b1fa09d5cd24aa9e5faf27b502418e07a9cc695186

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 98
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 09:36:18 GMT
etag: W/"g14w4kvkg021m0"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /a/[campaign_slug]
x-powered-by: Next.js
x-vercel-cache: STALE
x-vercel-id: fra1::iad1::2jrdx-1718876277004-dfaadaad08d9

Redirect headers

content-length: 0
content-type: text/html; charset=utf-8
date: Thu, 20 Jun 2024 09:37:56 GMT
location: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
server: openresty
vary: Cookie, Origin

GET
H2 200 aa79b4efa0e6c094.css
action.eko.org/_next/static/css/ 55 KB
12 KB 11ms
10ms Stylesheet
text/css 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

179e8018f9948bf64e934ebdacec2adc956b91025683c6bd68ff4be8fb670c68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7l72s-1718876277222-d67d30dc83a2
age: 11600
x-matched-path: /_next/static/css/aa79b4efa0e6c094.css
etag: W/"bfb560d02573380416fb6f9278355823"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="aa79b4efa0e6c094.css"

GET
H2 200 2dbd38df1217ec6c.css
action.eko.org/_next/static/css/ 1 KB
649 B 12ms
12ms Stylesheet
text/css 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/css/2dbd38df1217ec6c.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7k728-1718876277222-0ecb235580ac
age: 88128
x-matched-path: /_next/static/css/2dbd38df1217ec6c.css
etag: W/"077c03d76098a88c00f515eb80809855"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="2dbd38df1217ec6c.css"

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
398 B 69ms
31ms Script
text/javascript 2606:4700:3110::6812:341b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?version=3.111.0&features=globalThis%2CIntersectionObserverEntry%2CIntersectionObserver%2CMutationObserver%2CResizeObserver%2Cperformance.now%2CArrayBuffer%2CIntl.Locale
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3110::6812:341b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cdn-server: Global
date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 20 Jun 2024 08:01:39 GMT
server: cloudflare
age: 5778
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 896ac87ce82b3630-FRA
expires: Thu, 20 Jun 2024 10:37:57 GMT

GET
H2 200 webpack-7fdb40e4bbd08031.js Show response
action.eko.org/_next/static/chunks/ 5 KB
3 KB 10ms
8ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/webpack-7fdb40e4bbd08031.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c9de986de8ca29da64d1c13a702eba504dece84b6e969f442e52d6dc7c8776bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7k728-1718876277233-af34d8eff7a2
age: 88462
x-matched-path: /_next/static/chunks/webpack-7fdb40e4bbd08031.js
etag: W/"e90954810f7ea6f89af453b844a4c2dd"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-7fdb40e4bbd08031.js"

GET
H2 200 framework-3dc6cf18c7d98a48.js Show response
action.eko.org/_next/static/chunks/ 138 KB
46 KB 17ms
15ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/framework-3dc6cf18c7d98a48.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bf8754d316f3c1ba39924f7e2746d6220089073f756acf4c3d8c334a0558b7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2jrdx-1718876277233-5d89143fca64
age: 83200
x-matched-path: /_next/static/chunks/framework-3dc6cf18c7d98a48.js
etag: W/"950d455bc5dd02e861a3419799602701"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="framework-3dc6cf18c7d98a48.js"

GET
H2 200 main-1e3dfc1c4b03c520.js Show response
action.eko.org/_next/static/chunks/ 108 KB
33 KB 25ms
22ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/main-1e3dfc1c4b03c520.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

633855ae712c5ff5c909aafc1b374a9b2339404283dd0a4f99ca26ca6afd4dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::wdjbl-1718876277233-42c21e1f2da2
age: 8988
x-matched-path: /_next/static/chunks/main-1e3dfc1c4b03c520.js
etag: W/"539c7188a6496a04d0d4e5a202a36555"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-1e3dfc1c4b03c520.js"

GET
H2 200 _app-25afc334f095590c.js Show response
action.eko.org/_next/static/chunks/pages/ 1 MB
338 KB 11ms
9ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

95133889085886b9edf5fb7ed027923cdb0bf7b9e6ee256e4c830535440f77c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7l72s-1718876277233-96e8d6e83eeb
age: 90717
x-matched-path: /_next/static/chunks/pages/_app-25afc334f095590c.js
etag: W/"59c61a89e38a5c7db3375e69effe5361"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_app-25afc334f095590c.js"

GET
H2 200 c16184b3-15aba453b0c3c082.js Show response
action.eko.org/_next/static/chunks/ 2 KB
1 KB 23ms
21ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/c16184b3-15aba453b0c3c082.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e395943f952b21c32b552a5e369e0a7ab87f30b3d8ffb38a95d0f39a92087958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7pmxq-1718876277233-0068d871e1be
age: 9212
x-matched-path: /_next/static/chunks/c16184b3-15aba453b0c3c082.js
etag: W/"990651df823bd67f9fc6d46b5929db9a"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="c16184b3-15aba453b0c3c082.js"

GET
H2 200 638014a0-497614741d5f0431.js Show response
action.eko.org/_next/static/chunks/ 307 KB
77 KB 32ms
31ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8919e77312f2a4234c3b71e85bad6cb358c3ff63686baa7b41076eb04ff8f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9rfrj-1718876277234-f5334d84da22
age: 10352
x-matched-path: /_next/static/chunks/638014a0-497614741d5f0431.js
etag: W/"908f065d6aece6cc47b06efc73341b16"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="638014a0-497614741d5f0431.js"

GET
H2 200 75fc9c18-6e6e359797342aa6.js Show response
action.eko.org/_next/static/chunks/ 58 KB
20 KB 18ms
16ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/75fc9c18-6e6e359797342aa6.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0ed7c483fe234f47b5db906d0ef82bf8a1dcb7e87f3f422d04b3b1d8554e8aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::z8wh9-1718876277233-632621843ee1
age: 9314
x-matched-path: /_next/static/chunks/75fc9c18-6e6e359797342aa6.js
etag: W/"b60a7128ea79fb849dd54524f9f8ddac"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="75fc9c18-6e6e359797342aa6.js"

GET
H2 200 9766-7b72d8e6310e7f55.js Show response
action.eko.org/_next/static/chunks/ 418 KB
132 KB 11ms
9ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/9766-7b72d8e6310e7f55.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

440f69eff8444ca06c0b12defe20abe52dd11ac977b8104daada4125c8c096a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pbcdp-1718876277233-8f0f8fceceb7
age: 90819
x-matched-path: /_next/static/chunks/9766-7b72d8e6310e7f55.js
etag: W/"54e300876d48eb4eaca50298f6052505"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="9766-7b72d8e6310e7f55.js"

GET
H2 200 3161-b54a922db9228cdd.js Show response
action.eko.org/_next/static/chunks/ 10 KB
4 KB 29ms
28ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/3161-b54a922db9228cdd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f41979f89b89803b739a24bd2625e44113a28afcac28bf1790cd1af7736b9aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pfldt-1718876277233-43f4863aeb97
age: 78757
x-matched-path: /_next/static/chunks/3161-b54a922db9228cdd.js
etag: W/"3a7fa526904ae09ab44b7f8eeed81151"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="3161-b54a922db9228cdd.js"

GET
H2 200 1008-87fd9033154b720d.js Show response
action.eko.org/_next/static/chunks/ 109 KB
31 KB 30ms
28ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/1008-87fd9033154b720d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1f62b245b5fdb33f22af1a2e8e95edf1d739de25f96ff2b1e1a35eaaa6e1f6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::6mvcj-1718876277233-289d98e9a948
age: 88649
x-matched-path: /_next/static/chunks/1008-87fd9033154b720d.js
etag: W/"00ad9708a46a9432f7c752a6b62773ef"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="1008-87fd9033154b720d.js"

GET
H2 200 %5Bcampaign_slug%5D-fa168cc076c22f04.js Show response
action.eko.org/_next/static/chunks/pages/a/ 4 KB
2 KB 28ms
26ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/pages/a/%5Bcampaign_slug%5D-fa168cc076c22f04.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

475439002f972dc8bed3acaaf5b57e0c755deb50afdfc4727e302492c3b68bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::2jrdx-1718876277239-a6967e49a5c7
age: 92142
x-matched-path: /_next/static/chunks/pages/a/%5Bcampaign_slug%5D-fa168cc076c22f04.js
etag: W/"3a6f0b1371b9e19b241903d35fe3c097"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="[campaign_slug]-fa168cc076c22f04.js"

GET
H2 200 _buildManifest.js Show response
action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/ 1 KB
728 B 25ms
24ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a6f80717c972241a151ba0b994a6b6bf6c342aa851cdadfb4d17f4b0da40ef21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::z8wh9-1718876277239-e578c6535227
age: 9008
x-matched-path: /_next/static/G1km4fnYtLUR57uc0fXQO/_buildManifest.js
etag: W/"0f5cab579b6da7ac9d7ef6942232bc8d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 _ssgManifest.js Show response
action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/ 168 B
360 B 25ms
24ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7dc42ffebba11642d0baf2550de9893f6baa6a6bc042ecd244a3792669f6b7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7pmxq-1718876277239-3b1d2e485cf8
age: 92797
x-matched-path: /_next/static/G1km4fnYtLUR57uc0fXQO/_ssgManifest.js
etag: "1cec8fa09251c1766d5f1c144ae1c3cb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_ssgManifest.js"
accept-ranges: bytes
content-length: 168

POST
H2 200 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 2 B
300 B 48ms
11ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 logger-1.min.js Show response
cdn.logr-ingest.com/ 845 KB
168 KB 69ms
39ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.logr-ingest.com/logger-1.min.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbd2a6041c7f28b5676adc7c76e0e9136693490a9f94c80b2573bad7a468486e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 285
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230038-FRA
last-modified: Tue, 18 Jun 2024 19:35:38 GMT
server: cloudflare
x-timer: S1718739591.271266,VS0,VE3
etag: W/"f4d4ddae45340a3e49ca866a9b67ee1faea0f376fe56776fcf3dd823548ba2f6-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hMvoRqwW2KujUwfbQtOCo%2BWN3ioBsEKXQWOuHlKDI0DjXFPCJVTheXJEdbvj%2B2MSm4nAnjJMAzbq74aRltrNffW707XbA%2FScoZRUH9YgfV%2BHglATQ8C2Dbentkq1j7%2F8wMGje6h%2F8WavMsUpJLDsKiO8"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 896ac87d6c1e3643-FRA
x-cache-hits: 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 324 KB
104 KB 64ms
42ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMEW5CDHC1&l=ga4DataLayer

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8b8b1e19854550223f870e367a4290182ceffe51308634e0abef549b18d353dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106498
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 20 Jun 2024 09:37:57 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 178 KB
65 KB 57ms
36ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c31948b2f68675a85fee37e85b81fd269643af65a9b7dec39a601838ca0bc87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66068
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Jun 2024 09:37:57 GMT

GET
H2 200 551.ecc9260f4d8be85b.js Show response
action.eko.org/_next/static/chunks/ 1 KB
836 B 10ms
10ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/551.ecc9260f4d8be85b.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-7fdb40e4bbd08031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6d701b2890169e835d9384a422988f61e0b535f407d6b2b8e1cb3a605d16b83a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pl58g-1718876277424-193e8d48c90d
age: 9281
x-matched-path: /_next/static/chunks/551.ecc9260f4d8be85b.js
etag: W/"b616df17e0f3fd8aafbff4395637d290"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="551.ecc9260f4d8be85b.js"

GET
H2 200 image
action.eko.org/_next/ 24 KB
24 KB 11ms
11ms Image
image/webp 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.eko.org/_next/image?url=https%3A%2F%2Fsumofus.imgix.net%2Fimages%2Fcontents%2F000%2F028%2F015%2Foriginal%2F01_amazon_490_1200w_copy.png%3Fcrop%3Dedges%26auto%3Dformat%26fit%3Dclip%26w%3D980%26h%3D500%26ixlib%3Dreact-9.8.1&w=640&q=75

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/main-1e3dfc1c4b03c520.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5afe39e6518570deef41ccd05624bb336114db519c1380564a0709c6abf6d8cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Tue, 11 Jun 2024 06:10:54 GMT
strict-transport-security: max-age=63072000
age: 790023
x-vercel-imgsrc: c3a2da1369affbc4c7a8e65bacb35ee2
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="01_amazon_490_1200w_copy.webp"
content-length: 24112
last-modified: Tue, 11 Jun 2024 06:10:54 GMT
server: Vercel
x-vercel-id: fra1::hqgn5-1718876277425-4271fd3b72e4
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 6408.4d561433c0e4c222.js Show response
action.eko.org/_next/static/chunks/ 37 KB
12 KB 11ms
11ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/6408.4d561433c0e4c222.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-7fdb40e4bbd08031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dbaafe7a1006e416a1efd1e53fb4f1af18c71d58b8779b058fb941cc9c31ddf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9rfrj-1718876277428-b65e7c1cf591
age: 17988
x-matched-path: /_next/static/chunks/6408.4d561433c0e4c222.js
etag: W/"6a91674730d88c471b80139e59e338a9"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="6408.4d561433c0e4c222.js"

GET
H2 200 6154.1d1279f9f41cc7a3.js Show response
action.eko.org/_next/static/chunks/ 29 KB
11 KB 9ms
9ms Script
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-7fdb40e4bbd08031.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ce6785673dc22cb997b9f1f4737078668ecd2b60eea10138ad4abdd891b92522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7l72s-1718876277426-25d0635bb345
age: 10095
x-matched-path: /_next/static/chunks/6154.1d1279f9f41cc7a3.js
etag: W/"272721c8b42976d786d0c5a9ba1b7cb0"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="6154.1d1279f9f41cc7a3.js"

GET
H2

201

status Show response
action.eko.org/api/
Redirect Chain

https://action.eko.org/api/status/
https://action.eko.org/api/status

23 B
182 B

115ms
114ms

Fetch
application/json

76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/status

Requested by

Protocol

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6716727ba6856e8902b1c9c6d7b4b2b7ddb1e14cbec10e44a7d6bf76d5edd813

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::iad1::hqgn5-1718876277456-3d1b3d17abbc
age: 0
x-matched-path: /api/status
etag: "fyldulds3xn"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, must-revalidate
content-length: 23

Redirect headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pl58g-1718876277427-907363d37e88
content-type: text/plain
location: /api/status
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/status

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1013 B 34ms
18ms Script
text/javascript 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1a749a0b110b8acbb2d94d6b342706cb82ea15078f91f8af75468425eff5188e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Thu, 20 Jun 2024 09:37:57 GMT

GET
H/1.1 200
OK Eko_Logo_Purple.svg
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 1 KB
2 KB 554ms
188ms Image
image/svg+xml 52.218.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/Eko_Logo_Purple.svg
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.182.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f680993d38ab5fb27f295afc5e25cff413bb2db882c6adee4730963937055b60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Last-Modified: Fri, 06 Jan 2023 12:52:35 GMT
Server: AmazonS3
x-amz-request-id: 4J0MBKWP1YWVQ74K
ETag: "b529f6ab691fcfc4893374968421abb9"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1200
x-amz-id-2: cnXL+9arzb+8/Yf1YAk/EGZgi/Ld1Os+cz+b0171CXp63u+tdzt93jzPy9Lt7WsIyJTrVHErYtY=

GET
H/1.1 200
OK Eko_Logo_White.svg
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 1 KB
2 KB 607ms
229ms Image
image/svg+xml 52.218.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/Eko_Logo_White.svg
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.182.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d70128e4980e86c085a22261c696ee11385c6a3063e7865cac40730cf3c1f54a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Last-Modified: Fri, 06 Jan 2023 12:52:38 GMT
Server: AmazonS3
x-amz-request-id: 4J0G9XWVBBMEBQJP
ETag: "80b85711688fefa79dad42401accc2fc"
x-amz-server-side-encryption: AES256
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1200
x-amz-id-2: ZC4w93gIJrn4jvZ7uOM0aXyEIbaYGOJnlpAIcveo8Eu2ti3EBMHKnyKto47SVlLBZrIbOzaIH9o=

GET
H2 200 2dbd38df1217ec6c.css Show response
action.eko.org/_next/static/css/ 1 KB
0 0ms
0ms Fetch
text/css 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://action.eko.org/_next/static/css/2dbd38df1217ec6c.css
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
baggage: sentry-environment=production,sentry-release=620f53c8103e96f350625a32ddec0fa361aace31,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=e47d48726e69449c87c62cf35fa1f430,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true
sentry-trace: e47d48726e69449c87c62cf35fa1f430-a1febe7d639cf0c3-1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
server: Vercel
x-vercel-id: fra1::7k728-1718876277222-0ecb235580ac
age: 88128
x-matched-path: /_next/static/css/2dbd38df1217ec6c.css
etag: W/"077c03d76098a88c00f515eb80809855"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="2dbd38df1217ec6c.css"

GET
H2 200 Poppins-Regular.woff2
action.eko.org/fonts/ 48 KB
48 KB 10ms
10ms Font
font/woff2 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/fonts/Poppins-Regular.woff2

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b897b9fecc3c8751c321c06c243e75ac3e533b7f594bca75a68cf40e5fe3206

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::9rfrj-1718876277443-fef23e7f1e7f
age: 9709
x-matched-path: /fonts/Poppins-Regular.woff2
etag: "bebb23ead35b42aaf2cb2ddf30d5339b"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="Poppins-Regular.woff2"
accept-ranges: bytes
content-length: 49048

GET
H2 200 Poppins-Bold.woff2
action.eko.org/fonts/ 48 KB
48 KB 12ms
12ms Font
font/woff2 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/fonts/Poppins-Bold.woff2

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7d65b2e5e0e2ccfd42a74c7fabfd7295c1bddbf5f90f35d90120a1afca776c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7l72s-1718876277443-9f73dfcf5352
age: 9213
x-matched-path: /fonts/Poppins-Bold.woff2
etag: "e4c7b713e4aa4df2effbb68ae349eabd"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="Poppins-Bold.woff2"
accept-ranges: bytes
content-length: 48748

GET
H2 200 Poppins-SemiBold.woff2
action.eko.org/fonts/ 47 KB
48 KB 10ms
10ms Font
font/woff2 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/fonts/Poppins-SemiBold.woff2

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

87f22b75adda0e4687b4e415ebc21e88b261e0f2600a01781bb22554b9f8c949

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/_next/static/css/aa79b4efa0e6c094.css
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::hqgn5-1718876277443-92d98824d806
age: 10021
x-matched-path: /fonts/Poppins-SemiBold.woff2
etag: "bb8f49b65a0581c340859912a352f061"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="Poppins-SemiBold.woff2"
accept-ranges: bytes
content-length: 48508

GET
H2 200 _buildManifest.js Show response
action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/ 1 KB
690 B 12ms
9ms Fetch
application/javascript 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/G1km4fnYtLUR57uc0fXQO/_buildManifest.js?1718876277447

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a6f80717c972241a151ba0b994a6b6bf6c342aa851cdadfb4d17f4b0da40ef21

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
baggage: sentry-environment=production,sentry-release=620f53c8103e96f350625a32ddec0fa361aace31,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=e47d48726e69449c87c62cf35fa1f430,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true
sentry-trace: e47d48726e69449c87c62cf35fa1f430-bbbac8bc32e0d580-1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::7l72s-1718876277457-39dc3720d494
age: 90219
x-matched-path: /_next/static/G1km4fnYtLUR57uc0fXQO/_buildManifest.js
etag: W/"0f5cab579b6da7ac9d7ef6942232bc8d"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="_buildManifest.js"

GET
H2 200 0259555302.js Show response
kit.fontawesome.com/ 12 KB
5 KB 62ms
32ms Script
text/javascript 2606:4700:4400::6812:2844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/0259555302.js
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/main-1e3dfc1c4b03c520.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d708534093417a9ac257862859064da6d75a401b996c4664c3bb14fd796b4e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 12
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 896ac87e7a6a3a73-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9qs20zSeSEL01unVQsh

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 28ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 09:37:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1328, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 4mXE/Z4+NrtRzY7NnxXpPu5WtPBi+rjKh9tndnFAqAuctlroTwPWkTcGRFwuu8B0LAq8q5NH7zGqqLcX1kGTcQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK 6df9307e-bac5-4c40-a6ed-d718d13098c5
https://action.eko.org/ 471 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://action.eko.org/6df9307e-bac5-4c40-a6ed-d718d13098c5
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ae5d7e5c70e1d535de3f8ecd7dc26a63388ef5d20254895438f1e3852951eb9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 482471
Content-Type

GET
H2 200 token Show response
action.eko.org/api/braintree/ 3 KB
2 KB 200ms
200ms Fetch
application/json 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/braintree/token?merchantAccountId=sumofus

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f7a6fe482851d8546ad3073cadf4c977e01a52d14445ac69e6b00885f45b2b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
baggage: sentry-environment=production,sentry-release=620f53c8103e96f350625a32ddec0fa361aace31,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=e47d48726e69449c87c62cf35fa1f430,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true
sentry-trace: e47d48726e69449c87c62cf35fa1f430-b0fa6b615566f1b2-1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::iad1::9rfrj-1718876277509-7c84b02b3673
age: 0
x-matched-path: /api/braintree/token
etag: W/"14ep4u87hzv2l0"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, must-revalidate

GET
H2 200 sdk-bNj7ZTsKYzLGY2TN Show response
cdn.growthbook.io/api/features/ 5 KB
4 KB 36ms
7ms Fetch
application/json 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-bNj7ZTsKYzLGY2TN
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 2ffe78a2207125acdb34adb9cb664a05556fb02e748c7e9a6ef89bf377499132

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-sse-support: enabled
date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 32
x-powered-by: Express
x-cache: HIT, HIT
content-length: 4062
x-served-by: cache-iad-kjyo7100079-IAD, cache-fra-eddf8230031-FRA
x-timer: S1718876278.543945,VS0,VE1
etag: W/"14bd-j1EoTjj//f5t2d+cRYLeHqscvb0"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges: bytes
x-cache-hits: 5, 1

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 42ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&_gaz=1&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=933505467&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&dt=Save%20the%20Amazon%20and%20its%20people&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&dp=%2Fa%2Fsave-the-amazon-and-its-people&uid=23049002&sid=1718876277&sct=1&seg=0&ci=134437&cm=email&cn=save-the-amazon-and-its-people&cs=mailing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=false&ep.page_hash=&tfd=1183&_z=fetch
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://action.eko.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 66ms
20ms Ping
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PMEW5CDHC1&cid=198063445.1718876278&gtm=45je46h0v868788875za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMEW5CDHC1&l=ga4DataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://action.eko.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=93...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=1445152044742593078&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&...

0
0

58ms
52ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=1445152044742593078&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x3a6aa9d30451bae","source_keys":["1"]},{"key_piece":"0x2d135caf218909de","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"1445152044742593078","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["658075530"],"5":["06-20","06-19","06-18"]}}
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=1445152044742593078&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 481
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=93...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=3798671016949064904&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa...

0
0

172ms
166ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=3798671016949064904&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x3a6aa9d30451bae","source_keys":["1"]},{"key_piece":"0xb2e4c5ddfa6e70e1","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"3798671016949064904","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["658075530"],"5":["06-20","06-19","06-18"]}}
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=3798671016949064904&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 484
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 45ms
29ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PMEW5CDHC1&cid=198063445.1718876278&gtm=45je46h0v868788875za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l2&npa=0&frm=0&z=16398201

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/ 518 KB
207 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 15:20:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210814
x-xss-protection: 0
last-modified: Sat, 15 Jun 2024 04:02:13 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Jun 2025 15:20:36 GMT

GET
H2 200 token Show response
action.eko.org/api/braintree/ 3 KB
2 KB 325ms
193ms Fetch
application/json 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/braintree/token?merchantAccountId=sumofus

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

4d972047e5b4f4561599f7178ef07c72f1b6144ae676b6d0eac38ab7d1de9f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
baggage: sentry-environment=production,sentry-release=620f53c8103e96f350625a32ddec0fa361aace31,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=e47d48726e69449c87c62cf35fa1f430,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true
sentry-trace: e47d48726e69449c87c62cf35fa1f430-90542bfa613dc0aa-1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::iad1::5mxz7-1718876277710-3ea416360a0b
age: 0
x-matched-path: /api/braintree/token
etag: W/"i975xmx2ff2l0"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, must-revalidate

GET
H2

201

status Show response
action.eko.org/api/
Redirect Chain

https://action.eko.org/api/status/
https://action.eko.org/api/status

23 B
95 B

121ms
120ms

Fetch
application/json

76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/status

Requested by

Protocol

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6716727ba6856e8902b1c9c6d7b4b2b7ddb1e14cbec10e44a7d6bf76d5edd813

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::iad1::pfldt-1718876277622-182682f4b04e
age: 0
x-matched-path: /api/status
etag: "fyldulds3xn"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, must-revalidate
content-length: 23

Redirect headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::pl58g-1718876277595-2c458e2b60b8
content-type: text/plain
location: /api/status
cache-control: public, max-age=0, must-revalidate
refresh: 0;url=/api/status

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=93...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=10469672661578168123&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0...

0
0

143ms
137ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=10469672661578168123&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x3a6aa9d30451bae","source_keys":["1"]},{"key_piece":"0x2d135caf218909de","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"10469672661578168123","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["658075530"],"5":["06-20","06-19","06-18"]}}
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=10469672661578168123&dma=1&dma_cps=sypham&en=add_to_cart&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 482
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

https://region1.analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je46h0v868788875za200&_p=1718876277345&gcd=13l3l3l2l2&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=198063445.1718876278&ecid=93...
https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=9152181710539999613&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa...

0
0

135ms
129ms

Fetch
text/plain

2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=9152181710539999613&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
attribution-reporting-register-trigger: {"aggregatable_trigger_data":[{"key_piece":"0x3a6aa9d30451bae","source_keys":["1"]},{"key_piece":"0xb2e4c5ddfa6e70e1","source_keys":["2","3","4"]}],"aggregatable_values":{"1":65,"2":65,"3":65,"4":6356},"debug_key":"9152181710539999613","debug_reporting":true,"event_trigger_data":[{"filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"1"}],"filters":{"2":["658075530"],"5":["06-20","06-19","06-18"]}}
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=198063445.1718876278&dbk=9152181710539999613&dma=1&dma_cps=sypham&en=begin_checkout&gtm=45je46h0v868788875za200&npa=0&tid=G-PMEW5CDHC1&dl=https%3A%2F%2Faction.eko.org%3F
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 484
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 101 KB
23 KB 57ms
44ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free.min.css?token=0259555302
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
via: 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 6794010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"7f29cd8c97789aa298af8c61623ca28b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hkLUJtraSIsxKHrO202Pvkm3xNOS%2Ffl%2Fbmb4nj6wvgwq8KC23f5BxkPduHTnRfO3rgcJyIHvbVxgQILkQ1lkTjITbSbcoToakEEtrpvg%2F52dG0RJOK5lX5vvJVUfU0Kv0%2FvKCV5Z11T3S27JKHxCW8WXlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 896ac87f2d409119-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: LCTbGny3gsTnEu2hvjd0k-VWNkmlVYp7oev5doFlJQvUaY_5yKXbZQ==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 27 KB
5 KB 45ms
32ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-shims.min.css?token=0259555302
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
via: 1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 290772
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"940b066040a876fa1dc7b2ee2d222a58"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zx9A2biJC%2FJoaF8ul4CkY7Rb1pWASjsUdaXHz8z5d414SjeNpr0tjgFadcitM6Otmd33E6atOPT3VSP1S22LfSbJvS7lJgVoAPxvWckFZBhSJkT1VyrMbbQQF0ANp45KXphgegQsyoICrbHlQcyeq0%2FgGw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 896ac87f2d3d9119-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: mxDmJ81ajakDbDwJQptfYPvB-cdNQnLoQhLOJfgJT-dnvkUGYKs3wg==

GET
H3 200 free-v5-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 823 B
1002 B 43ms
31ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v5-font-face.min.css?token=0259555302
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 6794010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"a3d53e21a02e37af6cbc00ac63b3cc1e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hoRTV6FWGZ0iwYNox72lxjyAmiYpkEbI55zQSsyAW4irY2%2FW0Y6z6sM%2BC9qlSxVvIHX2F22D5%2Bq5WSJFyDsyZwxVdzUfL4EU2Iswf6u%2BlOW1KqfUcBpc6x6Se7FP5nE%2BPeMhgLQ02zSTHVToyVMqKemuKA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 896ac87f2d3e9119-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: __7PhnjFeC5OX2kEYI3FqT0-dcD5ZKR0IqlBfOvNTV7floLMgl8wog==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v6.5.2/css/ 2 KB
1 KB 42ms
30ms Fetch
text/css 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/css/free-v4-font-face.min.css?token=0259555302
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 6794010
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 02 Apr 2024 15:26:25 GMT
server: cloudflare
etag: W/"9c9f596493867f0e7ef5f9fe99103fce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7eU5sQQ3iaDnXQV5qd%2BgT7XwRQ1q8XV5Abf5tOPb%2BEQT8yjg52ShSnyuXie0o6t%2FLwez%2BLbmgi7EqD8JNZysL8FCf%2BLJbXbQU5w2z161c6h7i4iDP7%2F%2BwajOMNPqNnPjQivim0%2FVk%2B0ztbPEsPqkxb02kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 896ac87f2d3a9119-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: bJc0UZ_0QdRPCePnYXlvr11HfUBVM80L2stpikiPUX3PyBEVBZIRUA==

GET
H2 200 938117079582809 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/938117079582809?v=2.9.158&r=stable&domain=action.eko.org&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ae0a9b07911b655e6f7c25315cab2d59939baafafcf36f86702345879e29388

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 20 Jun 2024 09:37:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12464
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=62, mss=1328, tbw=63544, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: tQ545Qvl24axqbOkc1E8sYImlQomwptJSWVVYJCEg27hCfvhVYucVsINr1WttJ+MTN23zR5ueeTmsv3M6Z0XFw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 token Show response
action.eko.org/api/braintree/ 3 KB
2 KB 486ms
200ms Fetch
application/json 76.76.21.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/braintree/token?merchantAccountId=sumofus

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.123 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7fcef5cca939fcd77fb0ad2bb445d80e60422b75d9d9eba52ffd62a9194d8751

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
baggage: sentry-environment=production,sentry-release=620f53c8103e96f350625a32ddec0fa361aace31,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=e47d48726e69449c87c62cf35fa1f430,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true
sentry-trace: e47d48726e69449c87c62cf35fa1f430-a0809fe70b8735ef-1
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:58 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::iad1::5mxz7-1718876277906-68478e29e00a
age: 0
x-matched-path: /api/braintree/token
etag: W/"ipow500ie62l0"
x-vercel-cache: MISS
content-type: application/json; charset=utf-8
cache-control: public, max-age=0, must-revalidate

GET
H2 200 sdk-bNj7ZTsKYzLGY2TN
cdn.growthbook.io/sub/ 22 B
0 8ms
7ms EventSource
text/event-stream 151.101.1.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-bNj7ZTsKYzLGY2TN
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://action.eko.org/
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200104-IAD, cache-fra-eddf8230031-FRA
date: Thu, 20 Jun 2024 09:37:57 GMT
via: 1.1 varnish, 1.1 varnish
age: 17
x-timer: S1718876278.623991,VS0,VE1
x-powered-by: Express
x-cache: HIT, HIT
content-type: text/event-stream
access-control-allow-origin: *
cache-control: private, no-store
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 28ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=938117079582809&ev=PageView&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&rl=&if=false&ts=1718876277630&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718876277630.534624012215707169&ler=empty&cdl=API_unavailable&it=1718876277606&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 20 Jun 2024 09:37:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 184ms
163ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=938117079582809&ev=PageView&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fsave-the-amazon-and-its-people%3Fakid%3D134437.23049002.jhQmri%26amount%3D4%26currency%3DUSD%26one_click%3Dtrue%26rd%3D1%26recurring_default%3Donly_one_off%26source%3Dfwd%26t%3D1008&rl=&if=false&ts=1718876277630&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718876277630.534624012215707169&ler=empty&cdl=API_unavailable&it=1718876277606&coo=false&rqm=FGET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xcfc62620a053df6c","source_keys":["1","2"]},{"key_piece":"0x91758fed64f72004","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 20 Jun 2024 09:37:57 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382517397147507176", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=3106, tp=-1, tpl=-1, uplat=156, ullat=0
pragma: no-cache
x-fb-debug: D+h6Xaeud/fg+/+F/81mjT92ZMMgmrWj0gX9Zs4h+j3DmK73NHjZhmnD8vU5dYfXYbDDRfDrvZ7NhqvGRnT4Bg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382517397147507176"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame 38E3 0
0 42ms
29ms Document
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb24uZWtvLm9yZzo0NDM.&hl=de&v=KXX4ARWFlYTftefkdODAYWZh&size=invisible&cb=l6nmqblq3iy9

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/KXX4ARWFlYTftefkdODAYWZh/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zz5VNwbpJvfDTqLQYIJCCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zz5VNwbpJvfDTqLQYIJCCA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Jun 2024 09:37:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 free-fa-brands-400.woff2
ka-f.fontawesome.com/releases/v6.5.2/webfonts/ 115 KB
116 KB 17ms
17ms Font
font/woff2 2606:4700:3030::ac43:8b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v6.5.2/webfonts/free-fa-brands-400.woff2
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
age: 2259201
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 117856
last-modified: Tue, 02 Apr 2024 15:51:14 GMT
server: cloudflare
etag: "5674af1ac41fe62c1b4568cbb6a031ff"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPIsMspHQFvTMQeV4sqb4LvIwwl9T6gtxMOnjpnYLQFQYKQZ8%2FkWvCbnXG3%2B0XXJUwJgzGTkbG8KIyPwK3SdCyVhK6tbFW4KW71Ah%2B9N%2BtHDOpWRaU6iCxclkgiWx5eDj%2BLlOrVdDg6fEnfkqPdyzWWxUw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 896ac87fae159119-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: EH5RLBa1o6agYG1lZ7D87vaDVW3dHJtCa_fx5lio4m2H_a4DfzvS5g==

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 52ms
13ms Preflight 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://action.eko.org
access-control-max-age: 1800
date: Thu, 20 Jun 2024 09:37:57 GMT
paypal-debug-id: b3a682e3111c4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 3 KB
2 KB 65ms
65ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

6636a95dcce1251e7b4caa926ddfe1cd31b9d2f312745b9c6e3a91295c172854

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MTg5NjI2NzcsImp0aSI6IjYzMzAwMjJkLTZiN2QtNDYyMy1hZjE2LTQzODAzYmQzNTQ3MSIsInN1YiI6InE0YnRxNHRieWtzbXZqdnMiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InE0YnRxNHRieWtzbXZqdnMiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoic3Vtb2Z1cyJ9fQ.bv1KL6slkprwmJNWGAA7vbwL_d9wM3lTa5xSkRmz4RW3Dy3McGmHWl-VOC81UlASuuE3uKoXQYNQB_p2jkrkUA
Braintree-Version: 2018-05-10
Content-Type: application/json
Referer: https://action.eko.org/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://action.eko.org
paypal-debug-id: ed358dabeeb74
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1328

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 61ms
9ms Preflight 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jun 2024 09:37:57 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 60ms
8ms Preflight 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jun 2024 09:37:57 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
11ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 13ms
12ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 52ms
8ms Preflight 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jun 2024 09:37:57 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 80ms
42ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1688
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d4MCNSWqhY5eMEz%2BYdEzJcVaIkbzhsi0u%2BAB8si%2FhiJBZGlQualzna8Om9gt1pikCk%2BerICfoeK0ueJYYIGvYpm6ODT92xsWhRNZNy7kX9KUE2Hgz100IPT81%2BVYZcFSesTF4WIUU3ry%2BtTUAPV%2FVX%2FNtUGNmemvL7Y9"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
cf-ray: 896ac880ba00975e-FRA
expires: Thu, 20 Jun 2024 13:37:57 GMT

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 12ms
11ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html
assets.braintreegateway.com/web/3.102.0/html/ Frame D960 0
0 85ms
8ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 3558
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Thu, 20 Jun 2024 09:37:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6633f9a1-2d9c"
last-modified: Thu, 02 May 2024 20:37:53 GMT
paypal-debug-id: 55e49b4f28ecb
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000055e49b4f28ecb-7fdc0997e480ee20-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 34, 12
x-content-type-options: nosniff
x-served-by: cache-sjc1000092-SJC, cache-fra-eddf8230078-FRA
x-timer: S1718876278.923553,VS0,VE0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
11ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 67 KB
23 KB 46ms
7ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (dac/9C80) /

Resource Hash

89e5a3b4fc30e4eaa8d2a1c3f92df4cceb08abd20dc637581da096177247ea1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 790569
date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 750260
x-cache: HIT
paypal-debug-id: 21e2ba61c45cb
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 22927
x-served-by: cache-fra-eddf8230025-FRA
last-modified: Tue, 11 Jun 2024 16:22:38 GMT
server: ECAcc (dac/9C80)
traceparent: 00-000000000000000000021e2ba61c45cb-ea4c280339ab32a6-01
x-timer: S1718876278.881962,VS0,VE1
etag: W/"666879ce-10d7d"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: x-csrf-token
expires: Fri, 21 Jun 2024 09:37:57 GMT

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 51ms
9ms Preflight 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Jun 2024 09:37:57 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

logo.htm
ssl.kaptcha.com/ Frame E0CF
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802
https://ssl.kaptcha.com/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802

0
0

532ms
168ms

Document
text/html

35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 41
Content-Type: text/html
Date: Thu, 20 Jun 2024 09:37:58 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 348237a8-76f6-424e-a2d2-dfd607897521

Redirect headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public, max-age=3600
content-length: 138
content-type: text/html
date: Thu, 20 Jun 2024 09:37:58 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://ssl.kaptcha.com/logo.htm?m=null&s=5e07e4024ac417aea8efade65dbab802
paypal-debug-id: 0528c55518890
strict-transport-security: max-age=31557600
traceparent: 00-00000000000000000000528c55518890-ab6c6d2170636dd8-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-sjc1000133-SJC, cache-fra-eddf8230078-FRA
x-timer: S1718876278.923983,VS0,VE231

GET
H2 200 i
c.paypal.com/v1/r/d/ Frame 91BA 0
0 169ms
157ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 036570160a47d
date: Thu, 20 Jun 2024 09:37:58 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 036570160a47d
server-timing: "traceparent;desc="00-0000000000000000000036570160a47d-328657e8c3751446-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000036570160a47d-156f59977d7a27a0-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230116-FRA
x-timer: S1718876278.932277,VS0,VE150
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
lhr.stats.paypal.com/ Frame F5F5
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14
https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14

42 B
299 B

77ms
25ms

Image
image/jpeg

34.147.177.40
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/save-the-amazon-and-its-people?akid=134437.23049002.jhQmri&amount=4&currency=USD&one_click=true&rd=1&recurring_default=only_one_off&source=fwd&t=1008
Protocol: HTTP/1.1
Server: 34.147.177.40 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 40.177.147.34.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://lhr.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=5678afdf9bddbc79a1178962246b0913&t=1718876277.838&a=14
Date: Thu, 20 Jun 2024 09:37:57 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
420 B 256ms
189ms Image
text/plain 2606:2800:233:ce53:4396:b914:64c2:638e
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=5678afdf9bddbc79a1178962246b0913&s=BRAINTREE_SIGNIN

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:ce53:4396:b914:64c2:638e , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (lhd/35A9) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
correlation-id: a4cb0b0b0f0f0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (lhd/35A9)
traceparent: 00-0000000000000000000a4cb0b0b0f0f0-92f31a56d7baa0b2-01
vary: Accept-Encoding
paypal-debug-id: a4cb0b0b0f0f0
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: traceparent;desc="00-0000000000000000000a4cb0b0b0f0f0-7cc89a3ec991f886-01", content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 graphql Show response
payments.braintree-api.com/ 3 KB
2 KB 65ms
65ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

facdc04e8393a20f6070057b483c3efbdb13fcb0fb537139812ae0e950bcf3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MTg5NjI2NzcsImp0aSI6IjUyMTIwMGEzLWNlOWUtNDFiNi04MDQ3LWVkYTU2ZjZmOGU5NyIsInN1YiI6InE0YnRxNHRieWtzbXZqdnMiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InE0YnRxNHRieWtzbXZqdnMiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoic3Vtb2Z1cyJ9fQ.scjHaPAswuzW_KGkzKj6HHLt-eH5PzLP5p0m1EJ6QB3MgA_bF44VR93CxVecn6pbYx1RxEhYz75_DWonwAct7g
Braintree-Version: 2018-05-10
Content-Type: application/json
Referer: https://action.eko.org/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://action.eko.org
paypal-debug-id: 63a83f680a004
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1327

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
112 KB 77ms
56ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Origin: https://action.eko.org
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 09:37:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8526996
cf-polished: origSize=397453
cf-bgj: minify
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
server: cloudflare
etag: W/"0f522ada62dd81:0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJZgq912IcRbibyHFe55YLOzzQ73EHUkipvQgahOnr0%2FJqCjibKW0TVAtSIP663EFRwtjW2ib6hJJrXM%2FSgOtxmSro%2BuMUZ43XiEhM%2FRec6fDaiA87JMWOddmx3Bc%2BYbCN%2ByTWxd5epwP8THq%2BgEcyi3xmazwFcgNZqR"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=15552000
cf-ray: 896ac8814df83835-FRA
expires: Tue, 17 Dec 2024 09:37:58 GMT

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
11ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
10ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
11ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html
assets.braintreegateway.com/web/3.102.0/html/ Frame 91AC 0
0 0ms
0ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 3558
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Thu, 20 Jun 2024 09:37:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6633f9a1-2d9c"
last-modified: Thu, 02 May 2024 20:37:53 GMT
paypal-debug-id: 55e49b4f28ecb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000055e49b4f28ecb-7fdc0997e480ee20-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 34, 12
x-content-type-options: nosniff
x-served-by: cache-sjc1000092-SJC, cache-fra-eddf8230078-FRA
x-timer: S1718876278.923553,VS0,VE0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 10ms
10ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 17ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 11ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:57 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H2 200 graphql Show response
payments.braintree-api.com/ 3 KB
2 KB 66ms
66ms XHR
application/json 76.223.13.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.13.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

3c7175a9a7dbd46bbc918b8678216f295597fbca8313faba1485858c10b71825

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MTg5NjI2NzgsImp0aSI6ImMwZWMwMjYyLTJmZDAtNGI1NC04MTk1LTVhNjNjOGJlOTIwMyIsInN1YiI6InE0YnRxNHRieWtzbXZqdnMiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InE0YnRxNHRieWtzbXZqdnMiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoic3Vtb2Z1cyJ9fQ.PhcCi-1K4Sx3qvxRyCQQVz3vr3jCTcijpMKRzrDXstxLC3OVxkN0L3DWapF3Zqwdd78ZtYNdMug6J1KoNR0ynw
Braintree-Version: 2018-05-10
Content-Type: application/json
Referer: https://action.eko.org/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 20 Jun 2024 09:37:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://action.eko.org
paypal-debug-id: 3ad6a825a14c4
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1328

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 8ms
8ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html
assets.braintreegateway.com/web/3.102.0/html/ Frame 6D1A 0
0 0ms
0ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 3558
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Thu, 20 Jun 2024 09:37:57 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6633f9a1-2d9c"
last-modified: Thu, 02 May 2024 20:37:53 GMT
paypal-debug-id: 55e49b4f28ecb
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000055e49b4f28ecb-7fdc0997e480ee20-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 34, 12
x-content-type-options: nosniff
x-served-by: cache-sjc1000092-SJC, cache-fra-eddf8230078-FRA
x-timer: S1718876278.923553,VS0,VE0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 9ms
9ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 8ms
8ms XHR
text/plain 52.29.121.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.29.121.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-121-142.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 20 Jun 2024 09:37:58 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H/1.1 200
OK favico.ico
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 4 KB
5 KB 190ms
189ms Other
image/x-icon 52.218.182.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/favico.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.182.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee6da6d74d2eb9f06aca74cb5d8053884676a45cf9e7b2c4814c33a09162a3cd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Thu, 20 Jun 2024 09:37:59 GMT
Last-Modified: Thu, 25 Apr 2024 16:14:23 GMT
Server: AmazonS3
x-amz-request-id: 29B00VA812BM8AG2
ETag: "b8c38945e21d36e0eae78f5aa2dc2af0"
x-amz-server-side-encryption: AES256
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 4286
x-amz-id-2: yV4EGJAg7ncy11eQvgm+6h+yw2wc4U/B7Q7sU1XLlnHYS22WHDBBmbzSPKD0RYGf2HaUCHXa2oE=

POST
H2 429 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 198 B
244 B 29ms
16ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-25afc334f095590c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://action.eko.org/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 20 Jun 2024 09:37:59 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-sentry-rate-limits: 60:transaction;profile:organization:transaction_usage_exceeded
retry-after: 60

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
action.eko.org/	1970-01-20 21:27:59	Name: unique_id Value: y5J-55vD2sDOqUoM
action.eko.org/	1970-01-21 06:13:32	Name: pronto_id Value: HFppbZ3fLJpjlfsGbtFgo2cL
.eko.org/	1970-01-21 07:03:56	Name: _ga Value: GA1.1.198063445.1718876278
.eko.org/	1970-01-21 07:03:56	Name: _ga_PMEW5CDHC1 Value: GS1.1.1718876277.1.0.1718876277.60.1.933505467
.eko.org/	1970-01-20 23:37:32	Name: _fbp Value: fb.1.1718876277630.534624012215707169
.region1.google-analytics.com/	1970-01-20 23:37:32	Name: ar_debug Value: 1
.paypal.com/	1970-01-21 07:03:56	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 2Z1ShRjIr6k4Kp0EjBLOQwU5YE1BHqzUB1Z9xeMkxxBftJ1aaQr3P3UPI6rBpJc0WkNUyxbqkG55J470
.paypal.com/	1970-01-20 21:27:58	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 07:03:56	Name: sc_f Value: glCtx0lb_MU9kBAwWMkqh6qwgr1eveGQD0WPRtVZONepQ_4CDZcmxcqjbMgbSfBr8osmG7JGM--m148POLp_Qv30ZbZf9-pwMHuWYW

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.sumofus.org
action.eko.org
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.growthbook.io
cdn.logr-ingest.com
champaign-assets-production.s3.us-west-2.amazonaws.com
client-analytics.braintreegateway.com
connect.facebook.net
ka-f.fontawesome.com
kit.fontawesome.com
lhr.stats.paypal.com
o142675.ingest.sentry.io
payments.braintree-api.com
polyfill.io
region1.analytics.google.com
region1.google-analytics.com
songbird.cardinalcommerce.com
ssl.kaptcha.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
151.101.1.91
151.101.129.21
151.101.65.21
151.101.66.133
2001:4860:4802:34::36
2606:2800:233:ce53:4396:b914:64c2:638e
2606:4700:3030::ac43:8b77
2606:4700:3110::6812:341b
2606:4700:4400::6812:2844
2606:4700::c6d9:fbfa
2a00:1450:4001:811::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c06::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
2a06:98c1:3120::3
34.120.195.249
34.147.177.40
35.81.31.24
52.218.182.33
52.29.121.142
54.241.230.214
76.223.13.31
76.76.21.123
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
0de3edeabe89b14f48e7856d2cb631722c600ff66839fae178d0567902d62a91
0ed7c483fe234f47b5db906d0ef82bf8a1dcb7e87f3f422d04b3b1d8554e8aee
179e8018f9948bf64e934ebdacec2adc956b91025683c6bd68ff4be8fb670c68
1a749a0b110b8acbb2d94d6b342706cb82ea15078f91f8af75468425eff5188e
1f62b245b5fdb33f22af1a2e8e95edf1d739de25f96ff2b1e1a35eaaa6e1f6a6
2ffe78a2207125acdb34adb9cb664a05556fb02e748c7e9a6ef89bf377499132
3c7175a9a7dbd46bbc918b8678216f295597fbca8313faba1485858c10b71825
3e9c73fa687cd4110688668977a7caa87f5a1dee0d11f03687bd4871deedf1c1
440f69eff8444ca06c0b12defe20abe52dd11ac977b8104daada4125c8c096a8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
475439002f972dc8bed3acaaf5b57e0c755deb50afdfc4727e302492c3b68bd4
4ae0a9b07911b655e6f7c25315cab2d59939baafafcf36f86702345879e29388
4d972047e5b4f4561599f7178ef07c72f1b6144ae676b6d0eac38ab7d1de9f70
5afe39e6518570deef41ccd05624bb336114db519c1380564a0709c6abf6d8cd
612ad04469fba362238294e47106a2e6061ef90c111851c0cdcae2e3ee27a6bb
633855ae712c5ff5c909aafc1b374a9b2339404283dd0a4f99ca26ca6afd4dde
6636a95dcce1251e7b4caa926ddfe1cd31b9d2f312745b9c6e3a91295c172854
6716727ba6856e8902b1c9c6d7b4b2b7ddb1e14cbec10e44a7d6bf76d5edd813
6ae5d7e5c70e1d535de3f8ecd7dc26a63388ef5d20254895438f1e3852951eb9
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
6d701b2890169e835d9384a422988f61e0b535f407d6b2b8e1cb3a605d16b83a
7d65b2e5e0e2ccfd42a74c7fabfd7295c1bddbf5f90f35d90120a1afca776c40
7dc42ffebba11642d0baf2550de9893f6baa6a6bc042ecd244a3792669f6b7cd
7fcef5cca939fcd77fb0ad2bb445d80e60422b75d9d9eba52ffd62a9194d8751
87f22b75adda0e4687b4e415ebc21e88b261e0f2600a01781bb22554b9f8c949
89e5a3b4fc30e4eaa8d2a1c3f92df4cceb08abd20dc637581da096177247ea1a
8b897b9fecc3c8751c321c06c243e75ac3e533b7f594bca75a68cf40e5fe3206
8b8b1e19854550223f870e367a4290182ceffe51308634e0abef549b18d353dd
95133889085886b9edf5fb7ed027923cdb0bf7b9e6ee256e4c830535440f77c7
9699b18200a9d40ed7859411c33cfa2194174a4746d466123107f888d93dc878
a6f80717c972241a151ba0b994a6b6bf6c342aa851cdadfb4d17f4b0da40ef21
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bbd2a6041c7f28b5676adc7c76e0e9136693490a9f94c80b2573bad7a468486e
bf8754d316f3c1ba39924f7e2746d6220089073f756acf4c3d8c334a0558b7fe
c31948b2f68675a85fee37e85b81fd269643af65a9b7dec39a601838ca0bc87c
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
c9de986de8ca29da64d1c13a702eba504dece84b6e969f442e52d6dc7c8776bf
ce6785673dc22cb997b9f1f4737078668ecd2b60eea10138ad4abdd891b92522
d70128e4980e86c085a22261c696ee11385c6a3063e7865cac40730cf3c1f54a
d9d3777e44f93e649032c6b1fa09d5cd24aa9e5faf27b502418e07a9cc695186
dbaafe7a1006e416a1efd1e53fb4f1af18c71d58b8779b058fb941cc9c31ddf8
e1dc27b700a62c005e4521b670cac08fb0b4b3e02a73c1ac44e7f9a9784bd672
e395943f952b21c32b552a5e369e0a7ab87f30b3d8ffb38a95d0f39a92087958
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
ee6da6d74d2eb9f06aca74cb5d8053884676a45cf9e7b2c4814c33a09162a3cd
eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41979f89b89803b739a24bd2625e44113a28afcac28bf1790cd1af7736b9aab
f4e953827930889e844103c3a6771bd2e9de17d091b36378c40362271858e075
f680993d38ab5fb27f295afc5e25cff413bb2db882c6adee4730963937055b60
f7a6fe482851d8546ad3073cadf4c977e01a52d14445ac69e6b00885f45b2b6d
f7d708534093417a9ac257862859064da6d75a401b996c4664c3bb14fd796b4e
f8919e77312f2a4234c3b71e85bad6cb358c3ff63686baa7b41076eb04ff8f1d
facdc04e8393a20f6070057b483c3efbdb13fcb0fb537139812ae0e950bcf3d0

action.eko.org Open in urlscan Pro 76.76.21.123 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

92 %HTTPS

54 %IPv6

21 Domains

27 Subdomains

26 IPs

4 Countries

1858 kBTransfer

6219 kBSize

9 Cookies

12 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

action.eko.org Open in urlscan Pro
76.76.21.123 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

92 %
HTTPS

54 %
IPv6

21
Domains

27
Subdomains

26
IPs

4
Countries

1858 kB
Transfer

6219 kB
Size

9
Cookies

98 HTTP transactions
0 data transactions