actions.sumofus.org Open in urlscan Pro
2600:9000:223f:4c00:9:fd3:9280:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://act.sumofus.org/go/604135?t=1&akid=102118%2E14264772%2EkaxMKT
Effective URL:
https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Submission: On February 16 via manual (February 16th 2022, 3:20:04 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 25 domains to perform 110 HTTP transactions. The main IP is 2600:9000:223f:4c00:9:fd3:9280:93a1, located in United States and belongs to AMAZON-02, US. The main domain is actions.sumofus.org.
TLS certificate: Issued by Amazon on August 15th 2021. Valid for: a year.

This is the only time actions.sumofus.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.9.171.133 52.9.171.133	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:223... 2600:9000:223f:4c00:9:fd3:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
5	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
20	2600:9000:223... 2600:9000:223f:5200:9:fd3:9280:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::ac43:452d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a02:26f0:f7:... 2a02:26f0:f7::5c7b:e024	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	52.35.32.193 52.35.32.193	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
2	52.29.159.59 52.29.159.59	16509 (AMAZON-02) (AMAZON-02)
20	3.124.200.47 3.124.200.47	16509 (AMAZON-02) (AMAZON-02)
1 5	18.66.97.40 18.66.97.40	16509 (AMAZON-02) (AMAZON-02)
5	151.101.129.35 151.101.129.35	54113 (FASTLY) (FASTLY)
1	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
14	2606:4700::c6... 2606:4700::c6d9:fbfa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.3 108.157.4.3	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
1	107.178.240.159 107.178.240.159	() ()
110	30

1 52.9.171.133 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-171-133.us-west-1.compute.amazonaws.com

act.sumofus.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:223f:4c00:9:fd3:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

actions.sumofus.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2600:9000:223f:5200:9:fd3:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)

d210i8t551lxm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:452d (United States)

ASN13335 (CLOUDFLARENET, US)

c.shpg.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:f7::5c7b:e024 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.32.193 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-32-193.us-west-2.compute.amazonaws.com

chg6zpd9u7.execute-api.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.159.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 3.124.200.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.40 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-40.fra56.r.cloudfront.net

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.35 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::c6d9:fbfa (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
centinelapi.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
writer.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-3.dus51.r.cloudfront.net

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.240.159 (None, )

ASN- ()

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	braintreegateway.com 1 redirects client-analytics.braintreegateway.com — Cisco Umbrella Rank: 7174 assets.braintreegateway.com — Cisco Umbrella Rank: 16849	109 KB
20	cloudfront.net d210i8t551lxm.cloudfront.net	2 MB
14	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 22632 centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 22593 geo.cardinalcommerce.com — Cisco Umbrella Rank: 22685 writer.cardinalcommerce.com — Cisco Umbrella Rank: 23198	164 KB
9	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 5776 b.stats.paypal.com — Cisco Umbrella Rank: 4562 dub.stats.paypal.com — Cisco Umbrella Rank: 18070 checkout.paypal.com — Cisco Umbrella Rank: 15222 c6.paypal.com — Cisco Umbrella Rank: 6635	45 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	370 KB
7	sumofus.org 1 redirects act.sumofus.org — Cisco Umbrella Rank: 933514 actions.sumofus.org	762 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	105 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 439 www.linkedin.com — Cisco Umbrella Rank: 602 px4.ads.linkedin.com — Cisco Umbrella Rank: 5087	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	23 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9852	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	386 B
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 5697	813 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	114 KB
1	mixpanel.com api-js.mixpanel.com	373 B
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9441	366 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 67	441 B
1	amazonaws.com chg6zpd9u7.execute-api.us-west-2.amazonaws.com	4 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 830	2 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1195	619 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 2206	26 KB
1	shpg.org c.shpg.org — Cisco Umbrella Rank: 327391	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	29 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1464	36 KB
110	25

	Domain	Requested by
20	client-analytics.braintreegateway.com	d210i8t551lxm.cloudfront.net assets.braintreegateway.com
20	d210i8t551lxm.cloudfront.net	actions.sumofus.org d210i8t551lxm.cloudfront.net
6	actions.sumofus.org	d210i8t551lxm.cloudfront.net
5	geo.cardinalcommerce.com	songbird.cardinalcommerce.com geo.cardinalcommerce.com cdnjs.cloudflare.com
5	songbird.cardinalcommerce.com	actions.sumofus.org songbird.cardinalcommerce.com
5	c.paypal.com	actions.sumofus.org c.paypal.com
5	assets.braintreegateway.com	1 redirects actions.sumofus.org
5	cdnjs.cloudflare.com	actions.sumofus.org geo.cardinalcommerce.com
4	www.google-analytics.com	actions.sumofus.org www.google-analytics.com d210i8t551lxm.cloudfront.net
4	www.gstatic.com	www.google.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	www.google.com	actions.sumofus.org www.gstatic.com www.google.com
2	writer.cardinalcommerce.com	d210i8t551lxm.cloudfront.net
2	centinelapi.cardinalcommerce.com	d210i8t551lxm.cloudfront.net
2	payments.braintree-api.com	d210i8t551lxm.cloudfront.net
2	www.facebook.com	actions.sumofus.org
2	px.ads.linkedin.com	2 redirects
2	cdn.mouseflow.com	1 redirects actions.sumofus.org
2	connect.facebook.net	actions.sumofus.org connect.facebook.net
1	api-js.mixpanel.com	d210i8t551lxm.cloudfront.net
1	c6.paypal.com
1	checkout.paypal.com	actions.sumofus.org
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	ssl.kaptcha.com	actions.sumofus.org
1	stats.g.doubleclick.net	d210i8t551lxm.cloudfront.net
1	chg6zpd9u7.execute-api.us-west-2.amazonaws.com	d210i8t551lxm.cloudfront.net
1	px4.ads.linkedin.com	actions.sumofus.org
1	www.linkedin.com	1 redirects
1	snap.licdn.com	actions.sumofus.org
1	polyfill.io	code.jquery.com
1	fonts.googleapis.com	d210i8t551lxm.cloudfront.net
1	cdn.mxpnl.com	actions.sumofus.org
1	c.shpg.org	actions.sumofus.org
1	code.jquery.com	actions.sumofus.org
1	www.googleoptimize.com	actions.sumofus.org
1	act.sumofus.org	1 redirects
110	37

This site contains links to these domains. Also see Links.

Domain
www.sumofus.org
sumofus.org
www.pressenza.com
news.mongabay.com
policies.google.com

Subject Issuer	Validity	Valid
sumofus.org Amazon	`2021-08-15` - `2022-09-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-07-15` - `2022-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-25` - `2022-02-23`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.execute-api.us-west-2.amazonaws.com Amazon	`2021-09-22` - `2022-10-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2021-12-08` - `2022-11-12`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2020-05-01` - `2022-05-06`	2 years	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2021-07-07` - `2022-08-07`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-02-11` - `2023-03-14`	a year	crt.sh
ssl.kaptcha.com Thawte RSA CA 2018	`2021-11-01` - `2022-11-27`	a year	crt.sh
*.cardinalcommerce.com Thawte RSA CA 2018	`2020-05-07` - `2022-05-07`	2 years	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Frame ID: 25E9AEA3E708FDC57CAC100B87C90660
Requests: 70 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb25zLnN1bW9mdXMub3JnOjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tectf5a1y3no
Frame ID: 85E549028F5E4417CD68E283966315B2
Requests: 7 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/dispatch-frame.min.html
Frame ID: 8E954F4DB09D873A065724B4ECBA3CB3
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e
Frame ID: 727C54662FD02012FE3389A249FB0572
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 9185E2F48C50EF210CAE7958B9997F4D
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14
Frame ID: 12A12DF5A218359964ED6CAA7760B20D
Requests: 1 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.83.0/html/dispatch-frame.min.html
Frame ID: F5E9F490972F7DAE796BDDF778C79253
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 0D376C9CE859F91718BB55A6FDB90D2D
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 02383B74978268FA44E4354F136E3115
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Frame ID: 316BDBF894E37977257BF437BF0D7915
Requests: 1 HTTP requests in this frame

Frame: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird
Frame ID: 39FA82F73FC2DAF3F5EC4BEADBF606A3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Save Ecuador's Choco forest

Page URL History Show full URLs

https://act.sumofus.org/go/604135?t=1&akid=102118%2E14264772%2EkaxMKT HTTP 302
https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd... Page URL

Detected technologies

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

110
Requests

97 %
HTTPS

63 %
IPv6

25
Domains

37
Subdomains

30
IPs

4
Countries

3719 kB
Transfer

5717 kB
Size

17
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sumofus.org/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://sumofus.org/

Search URL Search Domain Scan URL

URL: https://www.pressenza.com/2021/09/ecuador-environmental-defenders-sentenced-to-pay-151000-dollars-to-palm-grower/
Title: Ecuador: Environmental defenders sentenced to pay 151,000 dollars to palm grower

Search URL Search Domain Scan URL

URL: https://news.mongabay.com/2022/02/community-in-ecuador-punished-for-trying-to-stop-alleged-palm-oil-pollution/
Title: Community in Ecuador punished for trying to stop alleged palm oil pollution

Search URL Search Domain Scan URL

URL: https://sumofus.org/privacy
Title: your privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://sumofus.org/about
Title: About

Search URL Search Domain Scan URL

URL: https://sumofus.org/contact
Title: Contact

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://act.sumofus.org/go/604135?t=1&akid=102118%2E14264772%2EkaxMKT HTTP 302
https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4.js HTTP 301
https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4_eu.js

Request Chain 43

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1988588%26time%3D1645024797824%26url%3Dhttps%253A%252F%252Factions.sumofus.org%252Fa%252Fsave-ecuador-s-choco-forest-1%252F%253Fakid%253D102118.14264772.kaxMKT%2526rd%253D1%2526source%253Dfwd%2526t%253D1%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&liSync=true&e_ipv6=AQLSYNOyfqbbkAAAAX8DHmXsJTxFuKNwHZFClufrxsLYUtrppDfHziiTS0pTkGZwXVLe8YSU

Request Chain 67

https://assets.braintreegateway.com/data/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e HTTP 302
https://ssl.kaptcha.com/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e

Request Chain 69

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14 HTTP 302
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
actions.sumofus.org/a/save-ecuador-s-choco-forest-1/
Redirect Chain

https://act.sumofus.org/go/604135?t=1&akid=102118%2E14264772%2EkaxMKT
https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

28 KB
29 KB

1013ms
984ms

Document
text/html

2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

48125007cbc1bc9730bc2087715af2b520e7327da06baca49f82fa1af1ddc3a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' pronto.sumofus.org
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
content-length: 28616
cache-control: max-age=0, private, must-revalidate
content-security-policy: frame-ancestors 'self' pronto.sumofus.org
date: Wed, 16 Feb 2022 15:19:57 GMT
etag: W/"48125007cbc1bc9730bc2087715af2b5"
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.16.1
vary: Origin
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: a43ca58e-820d-48f2-ac9a-5df6503d2c07
x-runtime: 0.244133
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: SQAciy0UHtpyHhKzO6lF8FqNMvPQ2fqjVeRkIN0M0oBwzaMHYagqeQ==

Redirect headers

date: Wed, 16 Feb 2022 15:19:56 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
server: openresty
vary: Cookie, Origin

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 90 KB
36 KB 152ms
48ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NMK9DTB

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16adfeadf95f003ba6787429332c70627d1453671629faf02b61fedb9f821205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35909
x-xss-protection: 0
expires: Wed, 16 Feb 2022 15:19:57 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 66ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e4a"
vary: Accept-Encoding
x-hw: 1645024797.dop226.am5.t,1645024797.cds207.am5.hn,1645024797.cds147.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 rails.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-ujs/1.2.2/ 9 KB
3 KB 47ms
29ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-ujs/1.2.2/rails.min.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1927515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2289
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-220a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKzEW%2F8LHeAcmca2EjghoObMfuxOhY0cFo5DyLWvOCjd34MMUsb3i6Mosd3FOqziem2XFIvUNXe3OBFByLglYKuwP4ozpkD%2BTtkvQw8ACp3aOvKlKjr5K%2BcRAkpdrO%2FV0yxGGuZvSMsxQ6%2BzpQ%2FErhAk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de7c1d6f8989180-FRA
expires: Mon, 06 Feb 2023 15:19:57 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 248 KB
56 KB 51ms
33ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 201549
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57137
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3dee5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMU0Z8bU861R%2Btj44dIaReRlwYohA1uypHXV7MnKJ1dEftGlJSZyXUSBYFqKi5AMvaUY7WctHNqs9ermdqfXD59D0mX56vhrnkPGzizkybVbQHQAKmYEgTegvyWcEQUipGaO%2F685vUfd2BpgnuJY6665"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de7c1d6f89e9180-FRA
expires: Mon, 06 Feb 2023 15:19:57 GMT

GET
H2 200 selectize.min.js Show response
cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.6/js/standalone/ 45 KB
14 KB 45ms
28ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/selectize.js/0.12.6/js/standalone/selectize.min.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f82d00e4896a9aee107123f1ae51a9699c49d38563b118cabbe1bcda49795099

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1927515
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13489
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-b309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=424zHjUHl%2FqedHmAsawdJclgq6GIPh%2FXs1D5ROTWsXqF6Yf8r1b5NyRScaIv%2Fm%2FtHYvC7FGXyRsCeA4bdgV%2BLs3yWu%2FdJ92%2BdV10Gx6xiQA9dAq1HumWMItd6pqdxTL%2FzmTmJwOazONKB%2FJ08YnWjb8O"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de7c1d6f89f9180-FRA
expires: Mon, 06 Feb 2023 15:19:57 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1000 B 137ms
52ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

92f5e8629154a6c59b0d7500f852a6a2a03dad4b104ff370640e789fb12620e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Wed, 16 Feb 2022 15:19:57 GMT

GET
H2 200 runtime~sentry-4773cfc7702fbff03a0e.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 2 KB
2 KB 75ms
26ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~sentry-4773cfc7702fbff03a0e.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 482bf283d9713bc4dc621ec029c90500fa6d589bb550f8a1f2bd2bfa4b21daf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 03:09:38 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 43819
etag: "11a780cffb80077924e1830f7dd9f1bc"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1566
x-amz-cf-id: P2Oo2AKhUp53lvLLd4PnBJ5DoqixtxSzL9vCnqLfRnlUgPOjoHmLwA==

GET
H2 200 27-33cd0ef3c1b854f7259b.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 71 KB
71 KB 75ms
26ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f796fd7e81e24357487b2594468d89780b95b70cdbef65781f758f443a09d95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:47:26 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:59 GMT
server: AmazonS3
age: 37952
etag: "f41eab644d2d4db5f11a1f659885eddb"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 72421
x-amz-cf-id: Jh4ASnsSVFY-HTqMJQUe6VOz1eaLzRmqrrb5BiHZTFNqMEMWi1NVkg==

GET
H2 200 sentry-3ebdef63d0cf2745892c.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 620 B
944 B 79ms
30ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/sentry-3ebdef63d0cf2745892c.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7d5cb548364c4f8261eb3cc74e8eca52f06dde32fbfe79ffb225f2388450a5a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:38:18 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 38500
etag: "e4a7a94c253ab9033083eb7ad73ea2d2"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 620
x-amz-cf-id: Eaag9tBpyXZWo43rARpmBhWVnoWPs2rsRh73JADBalr5uUWTT3l-VA==

GET
H2 200 translations-440b3c53b8fa536c486224a6db07c5f66751635c95278a985c7576ab6f3896bc.js Show response
d210i8t551lxm.cloudfront.net/assets/ 249 KB
250 KB 79ms
31ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/assets/translations-440b3c53b8fa536c486224a6db07c5f66751635c95278a985c7576ab6f3896bc.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 440b3c53b8fa536c486224a6db07c5f66751635c95278a985c7576ab6f3896bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 14:53:18 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:54 GMT
server: AmazonS3
age: 1600
etag: "5a0b4c6589e051ddbdd9e00a1802d114"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 254908
x-amz-cf-id: 8lAon_wcM70bGQFfODCY4-ia0psvWf8xvchNHKMe9iCdJJQidUGVkg==

GET
H2 200 member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
d210i8t551lxm.cloudfront.net/assets/ 151 KB
151 KB 57ms
9ms Stylesheet
text/css 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a3a70f17016a512dc5e092520fecb360e4600062b01327f54cd3d346f02d797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:31:06 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:54 GMT
server: AmazonS3
age: 35332
etag: "f470375fd8063517c7e61f3a2079b502"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 154634
x-amz-cf-id: f0TNviZl5KGqJR1AmIQ4o8sny_gCY8zC5zVQSS_i0I7dh1yelCjBKQ==

GET
H2 200 21-f56fc056.chunk.css
d210i8t551lxm.cloudfront.net/packs/css/ 6 KB
6 KB 72ms
24ms Stylesheet
text/css 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/css/21-f56fc056.chunk.css
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 367fac99b008a589e5ea08e8fd2ed7cd187ae7b0cbe70641a5e1fd13388c80c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:31:03 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:57 GMT
server: AmazonS3
age: 39101
etag: "bb6bfe85849b87ee3a705d5cae8942c8"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 6002
x-amz-cf-id: HodxMPNjL6Ezn9u-1DP5F8zfqMBhkazv0MuxSxGerKuRFhL2yNRd8w==

GET
H2 200 member_facing-a68a0da8.chunk.css
d210i8t551lxm.cloudfront.net/packs/css/ 4 KB
4 KB 73ms
25ms Stylesheet
text/css 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/css/member_facing-a68a0da8.chunk.css
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a2773fffe181b45be275da245bad9859e345047894bfeb7c6d7814b4203b563

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:36:55 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:57 GMT
server: AmazonS3
age: 38857
etag: "ded3fadaaa1120e448a39088d403e856"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4165
x-amz-cf-id: qu3OuwKY6bv3hf7_5ywmjBQ8Dl9kGC3Dc_wk4hW8EVfENUWYS-ulZw==

GET
H2 200 plugins-8aaebd6b.chunk.css
d210i8t551lxm.cloudfront.net/packs/css/ 117 B
432 B 73ms
25ms Stylesheet
text/css 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/css/plugins-8aaebd6b.chunk.css
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a9cbaf196279c88f5557f83c707b6194aa9e8a2784a0753af73fde3941a7962

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 03:02:56 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:57 GMT
server: AmazonS3
age: 44222
etag: "df6a47f071b3315e94073a0a377e2083"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 117
x-amz-cf-id: s3fWx8iFPTx4VfWmBwm0b8pgWLoNNApehsGNX7KXxuPz0XyQ2tStHA==

GET
H2 200 runtime~globals-9d1dd9f3cd8016127ef6.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 2 KB
2 KB 91ms
43ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~globals-9d1dd9f3cd8016127ef6.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ffb9f1037cdcea7f6e5dad5b0c0c6fcd0be2b16a645cde255c9f825b7e24df06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 23:40:18 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 56379
etag: "eda0ef0d3782765e4b5b1a5fde108106"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 1567
x-amz-cf-id: PwRaW3z50RkIj33Q7fO7GHh8-j_xnb8sl-IyzOL0TpS0qI5mSTJ0_Q==

GET
H2 200 0-fd131e7c321687495ad4.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 72 KB
73 KB 90ms
43ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/0-fd131e7c321687495ad4.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41a88198674dda8977446da0befad22c2bcfd73d46be755a56a273d113f88b68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:41:36 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:58 GMT
server: AmazonS3
age: 77918
etag: "b6350b37a98f5674a8b0892825dc64f2"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 73996
x-amz-cf-id: wxdF7gGOIPALymOTTLuFTPY6D6n8vVA9eaWZPjEW_VESDuOwVvNyFw==

GET
H2 200 21-8caf5b941f1820c1b716.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 314 KB
315 KB 85ms
38ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/21-8caf5b941f1820c1b716.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c57283b0f5321998920d9ed92ff86199765e19eca961446e89655b711684efc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 15:47:47 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:58 GMT
server: AmazonS3
age: 84731
etag: "5ec8feddb72d158b890c35cd4bcfb422"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 321474
x-amz-cf-id: b-0NM7PQvGPUmhDECwpTFkuXSJ4qkBvRudje_F_fLH_NKxDb7a2kTw==

GET
H2 200 globals-1602abb913f137a8302f.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 3 KB
3 KB 94ms
47ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/globals-1602abb913f137a8302f.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae6bfb3883e007d948bdfb249ef40f526328afcef77a448ddf02d89e24f525fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:56:55 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:00 GMT
server: AmazonS3
age: 33782
etag: "d870485a027c2c121e1035a68d0d386a"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 2612
x-amz-cf-id: 1gm39zW9FVQ6x7Ap7PTfV2VUoqpuNJBDXUsnADwBA7NvN3naSDtWKg==

GET
H2 200 runtime~member_facing-d17e341e925affc21c42.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 3 KB
4 KB 93ms
46ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~member_facing-d17e341e925affc21c42.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f123d7c20754fdc30e58e378f91ddfd1e658a7235d42b612098bd57682a0e5be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:47:26 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 37952
etag: "2ae4fb5d18ffdac8916410090281f96f"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3561
x-amz-cf-id: JEnYZHRVzsoaRXHuRmWRLPqy7Dp_S7aF7MB1OFdWQY7Pa2_PQvvDrA==

GET
H2 200 1-3b1b9e9f49af9db52e73.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 127 KB
127 KB 93ms
46ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/1-3b1b9e9f49af9db52e73.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 899520cb1729e7f1aac7740f3eb4e685c572ed6da2a58e93fc33301e3a7685e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 06:25:35 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:58 GMT
server: AmazonS3
age: 32063
etag: "254673e21d04a7cee05c56c003468e78"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 130066
x-amz-cf-id: X7QXS2k5XI48re3d7HMP4hU6ivfZJ-lTQ14GkZB7KKt-thqbxJxb_Q==

GET
H2 200 member_facing-f5bad1c011f32de30860.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 319 KB
319 KB 91ms
44ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/member_facing-f5bad1c011f32de30860.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7617add8b1251846040def1471f9db4c658f41f3242c43687b689a49fd06dba3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:23:28 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:00 GMT
server: AmazonS3
age: 64590
etag: "21a274e955489e6c6974fe66330c4c92"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 326480
x-amz-cf-id: P0YtpfXGeCSc-GdvNNiQM6vJjzkGVIjTZZQuW7N6OpYn2TwcW33Yjg==

GET
H2 200 runtime~plugins-89946f3e611d36a63cf7.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 4 KB
4 KB 93ms
47ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~plugins-89946f3e611d36a63cf7.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afc8080bec9b39296c2f46d731d9c1850b10ee1799e643c70c6afa35adc2a49f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 04:47:26 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 37952
etag: "63dfd1d425c01ff3dd4f94ce2d8f981b"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 3656
x-amz-cf-id: cDTE6NsPGBIqySrpS3MYkAxrtqWBI7Ovt2hNlEbJ_yhV6FIcKbnThg==

GET
H2 200 plugins-1cf599f5ff3952c8b451.chunk.js Show response
d210i8t551lxm.cloudfront.net/packs/js/ 5 KB
5 KB 93ms
47ms Script
application/javascript 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d210i8t551lxm.cloudfront.net/packs/js/plugins-1cf599f5ff3952c8b451.chunk.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a85a6c44b7a49774487dcd9a59ad3649b742be840b503fd2010ac197d089ecc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:25:58 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:01 GMT
server: AmazonS3
age: 46439
etag: "2507126ca4031ca80522837b59e4e495"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4775
x-amz-cf-id: RlzshTNyiojBDQKzqCtLsRatJEHBbp-UQH4NDdE7qqxBCWiKAfo1tw==

GET
H2 200 sp.js Show response
c.shpg.org/99/ 26 KB
7 KB 65ms
35ms Script
text/javascript 2606:4700:20::ac43:452d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.shpg.org/99/sp.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:452d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

903519b7312e76ac22646c08de1a868a85adc015e655d24bc33ec97ed162a7d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6177
cf-polished: origSize=35085
content-encoding: br
last-modified: Wed, 16 Feb 2022 13:37:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXRxebX%2B%2FVi%2B8c8B8itAEYszs9kOUvHoVQvAN8%2FeFbrrtEeZm564u8DfgUmqB8KdiZlOhWqebSwuEGoZfqGqGwcd4V6ENdJFNhEWuUR6hFHzj0suYqYu%2B%2BHpj63kJNhO11E%2BTr8%2FWe0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: max-age=1800
cf-ray: 6de7c1d7fa3e900a-FRA
cf-bgj: minify

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ 357 KB
142 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://actions.sumofus.org/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 12:25:05 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 76 KB
26 KB 52ms
16ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: b88e17d70cb0cb311116c225e74632ee4b38143fde235c1bfe03ef847a44947c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:13:44 GMT
content-encoding: gzip
age: 373
x-guploader-uploadid: ADPycds24JD5f70ojqToiLDEnN7J_lP2cjAls7IMht6PNYktVI3IwIPCb9ceRCSHeB8cO5Wnp8u6H2IDYYRvnu6hxdzhl2Z7Iw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25902
last-modified: Tue, 01 Feb 2022 02:55:54 GMT
server: UploadServer
etag: "e8fd7b5cf09c829391160499bcaba3ba"
vary: Accept-Encoding
x-goog-hash: crc32c=bw462w==, md5=6P17XPCcgpORFgSZvKujug==
x-goog-generation: 1643684154338085
access-control-allow-origin: *
cache-control: public,max-age=600
x-goog-stored-content-length: 25902
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 16 Feb 2022 15:23:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
1 KB 132ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6a1298615c4474a43066e2cf3f9b78890e180cdd89dbe030760d4c6c54cf729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d210i8t551lxm.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 15:12:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 15:19:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 15:19:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 26ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26236
x-xss-protection: 0
pragma: public
x-fb-debug: B57aw5sFBBjcBwoMIALk4BXyXLp+wXkLfWlmQ0JsfOYrM/yzNdlWsQ0mIohQFKtda/t1kM4twBqJPejuyoxpUA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Feb 2022 15:19:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sumofus-logo-horizontal-a6388af646705082ee7814207f413cdc5c5fabf73b428dd18ec6d79f438ccb67.svg
d210i8t551lxm.cloudfront.net/assets/ 5 KB
5 KB 8ms
7ms Image
image/svg+xml 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d210i8t551lxm.cloudfront.net/assets/sumofus-logo-horizontal-a6388af646705082ee7814207f413cdc5c5fabf73b428dd18ec6d79f438ccb67.svg
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6388af646705082ee7814207f413cdc5c5fabf73b428dd18ec6d79f438ccb67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:38:40 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:54 GMT
server: AmazonS3
age: 60077
etag: "919b3895e8d4266bb0ea7497af53180d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4649
x-amz-cf-id: KDKG3macKUq7QR3BEiSSMS7_it2CKPMvG40xFV1gGw9izto7z0ksBw==

GET
H2 200 I0000orfyq4xHahk.jpg
d210i8t551lxm.cloudfront.net/images/contents/000/021/001/large/ 549 KB
550 KB 9ms
8ms Image
image/jpeg 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d210i8t551lxm.cloudfront.net/images/contents/000/021/001/large/I0000orfyq4xHahk.jpg?1644493834
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6952a1a877b1b8dcf73459d3bf1470acf63fc9cef81388852f237e384446a1d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 12:19:09 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 11:50:37 GMT
server: AmazonS3
age: 10849
etag: "4bbea01e0d50aa55b803d6b8e9c31272"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 562329
x-amz-cf-id: xzO6LRlhdCImuwBmv68QmiDfqR8hvuGq2kRY-NWt6k4BbBe2VRgHLA==

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 135ms
38ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100i,200,200i,300,300i,400,400i,500,500i,600,600i,700,700i,800,800i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:55:47 GMT
x-content-type-options: nosniff
age: 98650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 11:55:47 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v2/ 222 B
619 B 56ms
6ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v2/polyfill.min.js?features=IntersectionObserver&_=1645024797471

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 186698
detected-user-agent: Chrome Mobile/98.0.4758
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=19, HIT, fastly;desc="Edge time";dur=1
content-length: 126
referrer-policy: origin-when-cross-origin
last-modified: Mon, 14 Feb 2022 10:57:33 GMT
date: Wed, 16 Feb 2022 15:19:57 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/98.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 145ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4505
date: Wed, 16 Feb 2022 14:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Feb 2022 16:04:52 GMT

GET
H2

200

359c2ed8-8419-4478-9c70-3706f764a5b4_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4.js
https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4_eu.js

764 B
660 B

6ms
6ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4_eu.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Server: 23.111.9.38 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:57 GMT
content-encoding: gzip
last-modified: Mon, 11 Nov 2019 15:36:15 GMT
server: NetDNA-cache/2.2
etag: W/"d65e67c1a598d51:0"
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

location: https://cdn.mouseflow.com/projects/359c2ed8-8419-4478-9c70-3706f764a5b4_eu.js
date: Wed, 16 Feb 2022 15:19:57 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
content-type: text/html

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 65ms
12ms Script
application/x-javascript 2a02:26f0:f7::5c7b:e024
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 15:19:57 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=61371
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 sumofus-white-logo-horizontal-10267bcfacdda2ac8d999f8cabd985ba9d0f2764e012a06e1bcae46c373f9ea5.svg
d210i8t551lxm.cloudfront.net/assets/ 4 KB
5 KB 25ms
4ms Image
image/svg+xml 2600:9000:223f:5200:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d210i8t551lxm.cloudfront.net/assets/sumofus-white-logo-horizontal-10267bcfacdda2ac8d999f8cabd985ba9d0f2764e012a06e1bcae46c373f9ea5.svg
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:5200:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10267bcfacdda2ac8d999f8cabd985ba9d0f2764e012a06e1bcae46c373f9ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d210i8t551lxm.cloudfront.net/assets/member-facing-94cc2f1571eb67fb5c666f69bc41c3ff563957280c81b5122fee2b7290715be8.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:04:44 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:54 GMT
server: AmazonS3
age: 36914
etag: "f731373a122ddb1b451342ad0666d21e"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 4425
x-amz-cf-id: 17Fb95f2FeLPCV9SsmFZ3kjrQGg4Am9ATHYS57m7Y7vdeEbAUzeeng==

GET
H2 200 33-cdfb977ec47fe622985b.chunk.js Show response
actions.sumofus.org/packs/js/ 21 KB
21 KB 22ms
7ms Script
application/javascript 2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://actions.sumofus.org/packs/js/33-cdfb977ec47fe622985b.chunk.js
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~member_facing-d17e341e925affc21c42.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f27473fff87f2827ce36b461f64fc52f38582c3ae8750b1144971639a34ff99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 05:31:14 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:49:00 GMT
server: AmazonS3
age: 35324
etag: "24348a0fc87e90915e806ca2c06e976e"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 21091
x-amz-cf-id: FukARQfLevvDwKvvX-OS01Rx1R0cUdYxlEJ5dHWkgur9YUZD0KHG9g==

GET
H2 200 3-75b42941.chunk.css
actions.sumofus.org/packs/css/ 8 KB
8 KB 19ms
7ms Stylesheet
text/css 2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://actions.sumofus.org/packs/css/3-75b42941.chunk.css
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~plugins-89946f3e611d36a63cf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdbd584c299af9ac76398aec46c21827f1185a8b01d66495ea6abb39349dd522

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:20:34 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:57 GMT
server: AmazonS3
age: 61164
etag: "66f90e849f1244470bad1a85bfc27205"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 8078
x-amz-cf-id: YoN6iQgebYzsRhh6E4RqFR4tSvp3YaEbqd78VLYPE4mgf-rYFd6Sbw==

GET
H2 200 3-bb3eaa20fd44022bbd4c.chunk.js Show response
actions.sumofus.org/packs/js/ 49 KB
50 KB 20ms
8ms Script
application/javascript 2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://actions.sumofus.org/packs/js/3-bb3eaa20fd44022bbd4c.chunk.js
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~plugins-89946f3e611d36a63cf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba96a518443ef7c3320a32c81de8793879304b6ddeeb7bb36e20e7e245f09b8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 16:55:43 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:59 GMT
server: AmazonS3
age: 80655
etag: "55a892025c92fa37373200287d728fc1"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 50599
x-amz-cf-id: T_gM_vuhYfvuttf6AnCOb0xUv7zsy6cfkO6dW27VIWbv_189Y1dC9g==

GET
H2 200 25-f3b84c18.chunk.css
actions.sumofus.org/packs/css/ 14 KB
14 KB 18ms
7ms Stylesheet
text/css 2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://actions.sumofus.org/packs/css/25-f3b84c18.chunk.css
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~plugins-89946f3e611d36a63cf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b45f72a30e4ca9cd1de12260a41da99da404e044765d81e1f641225ffacbb06e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 02:03:42 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:57 GMT
server: AmazonS3
age: 47776
etag: "2fb40f45c0f9ecf9cbc55ee85f8fde65"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 14150
x-amz-cf-id: S-OXQe78pkXyv4mrCeX7l1YQhSZTIKoxZto5-LvkkQhedl_EcUYM4g==

GET
H2 200 25-f3f3c880bc1cfc356f43.chunk.js Show response
actions.sumofus.org/packs/js/ 639 KB
640 KB 22ms
11ms Script
application/javascript 2600:9000:223f:4c00:9:fd3:9280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/runtime~plugins-89946f3e611d36a63cf7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:4c00:9:fd3:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f20804f7a8909e8ff1d0cc578c21a4993583af710495ca03940d73a3f65b8d22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:21:37 GMT
via: 1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
last-modified: Wed, 09 Feb 2022 17:48:59 GMT
server: AmazonS3
age: 61164
etag: "e9b2ea74b58dcca3c51b7a3dd25adc82"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 654402
x-amz-cf-id: IIxWb5eFbIzdwfhI9ihCY8RT5Jr84p92sOmTrFKs9pbZdsfnv0Kxlw==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 85E5 41 KB
22 KB 70ms
57ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb25zLnN1bW9mdXMub3JnOjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tectf5a1y3no

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d10be44ab31597654d6b2664a67a657c97cdae15850b92b78f3e86fadc20bcbc

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2Sdw76LhK695f2pIJ8U2xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 16 Feb 2022 15:19:57 GMT
content-security-policy: script-src 'report-sample' 'nonce-2Sdw76LhK695f2pIJ8U2xw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21994
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 938117079582809 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 19ms
15ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/938117079582809?v=2.9.52&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f08201976b596a1aa7f22df23affe2ba637eefe115004cc3c214ff8c84430c90

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89160
x-xss-protection: 0
pragma: public
x-fb-debug: qgIKK8xxJdj7X2g93JgvJSFQFxQOkFub1oPaf6DBOtDhV3iQDclyOnyglh0KvLfetxAwHm92wtVX9BuXieSqOA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 16 Feb 2022 15:19:57 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%2...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1988588%26time%3D1645024797824%26url%3Dhttps%253A%252F%252Factions.sumofus.org%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%2...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%...

0
155 B

313ms
116ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&liSync=true&e_ipv6=AQLSYNOyfqbbkAAAAX8DHmXsJTxFuKNwHZFClufrxsLYUtrppDfHziiTS0pTkGZwXVLe8YSU
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: fPW5qVZN1BbgI0pgbCsAAA==

Redirect headers

date: Wed, 16 Feb 2022 15:19:57 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 9B0CF281628A445DB18A08D1CAD2759C Ref B: FRAEDGE1518 Ref C: 2022-02-16T15:19:58Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1988588&time=1645024797824&url=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&liSync=true&e_ipv6=AQLSYNOyfqbbkAAAAX8DHmXsJTxFuKNwHZFClufrxsLYUtrppDfHziiTS0pTkGZwXVLe8YSU
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXYJC696u7XgjFOsSxrtg==

GET
H2 200 token Show response
chg6zpd9u7.execute-api.us-west-2.amazonaws.com/api/payment/braintree/ 3 KB
4 KB 655ms
299ms XHR
application/json 52.35.32.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://chg6zpd9u7.execute-api.us-west-2.amazonaws.com/api/payment/braintree/token?merchantAccountId=sumofus2_EUR
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.35.32.193 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-35-32-193.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: bb9850ad7b5c564a6a483d0e553b7896b341bb473259341dcd510bb3b9ced37b

Request headers

Accept: */*
Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Feb 2022 15:19:58 GMT
content-length: 3488
apigw-requestid: NpBkxgvOPHcEJsA=
content-type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 22ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=938117079582809&ev=PageView&dl=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&rl=&if=false&ts=1645024798005&sw=1600&sh=1200&v=2.9.52&r=stable&ec=0&o=30&fbp=fb.1.1645024798003.169290971&it=1645024797810&coo=false&exp=p0&rqm=GET

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Wed, 16 Feb 2022 15:19:58 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 85E5 51 KB
24 KB 85ms
39ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb25zLnN1bW9mdXMub3JnOjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tectf5a1y3no

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 10:28:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 10:28:32 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/ Frame 85E5 357 KB
141 KB 105ms
59ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 12:25:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144562
x-xss-protection: 0
last-modified: Mon, 07 Feb 2022 05:03:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 16 Feb 2023 12:25:05 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 88ms
41ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 14:31:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 16 Feb 2022 15:31:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 87ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=477216454&t=pageview&_s=1&dl=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&ul=en-us&de=UTF-8&dt=Save%20Ecuador%27s%20Choco%20forest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEIRAAAAAC~&jid=866784742&gjid=80583510&cid=682469734.1645024798&tid=UA-26370633-3&_gid=1475875825.1645024798&_r=1&_slc=1&z=2113641811

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 15:19:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://actions.sumofus.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=477216454&t=event&_s=2&dl=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&ul=en-us&de=UTF-8&dt=Save%20Ecuador%27s%20Choco%20forest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=fa_fundraising&ea=form_seen&el=fwd&_u=aGBAAEIRAAAAAC~&jid=&gjid=&cid=682469734.1645024798&tid=UA-26370633-3&_gid=1475875825.1645024798&z=1520768950

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 10:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15856
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-26370633-3&cid=682469734.1645024798&jid=866784742&gjid=80583510&_gid=1475875825.1645024798&_u=YEBAAEIQAAAAAC~&z=1608757200

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 16 Feb 2022 15:19:58 GMT
content-type: text/plain
access-control-allow-origin: https://actions.sumofus.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 85E5 2 KB
2 KB 42ms
38ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/BycHQdSIhzR_1EcOLw2mOzYQ/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 44068
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 23 Feb 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 85E5 15 KB
15 KB 89ms
42ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 79997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 85E5 15 KB
15 KB 88ms
41ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:17:54 GMT
x-content-type-options: nosniff
age: 90124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 15 Feb 2023 14:17:54 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 85E5 102 B
134 B 46ms
45ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb25zLnN1bW9mdXMub3JnOjQ0Mw..&hl=de&v=BycHQdSIhzR_1EcOLw2mOzYQ&size=invisible&cb=tectf5a1y3no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 16 Feb 2022 15:19:58 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=938117079582809&ev=Microdata&dl=https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%2F%3Fakid%3D102118.14264772.kaxMKT%26rd%3D1%26source%3Dfwd%26t%3D1&rl=&if=false&ts=1645024798510&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Save%20Ecuador%27s%20Choco%20forest%22%2C%22meta%3Adescription%22%3A%22SumOfUs%20is%20a%20global%20movement%20of%20consumers%2C%20investors%2C%20and%20workers%20all%20around%20the%20world%2C%20standing%20together%20to%20hold%20corporations%20accountable%20for%20their%20actions%20and%20forge%20a%20new%2C%20sustainable%20and%20just%20path%20for%20our%20global%20economy.%20It%27s%20not%20going%20to%20be%20fast%20or%20easy.%20But%20if%20enough%20of%20us%20come%20together%2C%20we%20can%20make%20a%20real%20difference.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aarticle%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2FSumOfUs-181924628560212%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd210i8t551lxm.cloudfront.net%2Fimages%2Fcontents%2F000%2F021%2F001%2Foriginal%2FI0000orfyq4xHahk.jpeg%3F1644493834%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Factions.sumofus.org%2Fa%2Fsave-ecuador-s-choco-forest-1%22%2C%22og%3Adescription%22%3A%22Ecuador%27s%20Choco%20forest%20is%2098%25%20destroyed...but%20we%20can%20help%20save%20what%27s%20left%22%2C%22og%3Asite_name%22%3A%22SumOfUs%22%2C%22og%3Atitle%22%3A%22The%20most%20important%20rainforest%20you%27ve%20never%20heard%20of%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.52&r=stable&ec=1&o=30&fbp=fb.1.1645024798003.169290971&it=1645024797810&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/a/save-ecuador-s-choco-forest-1/?akid=102118.14264772.kaxMKT&rd=1&source=fwd&t=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Wed, 16 Feb 2022 15:19:58 GMT

OPTIONS
H/1.1 200
OK graphql
payments.braintree-api.com/ Frame 0
0 135ms
12ms Preflight 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,braintree-version,content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 16 Feb 2022 15:19:58 GMT
transfer-encoding: chunked
access-control-allow-origin: https://actions.sumofus.org
access-control-max-age: 1800
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: authorization,braintree-version,content-type
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
paypal-debug-id: 931bf0c9b6374

POST
H/1.1 200
OK graphql Show response
payments.braintree-api.com/ 3 KB
2 KB 48ms
48ms XHR
application/json 52.29.159.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.29.159.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-159-59.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

42c4166b3e458dd1b0e0fb4179be90621866f2f5015dacd0d403f561a99073d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NDUxMTExOTgsImp0aSI6IjljOTlhNGUxLWQwOGMtNGUwNy1hN2NmLWQzMmVmMTc1MDk4YSIsInN1YiI6InE0YnRxNHRieWtzbXZqdnMiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InE0YnRxNHRieWtzbXZqdnMiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoic3Vtb2Z1czJfRVVSIn19.j4wP6lkx9fJ5I6v5NX1aQ8Wo_Ve3DTu7nCRScihtJFG4sqQEZeVOvKu3ySSz0PX5ksufP3dwAYyU0E78RWoBLw
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 15:19:58 GMT
content-encoding: gzip
X-Content-Type-Options: nosniff
server: nginx
X-Frame-Options: DENY
vary: Braintree-Version, Accept-Encoding
Content-Type: application/json
access-control-allow-origin: https://actions.sumofus.org
Cache-Control: no-cache, no-store
braintree-version: 2016-10-07
paypal-debug-id: df58a559d5a04
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
Content-Length: 1560

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 66ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 66ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 11ms
11ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 11ms
11ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 8E95 10 KB
4 KB 57ms
7ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/dispatch-frame.min.html

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

02c93fedf284ce5c2974f42ab35ad15754852d1dbc94d2d9032df250d2ad7f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

content-type: text/html
server: nginx
last-modified: Thu, 03 Feb 2022 18:29:14 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 16 Feb 2022 07:16:59 GMT
expires: Thu, 17 Feb 2022 07:16:59 GMT
cache-control: max-age=86400
etag: W/"61fc1efa-261a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: _UJjwEWvHL6ofB83n5kGbpuJghhKfBGkd2PiOPIJ6TNBg8sxzOhsPA==
age: 28979

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 54ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 11ms
11ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 55 KB
19 KB 48ms
8ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363464
x-cache: HIT
paypal-debug-id: 45516a95d9678
x-cache-hits: 1129816
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
via: 1.1 varnish
x-served-by: cache-hhn4025-HHN
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
x-timer: S1645024799.854752,VS0,VE1
etag: W/"618e152e-db6d"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 15:19:58 GMT

GET
H/1.1

200
OK

logo.htm Show response
ssl.kaptcha.com/ Frame 727C
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e
https://ssl.kaptcha.com/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e

41 B
366 B

532ms
167ms

Document
text/html

35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e
Requested by: Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Type: text/html
Expires: 0
Pragma: no-cache
X-Correlation-Id: bcff9d40-cc61-4f48-b0d4-2451e97f7bf9
Date: Wed, 16 Feb 2022 15:19:59 GMT
Content-Length: 41

Redirect headers

content-type: text/html
content-length: 154
location: https://ssl.kaptcha.com/logo.htm?m=null&s=d32edea4388388fc7cf8932e846a429e
server: nginx
date: Wed, 16 Feb 2022 15:19:59 GMT
expires: Thu, 17 Feb 2022 15:19:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: yTwZMLxPTspm50BsUJtBgSs2nRH_2OGHXSD86OYMwLt6U2YckogBTw==

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 9185 160 B
904 B 163ms
161ms Document
text/html 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

correlation-id: 1ef279638aea3
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
paypal-debug-id: 1ef279638aea3
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: none
date: Wed, 16 Feb 2022 15:19:59 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-served-by: cache-hhn4025-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1645024799.884246,VS0,VE154
vary: Accept-Encoding
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
timing-allow-origin: *
content-encoding: br

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame 12A1
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14

42 B
299 B

99ms
31ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 16 Feb 2022 15:19:59 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=6490e51ee5fa727da25c7e3d70a8ed4e&t=1645024798.812&a=14
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 9ms
9ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 8ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 53ms
33ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecd9f0192a12f64d9e8744a0af672b77d5edb0664f97558cfdc703c69a9452cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:58 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325
access-control-allow-methods: GET, POST
last-modified: Wed, 28 Jul 2021 19:53:42 GMT
server: cloudflare
etag: W/"0672b44ea83d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhiQLSOcQ%2Bzt7ojP6n3R1IvgzJO45jeMsrSrlfXdJjOud4ocxl%2BmhSn5Jc1O4U7mr3YUvEZfCfgvekvEYSlIceZDk7Jhr8jbRZcR8eYivPzm7OSeduOgtEGHlqBplGl7pVwlXXOVWm9tJ4cOMd87jxU%2Fj7E1YVPn4VYi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 16 Feb 2022 19:19:58 GMT
cache-control: public, max-age=14400
cf-ray: 6de7c1e15b8b6913-FRA
cf-bgj: minify

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 10ms
9ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 9ms
9ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.83.0/html/ Frame F5E9 10 KB
4 KB 84ms
9ms Document
text/html 108.157.4.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.83.0/html/dispatch-frame.min.html

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-3.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

02c93fedf284ce5c2974f42ab35ad15754852d1dbc94d2d9032df250d2ad7f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

content-type: text/html
server: nginx
date: Wed, 16 Feb 2022 06:58:53 GMT
last-modified: Thu, 03 Feb 2022 18:29:13 GMT
etag: W/"61fc1ef9-261a"
expires: Thu, 17 Feb 2022 06:58:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 191dcfd852a6f06df8cf0ecc80b99d1c.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: EOALJy_6xwgWBb-2kzjNjnZIbD6SBPcKLclFe9OaVjFXEz7jJxwlUQ==
age: 30065

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 10ms
10ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 9ms
9ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 0D37 126 KB
34 KB 8ms
8ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

content-type: text/html
server: nginx
date: Wed, 16 Feb 2022 06:05:44 GMT
last-modified: Thu, 03 Feb 2022 18:29:15 GMT
etag: W/"61fc1efb-1f7d4"
expires: Thu, 17 Feb 2022 06:05:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: QEfAXJsIbidXf9nEXr4ZYvM47BZ7-vJH9FOdn0IpURRx4e15FRUidQ==
age: 33254

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 0238 126 KB
34 KB 9ms
9ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

content-type: text/html
server: nginx
date: Wed, 16 Feb 2022 06:05:44 GMT
last-modified: Thu, 03 Feb 2022 18:29:15 GMT
etag: W/"61fc1efb-1f7d4"
expires: Thu, 17 Feb 2022 06:05:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: UgVFbZU0kWCB7WFrIUizbQ74_dj4DDZX4I-yA3KdoQ_9011tiAyNfA==
age: 33254

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.83.0/html/ Frame 316B 126 KB
34 KB 15ms
14ms Document
text/html 18.66.97.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html

Requested by

Host: actions.sumofus.org
URL: https://actions.sumofus.org/packs/js/25-f3f3c880bc1cfc356f43.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-40.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

content-type: text/html
server: nginx
date: Wed, 16 Feb 2022 06:05:44 GMT
last-modified: Thu, 03 Feb 2022 18:29:15 GMT
etag: W/"61fc1efb-1f7d4"
expires: Thu, 17 Feb 2022 06:05:44 GMT
cache-control: max-age=86400
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: 6D_7S2DZxcpbL9Rx3ERkGWJ8APeHkEDUjozjm4E0Hkcmoa7uYdu8wg==
age: 33254

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 12ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 10ms
9ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 1.70bf536800d3ae6c6c9a.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/ 387 KB
112 KB 78ms
54ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/1.70bf536800d3ae6c6c9a.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d49cba2ac00724a9b306354f8fbb8970f5d0cd47c85314b5bf8702022965d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://actions.sumofus.org/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1375912
cf-polished: origSize=396594
access-control-allow-methods: GET, POST
last-modified: Wed, 28 Jul 2021 19:53:42 GMT
server: cloudflare
etag: W/"0672b44ea83d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8LTkvwd1dEn2vBAS7ZBMBjliVj9ag%2BN6YiPTJPIBf%2F2bJEuzX%2BFf5MouR8ydhIyTN%2FhC%2F4PglwCK%2BAVhf1JxJ5b9urDLQWKCWk6InD7hmctc2P41Fk1R%2Fo5oWHiEIc9UxYMijsJH1WyqceqSzmnqITni3VBbSsaaVj2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 15 Aug 2022 15:19:59 GMT
cache-control: public, max-age=15552000
cf-ray: 6de7c1e1ddac8ff2-FRA
cf-bgj: minify

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ Frame 0D37 0
292 B 10ms
10ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.83.0/html/hosted-fields-frame.min.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.braintreegateway.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:59 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 8ms
7ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://assets.braintreegateway.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:58 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 9ms
9ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:19:59 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 8ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:19:59 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 9185 55 KB
19 KB 8ms
8ms Script
application/javascript 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 363464
x-cache: HIT
paypal-debug-id: 45516a95d9678
x-cache-hits: 1129821
access-control-allow-methods: GET
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
vary: Accept-Encoding
content-length: 19090
via: 1.1 varnish
x-served-by: cache-hhn4025-HHN
last-modified: Fri, 12 Nov 2021 07:18:06 GMT
x-timer: S1645024799.053503,VS0,VE1
etag: W/"618e152e-db6d"
access-control-max-age: 86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Feb 2022 15:19:59 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 9185 125 B
606 B 192ms
191ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ce12700247c3216fde0ca240783aade58d3e2d8b2f332791e184686e3c054da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

timing-allow-origin: *
date: Wed, 16 Feb 2022 15:19:59 GMT
via: 1.1 varnish
correlation-id: 4842db8ae756f
x-served-by: cache-hhn4025-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 4842db8ae756f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
content-type: application/json
content-length: 125
x-cache-hits: 0

POST
H2 200 e Show response
c.paypal.com/v1/r/d/b/ Frame 9185 15 B
200 B 175ms
175ms XHR
application/json 151.101.129.35
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.35 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
via: 1.1 varnish
correlation-id: 22a8ff6b5673f
x-served-by: cache-hhn4025-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
content-type: application/json
paypal-debug-id: 22a8ff6b5673f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 15
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 9185 0
321 B 218ms
183ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=6490e51ee5fa727da25c7e3d70a8ed4e&s=BRAINTREE_SIGNIN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
via: 1.1 varnish
correlation-id: 63dc9d01ecabd
x-timer: S1645024799.111178,VS0,VE176
x-served-by: cache-hhn4030-HHN
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: 63dc9d01ecabd
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 12.70bf536800d3ae6c6c9a.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/ 23 KB
8 KB 33ms
33ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/12.70bf536800d3ae6c6c9a.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edad1694472303abe8ab4dbfb38758268c88dc20f45bf644770d220f0ce10438

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://actions.sumofus.org/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1375911
cf-polished: origSize=23843
access-control-allow-methods: GET, POST
last-modified: Wed, 28 Jul 2021 19:53:42 GMT
server: cloudflare
etag: W/"0672b44ea83d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FrmZx7W3WbMUC0py9GUzM%2BvrQWBwGiAQDu1Mi%2Fu6Wjjb59ODK8f5FFNrvUdWxOXE%2BmWwygVXc5RX7QHvUkuwI%2BY1B%2BvFL6ARla10a4%2FJnFtVAw7qQkp6X9%2FroE0lwTBOcM35mRuw5BKvbTfEQU50wyeP5klBuky1Ak%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 15 Aug 2022 15:19:59 GMT
cache-control: public, max-age=15552000
cf-ray: 6de7c1e27f508ff2-FRA
cf-bgj: minify

OPTIONS
H2 200 Init
centinelapi.cardinalcommerce.com/V1/Order/JWT/ Frame 0
0 142ms
132ms Preflight 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-cardinal-tid
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-length: 0
access-control-allow-origin: https://actions.sumofus.org
vary: Origin
access-control-allow-methods: GET,POST,HEAD,OPTIONS
access-control-allow-headers: content-type, x-cardinal-tid
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WMAzh4o1mfWY70N5o674zMGB5LsYz%2FXEgxsTULh3CM1YdJLQw5HdVbJZ4DzdP3ME%2B5FzEKMFgoeU3%2BEGgeAd59TSg9WjfzNUuriPlae6h4HDRzU8ye8K3Na2tWi4xXXdDTCJZGptYo7FfwQ9jR4ifWF6uiAIsR5Gf4FYJkEE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de7c1e2c82b8ff2-FRA

POST
H2 200 Init Show response
centinelapi.cardinalcommerce.com/V1/Order/JWT/ 2 KB
2 KB 175ms
175ms XHR
text/plain 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://centinelapi.cardinalcommerce.com/V1/Order/JWT/Init

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd89dc94d182cbbdd900e99959c1c2a74ae8d01044c4c45d256c07c29de9e330

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://actions.sumofus.org/
X-Cardinal-Tid: Tid-a31c8924-f68f-4901-86ed-953b73d63fea
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vptfSSIvIofLzKRvLoOIv3UM26QlNT1I8%2F1kb%2BrGnD2cFwLyuKjwaAm4ZieR1eZABFmfLc74hL62hiu1KnPUv222RKdR26PK2XfhZxea9C3gFYHzHGPiqLVQ2DM0jfssJzfFKO68PSwTEO%2B9OrmAJrmvuq2dTG8xWCR0DfI%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://actions.sumofus.org
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
strict-transport-security: max-age=15552000
cf-ray: 6de7c1e39a418ff2-FRA

GET
H2 200 11.70bf536800d3ae6c6c9a.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/ 26 KB
8 KB 56ms
56ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/11.70bf536800d3ae6c6c9a.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43254e79437320507f478254143713181cace86b1cf7c2face7a7e8cf156e53e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://actions.sumofus.org/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1375910
access-control-allow-methods: GET, POST
last-modified: Wed, 28 Jul 2021 19:53:42 GMT
server: cloudflare
etag: W/"0672b44ea83d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=522ouTKeoxgwRDTsHaOhaAWX8FibcBObwDN0QbW2VjG4L7QQyNmr1Gr4ub1Lh7V2JWl%2FL%2F%2Fp8WQeGlWbEfUI2cIHbhC3Sy3mIM94aJYrUBXhZW6pNe03iafiieaidDbAeAtNZfy2%2Fpm9zOVJEWYkOVWe7S1DGYaku5ZI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 15 Aug 2022 15:19:59 GMT
cache-control: public, max-age=15552000
cf-ray: 6de7c1e4bcb48ff2-FRA
cf-bgj: minify

GET
H2 200 Render Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 39FA 4 KB
2 KB 176ms
165ms Document
text/html 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/1.70bf536800d3ae6c6c9a.songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9285a3cd780bcf51fbe2f5040d910c8eeeee0e9741f90f6cb9dbce20b649bcaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://actions.sumofus.org/

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 1241
p3p: CP="This site does not have a p3p policy."
vary: accept-encoding
content-language: de-DE
x-cnection: close
strict-transport-security: max-age=15552000
content-encoding: gzip
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4nXPznxNGkC7PVOKWJWUTru5QoeCIj8CV4GsB8JofgG17lJf5i7Hl54uEqGEzBGYni6HQOEYJW1cF%2FOA7h3bC76PDwB0CfuHKnHciiOiICVUnxOJWCxqyBqYRtUjrlgfdFcwQ8hIs4dvy2IG0Uc5BzzLtL6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de7c1e4dc166913-FRA

GET
H2 200 3.70bf536800d3ae6c6c9a.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/ 24 KB
7 KB 34ms
34ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/70bf536800d3ae6c6c9a/3.70bf536800d3ae6c6c9a.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84b24562b83c26a7d24ab1af287eb940999264e5a803e6322f1e64a6604cffe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://actions.sumofus.org/
Origin: https://actions.sumofus.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1375909
access-control-allow-methods: GET, POST
last-modified: Wed, 28 Jul 2021 19:53:42 GMT
server: cloudflare
etag: W/"0672b44ea83d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI4vLtLDRZ1skHe5pzmqfEejhC4PDE03lZfY2y5WhmTrFb6OHP0Y%2BPFyTMQQN673lT2kA60MFnB8oKcijXpJ6EFKKdOhHsnJ5B06x%2FaHw72q6YRJrUbJmVq5JHpN%2F9p0TRoXI7XUv%2BNPgh7fpbrKO6lssYqVPsfpCnP0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
expires: Mon, 15 Aug 2022 15:19:59 GMT
cache-control: public, max-age=15552000
cf-ray: 6de7c1e51d8c8ff2-FRA
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ Frame 39FA 87 KB
28 KB 47ms
36ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: geo.cardinalcommerce.com
URL: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1927526
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1WyBQlmXCPJt0v6yM3kV6cGjqdhaD4v48Ek7Cc2cOd1W2%2BJhA9qb6BMi5U3v4DK96eLc7OJrTu%2FVOyhVeF9oMnl42B9cWYesKF%2FDxHALPllPRKUAKoAquvjnbseLD4tbgxasbCufPTuXG7B4%2B2qb6Bg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de7c1e60db95b26-FRA
expires: Mon, 06 Feb 2023 15:19:59 GMT

GET
H3 200 json3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/ Frame 39FA 8 KB
4 KB 29ms
18ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/json3/3.3.2/json3.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2569554
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3209
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec9-1fd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOXYKq98FYdTL6X0tKd3IMNCwsQIRYGTY7B9G0MgKIzPAwP0oGn56QeCt2aQlfSfKVawmFL8grY5eIzkaIeC22TPAB4jPefBAwOUImuuHg2SazNM875TSsolGm2xbBjyzhwrOLJTwOCuz%2Bnz990%2Bwuhn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de7c1e60db35b26-FRA
expires: Mon, 06 Feb 2023 15:19:59 GMT

GET
H2 200 6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 39FA 34 KB
14 KB 38ms
37ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/6d028a6f5c5c7a8f8dbd924b0fc274afbf37412e.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 714
p3p: CP="This site does not have a p3p policy."
content-length: 13530
last-modified: Thu, 16 Sep 2021 14:24:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIgHTTr0rHn5LW2EptAixsCHi%2F5jNIZRfKHrRfvqYz7K%2Bmen%2FFvKKTMYLKMG8frlSTpg9kmRHttPkEQrsC28X24fVaDmbooCGjfskyIL2Ct43CLzLALEh1Xog3eLz677vV4cHfbeliIpLJJfAa6uYAqD%2Bix%2Fqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6de7c1e5eea16913-FRA
expires: Wed, 16 Feb 2022 19:19:59 GMT

GET
H2 200 profiler.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 39FA 12 KB
5 KB 40ms
40ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/profiler.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 709
p3p: CP="This site does not have a p3p policy."
content-length: 5284
last-modified: Mon, 27 Dec 2021 19:02:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iadYxkzzuMj5YgGAQacNdV33mqKS9UaciIruu9HtmV91tk2txEdoAQ7lcdRcASbpRC7GLV32mwyFIm%2F%2B1hsnZ8sfLrngZcBHeqAtYP82NL0sAmUUSENMEIesSFTGmZ6tQ2xZ4HH66yMiyotnvLMaBE6y7Wq%2Btw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6de7c1e5eea56913-FRA
expires: Wed, 16 Feb 2022 19:19:59 GMT

GET
H2 200 acsprofiler.min.js Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/ Frame 39FA 4 KB
2 KB 46ms
46ms Script
application/javascript 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/includes/js/acsprofiler.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 15:19:59 GMT
content-encoding: gzip
vary: accept-encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 709
p3p: CP="This site does not have a p3p policy."
x-cnection: close
content-length: 2078
last-modified: Mon, 27 Dec 2021 19:02:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxkFXyWSLlES0sATYqRyOhcEtzSzf8VqtyhrBmz0sEETcDo1W0pyQT1ljYVbUTH%2BmBnLliFdThFMSF3BNKA60tEsyFhdL42mPM78CrTV4B2%2BA%2BHxg4mNB9F9nAZHIbasBA%2FsVCBzA%2BFnlqf%2FtT1BzLi%2BjULieQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 6de7c1e5eea86913-FRA
expires: Wed, 16 Feb 2022 19:19:59 GMT

POST
H2 200 SaveBrowserData Show response
geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/ Frame 39FA 0
925 B 225ms
224ms XHR
text/plain 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/SaveBrowserData

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept: */*
Referer: https://geo.cardinalcommerce.com/DeviceFingerprintWeb/V2/Browser/Render?threatmetrix=true&alias=Default&orgUnitId=5c8aa050791eef31e8319430&tmEventType=PAYMENT&referenceId=1_e9b83c21-17a9-4822-b865-0c97c0302dda&geolocation=false&origin=Songbird
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6de7c1e6b87b6913-FRA
date: Wed, 16 Feb 2022 15:20:00 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87pXNEjp8abVlC2eXUvzrtj93AJZVmjMVcljmxleI2LZKsV1uxkc%2FjvTlAvOp9Bo65fDB8GVUNsI4x66fpG8umzFNNKO%2BWcnOqzO0UqrJnKWArqaTVA%2BKxxaq0RwKdl24cNqrKED6uxh7eqr8KomL4%2FkRjS7cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: CP="This site does not have a p3p policy."
content-type: text/plain
content-length: 0

OPTIONS
H2 200 log
writer.cardinalcommerce.com/prod/ Frame 0
0 162ms
153ms Preflight
application/json 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-cardinal-tid
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 16 Feb 2022 15:20:00 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 2d28e20a-0045-4c4f-9bed-81ae9577b5e3
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
x-amz-apigw-id: NpBlDGOhIAMFRqg=
access-control-allow-methods: POST,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: SKBzhQkCoiJBvIeMLqmWUBJ_t-QBfd4YF_E6hjXjXjz8bkly-sEg9w==
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StJOwrL6WuVmaqFyqi75ZKvirDE4aYi5qGDrW9z1u6WNqMsosYcVGcHjfyczXegMA9USNKjZENLWxJOvOT2MUCckHKZgPh3%2FdDsEagl1BpCyBgueU7t4SlOMlc8hOl3ykPjkv86ZNfYh38m7lailO0EOtsK8g9O1rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6de7c1e83e3a8ff2-FRA

POST
H2 200 log Show response
writer.cardinalcommerce.com/prod/ 15 B
553 B 407ms
407ms XHR
application/json 2606:4700::c6d9:fbfa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://writer.cardinalcommerce.com/prod/log
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

Referer: https://actions.sumofus.org/
X-Cardinal-Tid: Tid-a31c8924-f68f-4901-86ed-953b73d63fea
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Wed, 16 Feb 2022 15:20:00 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: DUS51-P1
x-amzn-requestid: 6f2817d9-f89f-4619-969b-2c3c9483d2f4
x-cache: Miss from cloudfront
x-amz-apigw-id: NpBlGGiNoAMFnMg=
content-length: 15
server: cloudflare
x-amzn-trace-id: Root=1-620d1620-3b32c0d46123615f6dbb7ed6;Sampled=0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfuUo5nadYE00NPaJTEgnzBaikCDZFR0qukHo49%2BpSwEoecZOwl9Tr06Y%2Fs2fVC0wBV36DIiaiyc82zQSab8Sax25eiDRvfalbzjzHqenW5OkHp5OpSopeT%2FoqJ8zd0X2si6lcAZMOBWuvQfVyeQln1%2BZQf7die57g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 6de7c1e938878ff2-FRA
x-amz-cf-id: zxY0k6r09tSokG9mVS9_7LiF9hR_McjTqYNPgt-T1Rn4GbiJoqKwzA==

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
284 B 10ms
9ms XHR
text/plain 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Requested by: Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 16 Feb 2022 15:20:00 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 8ms
8ms Preflight 3.124.200.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.200.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-200-47.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://actions.sumofus.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://actions.sumofus.org
Access-Control-Max-Age: 3000
Date: Wed, 16 Feb 2022 15:20:00 GMT
Server: nginx
Content-Length: 0
Connection: keep-alive

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
373 B 79ms
42ms XHR
application/json 107.178.240.159

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1645024802566

Requested by

Host: d210i8t551lxm.cloudfront.net
URL: https://d210i8t551lxm.cloudfront.net/packs/js/27-33cd0ef3c1b854f7259b.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 -, , ASN (),

Reverse DNS

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://actions.sumofus.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Wed, 16 Feb 2022 15:20:02 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://actions.sumofus.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 22
alt-svc: clear
content-length: 25

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sumofus.org/	1969-12-31 23:59:59	Name: _session_id Value: LzhMWSsvSm01VWpMZmp1SUxFVmo4RGNnY2hPL0xBbVh0UWFoaitOYjdNcUlpS3dySXhEdE01d2FKQ1J3T08yYjZTblhDUGpVbVVMYTJvcHExTVBCK2ZKeFVRckppZGROd0NpU2hlOHpiWnlPcVZGNlZ5VkFBeDRWYkcvUGlEbkV3UG9XdEE4TFFYTGU5MzZmd3VpNGVRPT0tLVEvNGZQanE5ZHBIN0VubUxEWVBNZEE9PQ%3D%3D--58c9f480ddf7bc4d61f52477148e646d4f20b253
.sumofus.org/	1970-01-20 09:42:40	Name: mp_bd6d1b0f24d62eb5e9ac53b4ce2ad77f_mixpanel Value: %7B%22distinct_id%22%3A%20%2217f031e6383534-07664b7af3283f-576153c-1d4c00-17f031e6384ba2%22%2C%22%24device_id%22%3A%20%2217f031e6383534-07664b7af3283f-576153c-1d4c00-17f031e6384ba2%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.linkedin.com/	1970-01-20 01:40:16	Name: UserMatchHistory Value: AQKHhEi-fkYmwAAAAX8DHmTkRRyfGZA7zbNUIX5hIk7Lc-D5e5_vqWA6YjqbxdmR0teMzcxLwrYUUw
.linkedin.com/	1970-01-20 01:40:16	Name: AnalyticsSyncHistory Value: AQJOyw4OCQ3cCQAAAX8DHmTkfHYH7Djwn5Qw5DxAsb_hfq7VMUmprYPEmyltHrSR75oIKsUO7VB7EVbrXCmqkw
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:28:58	Name: bcookie Value: "v=2&f682aba6-65ac-4da0-8dc9-4baee993fd14"
.linkedin.com/	1970-01-20 00:58:31	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2401:u=1:x=1:i=1645024797:t=1645111197:v=2:sig=AQHkyKq_PLgNTjmIUteQlpEu8IoAnSBc"
.sumofus.org/	1970-01-20 03:06:40	Name: _fbp Value: fb.1.1645024798003.169290971
.sumofus.org/	1970-01-20 18:28:16	Name: _ga Value: GA1.2.682469734.1645024798
.sumofus.org/	1970-01-20 00:58:31	Name: _gid Value: GA1.2.1475875825.1645024798
.sumofus.org/	1970-01-20 00:57:04	Name: _gat Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:28:58	Name: bscookie Value: "v=1&20220216151958c44a3f6e-67ae-48a9-83e1-fc6a6f8d1a75AQHOqO81q9zViWv5zjNUFD7yes34_oOL"
.linkedin.com/	1970-01-20 18:08:26	Name: li_gc Value: MTswOzE2NDUwMjQ3OTg7MjswMjG2jNtFMlU2aTUKiePdAFHXX6qAUvSkxG2keN8fB39KQA==
.c.paypal.com/	1970-01-21 20:45:04	Name: sc_f Value: GSf8UUUZAigZqspCn43T51sbav3JKfgUzBHMS6fAf9iIKxlvK_7b-XT8ULge92NkYaxnKKkJ8z31hSQOqMTxBuAj2BxIj6_zR40RGm
.paypal.com/	1970-01-27 08:09:04	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: 1D-Botv89QFnJBhkDIeSDC-Mk_C3hdog3Mn8UKCDemPeL2BFdZs0MbMG1P3L58eiFzHzxnvbSXdK0b7j
.cardinalcommerce.com/	1969-12-31 23:59:59	Name: __cfruid Value: 4dbbc23aa6685000b91f983c02c50d4fb7019d7d-1645024800

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' pronto.sumofus.org
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.sumofus.org
actions.sumofus.org
api-js.mixpanel.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c.shpg.org
c6.paypal.com
cdn.mouseflow.com
cdn.mxpnl.com
cdnjs.cloudflare.com
centinelapi.cardinalcommerce.com
checkout.paypal.com
chg6zpd9u7.execute-api.us-west-2.amazonaws.com
client-analytics.braintreegateway.com
code.jquery.com
connect.facebook.net
d210i8t551lxm.cloudfront.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
geo.cardinalcommerce.com
payments.braintree-api.com
polyfill.io
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
songbird.cardinalcommerce.com
ssl.kaptcha.com
stats.g.doubleclick.net
writer.cardinalcommerce.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleoptimize.com
www.gstatic.com
www.linkedin.com
107.178.240.159
108.157.4.3
108.174.10.14
151.101.129.35
18.66.97.40
2001:4de0:ac18::1:a:3b
23.111.9.38
2600:1901:0:bc29::
2600:9000:223f:4c00:9:fd3:9280:93a1
2600:9000:223f:5200:9:fd3:9280:93a1
2606:4700:20::ac43:452d
2606:4700::6810:135e
2606:4700::c6d9:fbfa
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:803::2004
2a00:1450:4001:827::200e
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c0c::9a
2a02:26f0:f7::5c7b:e024
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::282
2a04:4e42:400::291
3.124.200.47
35.81.31.24
52.29.159.59
52.35.32.193
52.9.171.133
64.4.245.84
02c93fedf284ce5c2974f42ab35ad15754852d1dbc94d2d9032df250d2ad7f20
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05bc968429f41be17ac5b589da9708e4b9e7a6c9e94b3ca324d56d97b001a7e3
0a3a70f17016a512dc5e092520fecb360e4600062b01327f54cd3d346f02d797
10267bcfacdda2ac8d999f8cabd985ba9d0f2764e012a06e1bcae46c373f9ea5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13bf5fb4ced782c0fe5d2a5d181a9d4ffd92d5fa26304ec78fe7fdf9ee4c3e77
16adfeadf95f003ba6787429332c70627d1453671629faf02b61fedb9f821205
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2a2773fffe181b45be275da245bad9859e345047894bfeb7c6d7814b4203b563
2ce12700247c3216fde0ca240783aade58d3e2d8b2f332791e184686e3c054da
2d49cba2ac00724a9b306354f8fbb8970f5d0cd47c85314b5bf8702022965d22
367fac99b008a589e5ea08e8fd2ed7cd187ae7b0cbe70641a5e1fd13388c80c5
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f796fd7e81e24357487b2594468d89780b95b70cdbef65781f758f443a09d95
41a88198674dda8977446da0befad22c2bcfd73d46be755a56a273d113f88b68
42c4166b3e458dd1b0e0fb4179be90621866f2f5015dacd0d403f561a99073d0
43254e79437320507f478254143713181cace86b1cf7c2face7a7e8cf156e53e
440b3c53b8fa536c486224a6db07c5f66751635c95278a985c7576ab6f3896bc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48125007cbc1bc9730bc2087715af2b520e7327da06baca49f82fa1af1ddc3a5
482bf283d9713bc4dc621ec029c90500fa6d589bb550f8a1f2bd2bfa4b21daf8
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6952a1a877b1b8dcf73459d3bf1470acf63fc9cef81388852f237e384446a1d1
6a9cbaf196279c88f5557f83c707b6194aa9e8a2784a0753af73fde3941a7962
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7617add8b1251846040def1471f9db4c658f41f3242c43687b689a49fd06dba3
7c3e64ef84e5290feef3e6e6943c4618cd3b609995b6d7bde6e898b06bbf5d5a
7d5cb548364c4f8261eb3cc74e8eca52f06dde32fbfe79ffb225f2388450a5a6
7f27473fff87f2827ce36b461f64fc52f38582c3ae8750b1144971639a34ff99
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b24562b83c26a7d24ab1af287eb940999264e5a803e6322f1e64a6604cffe1
899520cb1729e7f1aac7740f3eb4e685c572ed6da2a58e93fc33301e3a7685e6
8ba56f6b8db4984684e70e96502fb1a4f4d436e22e147ad693f70e78c3921a41
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
903519b7312e76ac22646c08de1a868a85adc015e655d24bc33ec97ed162a7d8
9285a3cd780bcf51fbe2f5040d910c8eeeee0e9741f90f6cb9dbce20b649bcaf
92f5e8629154a6c59b0d7500f852a6a2a03dad4b104ff370640e789fb12620e9
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
95483314622403ce35e1a25b049f5520355b2465b31e6620df4109c4d41b8f99
a07361b9992cee19b55676bde1d128c8cec6864ba8e9f158ba8eef071d36f107
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288
a6388af646705082ee7814207f413cdc5c5fabf73b428dd18ec6d79f438ccb67
a85a6c44b7a49774487dcd9a59ad3649b742be840b503fd2010ac197d089ecc8
a9a894dad279b5c6619faad3fd435aa7d48de1ac0b0acf2089f27587d6c84eb1
ae6bfb3883e007d948bdfb249ef40f526328afcef77a448ddf02d89e24f525fc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afc8080bec9b39296c2f46d731d9c1850b10ee1799e643c70c6afa35adc2a49f
b45f72a30e4ca9cd1de12260a41da99da404e044765d81e1f641225ffacbb06e
b88e17d70cb0cb311116c225e74632ee4b38143fde235c1bfe03ef847a44947c
ba96a518443ef7c3320a32c81de8793879304b6ddeeb7bb36e20e7e245f09b8e
bb9850ad7b5c564a6a483d0e553b7896b341bb473259341dcd510bb3b9ced37b
c57283b0f5321998920d9ed92ff86199765e19eca961446e89655b711684efc8
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
d10be44ab31597654d6b2664a67a657c97cdae15850b92b78f3e86fadc20bcbc
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
d59d7ef453977062a7c216e3fa8d62c26a8e49b62c1625d23f655ed457f10808
e233cde0337424a89df8f71bd45c2c4a2f9f5b699cf79144a5db2949d0bd4529
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a1298615c4474a43066e2cf3f9b78890e180cdd89dbe030760d4c6c54cf729
ecd9f0192a12f64d9e8744a0af672b77d5edb0664f97558cfdc703c69a9452cf
edad1694472303abe8ab4dbfb38758268c88dc20f45bf644770d220f0ce10438
f08201976b596a1aa7f22df23affe2ba637eefe115004cc3c214ff8c84430c90
f123d7c20754fdc30e58e378f91ddfd1e658a7235d42b612098bd57682a0e5be
f20804f7a8909e8ff1d0cc578c21a4993583af710495ca03940d73a3f65b8d22
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f82d00e4896a9aee107123f1ae51a9699c49d38563b118cabbe1bcda49795099
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
fd89dc94d182cbbdd900e99959c1c2a74ae8d01044c4c45d256c07c29de9e330
fdbd584c299af9ac76398aec46c21827f1185a8b01d66495ea6abb39349dd522
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffb9f1037cdcea7f6e5dad5b0c0c6fcd0be2b16a645cde255c9f825b7e24df06

actions.sumofus.org Open in urlscan Pro 2600:9000:223f:4c00:9:fd3:9280:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

97 %HTTPS

63 %IPv6

25 Domains

37 Subdomains

30 IPs

4 Countries

3719 kBTransfer

5717 kBSize

17 Cookies

9 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

actions.sumofus.org Open in urlscan Pro
2600:9000:223f:4c00:9:fd3:9280:93a1 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

97 %
HTTPS

63 %
IPv6

25
Domains

37
Subdomains

30
IPs

4
Countries

3719 kB
Transfer

5717 kB
Size

17
Cookies

110 HTTP transactions
0 data transactions