action.eko.org Open in urlscan Pro
66.33.60.130 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://action.eko.org/a/donate-wrapper/?akid=141695.23033312.ONZAEz
Effective URL:
https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
Submission: On December 26 via api (December 26th 2024, 9:59:31 am UTC) from AE — Scanned from US

Summary HTTP 90 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 17 domains to perform 90 HTTP transactions. The main IP is 66.33.60.130, located in United States and belongs to AMAZON-02, US. The main domain is action.eko.org.
TLS certificate: Issued by R11 on November 18th 2024. Valid for: 3 months.

This is the only time action.eko.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 32	66.33.60.130 66.33.60.130	16509 (AMAZON-02) (AMAZON-02)
4	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3036::ac43:d163	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:400d:c09::61	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c01::63	15169 (GOOGLE) (GOOGLE)
3	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4004:c21::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c01::93	15169 (GOOGLE) (GOOGLE)
3	3.5.81.117 3.5.81.117	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c17::9c	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c21::9a	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.210.51.78 3.210.51.78	14618 (AMAZON-AES) (AMAZON-AES)
13	13.59.183.69 13.59.183.69	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::c6... 2606:4700::c6d9:fbfb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	54.148.115.137 54.148.115.137	16509 (AMAZON-02) (AMAZON-02)
1	151.101.193.21 151.101.193.21	54113 (FASTLY) (FASTLY)
1 2	35.235.122.5 35.235.122.5	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:600... 2a04:4e42:600::291	54113 (FASTLY) (FASTLY)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
90	27

32 66.33.60.130 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

action.eko.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o142675.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:d163 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.logr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:400d:c09::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c01::63 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::5e (Washington, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c01::93 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.5.81.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com

champaign-assets-production.s3.us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c17::9c (Washington, United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c21::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.210.51.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-51-78.compute-1.amazonaws.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.59.183.69 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-59-183-69.us-east-2.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::c6d9:fbfb (United States)

ASN13335 (CLOUDFLARENET, US)

songbird.cardinalcommerce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.133 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.21 (San Francisco, United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.235.122.5 (Los Angeles, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 5.122.235.35.bc.googleusercontent.com

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lvs.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.logr-ingest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	eko.org 2 redirects action.eko.org	876 KB
15	braintreegateway.com 1 redirects client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9097 assets.braintreegateway.com — Cisco Umbrella Rank: 17075	3 KB
8	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	2 KB
6	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	3 KB
5	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 8145 b.stats.paypal.com — Cisco Umbrella Rank: 6750 lvs.stats.paypal.com — Cisco Umbrella Rank: 11683 c6.paypal.com — Cisco Umbrella Rank: 9713	25 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	337 KB
4	sentry.io o142675.ingest.sentry.io	656 B
3	amazonaws.com champaign-assets-production.s3.us-west-2.amazonaws.com	8 KB
3	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 8478	15 KB
3	logr-ingest.com cdn.logr-ingest.com — Cisco Umbrella Rank: 11973 r.logr-ingest.com — Cisco Umbrella Rank: 12439	191 KB
2	cardinalcommerce.com songbird.cardinalcommerce.com — Cisco Umbrella Rank: 28356	115 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9545	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	216 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	75 KB
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 7999
1	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2020
1	gstatic.com www.gstatic.com	216 KB
90	17

	Domain	Requested by
32	action.eko.org	2 redirects action.eko.org
13	client-analytics.braintreegateway.com	action.eko.org
6	www.google.com	action.eko.org www.gstatic.com www.googletagmanager.com
4	www.googletagmanager.com	action.eko.org www.googletagmanager.com
4	o142675.ingest.sentry.io	action.eko.org
3	td.doubleclick.net	www.googletagmanager.com
3	champaign-assets-production.s3.us-west-2.amazonaws.com
3	cdn.growthbook.io	action.eko.org
2	r.logr-ingest.com	action.eko.org
2	c.paypal.com	action.eko.org c.paypal.com
2	assets.braintreegateway.com	1 redirects action.eko.org
2	songbird.cardinalcommerce.com	action.eko.org songbird.cardinalcommerce.com
2	payments.braintree-api.com	action.eko.org
2	www.facebook.com
2	connect.facebook.net	action.eko.org connect.facebook.net
2	analytics.google.com	action.eko.org
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
1	c6.paypal.com
1	lvs.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	ssl.kaptcha.com	action.eko.org
1	kit.fontawesome.com	action.eko.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	cdn.logr-ingest.com	action.eko.org
90	25

This site contains links to these domains. Also see Links.

Domain
eko.org
www.instagram.com
www.youtube.com
twitter.com
www.tiktok.com
www.facebook.com

Subject Issuer	Validity	Valid
action.eko.org R11	`2024-11-18` - `2025-02-16`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-03` - `2025-07-29`	10 months	crt.sh
logr-ingest.com WE1	`2024-11-24` - `2025-02-22`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
cdn.growthbook.io R11	`2024-11-23` - `2025-02-21`	3 months	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-11-14` - `2025-11-11`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-10-04` - `2025-01-02`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2024-07-18` - `2025-07-17`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
*.cardinalcommerce.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-03-28`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2024-02-08` - `2025-02-08`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2024-07-15` - `2025-07-15`	a year	crt.sh
api.logrocket.com R10	`2024-10-28` - `2025-01-26`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
Frame ID: 85EECAD63C0DE995BF317B4B71F1448E
Requests: 72 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb24uZWtvLm9yZzo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=3bpxeo7j0tyy
Frame ID: BFC222709A35DDC9F0A17491EA3E61BD
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/658075530?random=1735207166034&cv=11&fst=1735207166034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E0382DBDE9EAA2FF480BCC0C82957F76
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/658075530?random=1735207166034&cv=11&fst=1735207166034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: DC77A4D514277E778398030F7FCB7F25
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-PMEW5CDHC1&gacid=304309820.1735207167&gtm=45je4cc1v868788875za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&z=888599558
Frame ID: F8938ACA6D69294E4EFE59B61C491EB4
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Faction.eko.org
Frame ID: 126E61BE8E17067FB94508C765451EAB
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html
Frame ID: 893967B40ADD5DDE7E58059BEAAF888F
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d
Frame ID: 7062FF0B68E20484CCCE041E35D79390
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 6137B3EB7F19D8425D6704FF4177AD05
Requests: 1 HTTP requests in this frame

Frame: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14
Frame ID: B36D99E5474D44C3D193F64BBE237F13
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate now to keep Ekō strong

Page URL History Show full URLs

https://action.eko.org/a/donate-wrapper/?akid=141695.23033312.ONZAEz HTTP 308
https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

90
Requests

96 %
HTTPS

54 %
IPv6

17
Domains

25
Subdomains

27
IPs

1
Countries

1868 kB
Transfer

6184 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://eko.org/
Title: Home

Search URL Search Domain Scan URL

URL: https://eko.org/about
Title: About

Search URL Search Domain Scan URL

URL: https://eko.org/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://eko.org/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.instagram.com/eko.movement/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@Eko.Movement

Search URL Search Domain Scan URL

URL: https://twitter.com/Eko_Movement

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@eko.movement

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Eko.Movement/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://action.eko.org/a/donate-wrapper/?akid=141695.23033312.ONZAEz HTTP 308
https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://action.eko.org/api/status/ HTTP 308
https://action.eko.org/api/status

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658075530/?random=1735207166034&cv=11&fst=1735207166034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config HTTP 302
https://www.google.com/pagead/1p-user-list/658075530/?random=1735207166034&cv=11&fst=1735203600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&is_vtc=1&cid=CAQSGwCa7L7d7Hyjv5IEufeRnK1TqsA3VLRFbcHtKw&random=2780968183

Request Chain 75

https://assets.braintreegateway.com/data/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d HTTP 302
https://ssl.kaptcha.com/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d

Request Chain 80

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14 HTTP 302
https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14

90 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request donate-wrapper Show response
action.eko.org/a/
Redirect Chain

https://action.eko.org/a/donate-wrapper/?akid=141695.23033312.ONZAEz
https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

96 KB
27 KB

76ms
76ms

Document
text/html

66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel / Next.js

Resource Hash

f0fe05c98224ae236e96330132bac1bb7fb43ac5fae1d9abbbc9f3b71c608bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 332
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 26 Dec 2024 09:02:49 GMT
etag: W/"1ejidaxktk23ui"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /a/[campaign_slug]
x-powered-by: Next.js
x-vercel-cache: HIT
x-vercel-id: iad1::iad1::4f8v5-1735207165297-7e9ecf616788

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Thu, 26 Dec 2024 09:59:25 GMT
location: /a/donate-wrapper?akid=141695.23033312.ONZAEz
refresh: 0;url=/a/donate-wrapper?akid=141695.23033312.ONZAEz
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: iad1::w5jnc-1735207165274-6bbae14c9371

GET
H2 200 be73b96b22761013.css
action.eko.org/_next/static/css/ 60 KB
13 KB 19ms
18ms Stylesheet
text/css 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/css/be73b96b22761013.css

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e7c0bda535e3d69a6963adee5c7591ff09fce5cdbcaf86aa30d72a9cb6fdac42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"34525416fbb02389c80cda660dca22bb"
age: 492694
x-matched-path: /_next/static/css/be73b96b22761013.css
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="be73b96b22761013.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::4f8v5-1735207165382-54332eb6e948

GET
H2 200 2dbd38df1217ec6c.css
action.eko.org/_next/static/css/ 1 KB
652 B 20ms
20ms Stylesheet
text/css 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/css/2dbd38df1217ec6c.css

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"077c03d76098a88c00f515eb80809855"
age: 576984
x-matched-path: /_next/static/css/2dbd38df1217ec6c.css
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="2dbd38df1217ec6c.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::g2jvn-1735207165382-51bc96dd2e32

GET
H2 200 webpack-c2091bf624ceeaf1.js Show response
action.eko.org/_next/static/chunks/ 6 KB
3 KB 23ms
19ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/webpack-c2091bf624ceeaf1.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

94e4c01ae02e47232efcd52f9598827c04546a9b1bb5c953c931209a5ef6820f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"03ae5358903af3f00fdfb5ba1bc93dc0"
age: 524310
x-matched-path: /_next/static/chunks/webpack-c2091bf624ceeaf1.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="webpack-c2091bf624ceeaf1.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::g2jvn-1735207165406-66ace1755517

GET
H2 200 framework-3dc6cf18c7d98a48.js Show response
action.eko.org/_next/static/chunks/ 138 KB
46 KB 25ms
22ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/framework-3dc6cf18c7d98a48.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bf8754d316f3c1ba39924f7e2746d6220089073f756acf4c3d8c334a0558b7fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"950d455bc5dd02e861a3419799602701"
age: 494153
x-matched-path: /_next/static/chunks/framework-3dc6cf18c7d98a48.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="framework-3dc6cf18c7d98a48.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::4f8v5-1735207165407-27ccbee7ca34

GET
H2 200 main-2b8f48f8615e987a.js Show response
action.eko.org/_next/static/chunks/ 109 KB
33 KB 61ms
57ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/main-2b8f48f8615e987a.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b6761650624ca02061377299968b0bb6fc64c2e40d2d2f0e90b4ea9ae7ffe057

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"a095621ce803ed24a300dbe9b4945c00"
age: 578006
x-matched-path: /_next/static/chunks/main-2b8f48f8615e987a.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="main-2b8f48f8615e987a.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::d88n5-1735207165407-9c037a4b8541

GET
H2 200 _app-20032c2e1f3311c7.js Show response
action.eko.org/_next/static/chunks/pages/ 1 MB
337 KB 35ms
31ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

edaf389f4a99044d400dd4583eb794ac752aa67eeb28a3dca693caab1a0e829f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"81eae5a2e478ede523b52833f7c549ab"
age: 563487
x-matched-path: /_next/static/chunks/pages/_app-20032c2e1f3311c7.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="_app-20032c2e1f3311c7.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::fgdhj-1735207165407-1e2bcc9546fb

GET
H2 200 c16184b3-85a2b265428b1655.js Show response
action.eko.org/_next/static/chunks/ 3 KB
1 KB 24ms
21ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/c16184b3-85a2b265428b1655.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1d2f5f751a029e1c91ed14a24f48da4d4680c21251629bc17f0046a7ec195034

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"639d19b9ad9b6ae2e9c8682d0b1df3f7"
age: 578006
x-matched-path: /_next/static/chunks/c16184b3-85a2b265428b1655.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="c16184b3-85a2b265428b1655.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::qp8p5-1735207165407-2dca881581ea

GET
H2 200 638014a0-497614741d5f0431.js Show response
action.eko.org/_next/static/chunks/ 307 KB
76 KB 34ms
31ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f8919e77312f2a4234c3b71e85bad6cb358c3ff63686baa7b41076eb04ff8f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"908f065d6aece6cc47b06efc73341b16"
age: 575740
x-matched-path: /_next/static/chunks/638014a0-497614741d5f0431.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="638014a0-497614741d5f0431.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::jcqkg-1735207165407-9af523a69056

GET
H2 200 75fc9c18-6e6e359797342aa6.js Show response
action.eko.org/_next/static/chunks/ 58 KB
20 KB 50ms
48ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/75fc9c18-6e6e359797342aa6.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

0ed7c483fe234f47b5db906d0ef82bf8a1dcb7e87f3f422d04b3b1d8554e8aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"b60a7128ea79fb849dd54524f9f8ddac"
age: 508066
x-matched-path: /_next/static/chunks/75fc9c18-6e6e359797342aa6.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="75fc9c18-6e6e359797342aa6.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::jrvgc-1735207165407-9507038bd938

GET
H2 200 875-7ed3c07dad0c025b.js Show response
action.eko.org/_next/static/chunks/ 466 KB
142 KB 22ms
20ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/875-7ed3c07dad0c025b.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8bd10ac188ddd2f1f2ee06c961e4035ce70e92a836fff69e319f132494ad5f09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"4cec85049ea35bbac1ad527a7529bd64"
age: 509244
x-matched-path: /_next/static/chunks/875-7ed3c07dad0c025b.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="875-7ed3c07dad0c025b.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::s7vlh-1735207165407-436f1a6a6d1f

GET
H2 200 3161-82231b53d7514bc8.js Show response
action.eko.org/_next/static/chunks/ 10 KB
4 KB 57ms
54ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/3161-82231b53d7514bc8.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

1538aeb684c942e705c95b6c85fd754ed7ab0f833d096dfaa3a70b6e9f655f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"557817e8fccc718c0ec064b7acfa3dca"
age: 578006
x-matched-path: /_next/static/chunks/3161-82231b53d7514bc8.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="3161-82231b53d7514bc8.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::n8dpn-1735207165407-77c878d61869

GET
H2 200 2714-ddc9517618276133.js Show response
action.eko.org/_next/static/chunks/ 13 KB
4 KB 34ms
32ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/2714-ddc9517618276133.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8effdbbd29e67ddddfaf8c5e5bdafd0c449965e7cf391e52b31ab3b9e65b4b2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"851e43d04610bde542aae9d0a8478844"
age: 578006
x-matched-path: /_next/static/chunks/2714-ddc9517618276133.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="2714-ddc9517618276133.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::wqgqt-1735207165407-e5e34ebaa356

GET
H2 200 9737-aef83781b4749746.js Show response
action.eko.org/_next/static/chunks/ 115 KB
33 KB 52ms
50ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/9737-aef83781b4749746.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

467eed23abc5f7759d976c9fbb973cc38dba4b277d1cfc9e15696bc0f486c527

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"2d99229fac3c30e9c79504c99ebaf3eb"
age: 578006
x-matched-path: /_next/static/chunks/9737-aef83781b4749746.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="9737-aef83781b4749746.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::wqgqt-1735207165415-4c8ff2c5fd3b

GET
H2 200 %5Bcampaign_slug%5D-dbffe476b5007150.js Show response
action.eko.org/_next/static/chunks/pages/a/ 5 KB
3 KB 60ms
59ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/pages/a/%5Bcampaign_slug%5D-dbffe476b5007150.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

a9a7abc5925ee78d57f12338bf6651c0f6d859f0bb0bc01239ce52e024f2aa81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"c7327e1ec96ba0333087b75851944122"
age: 578006
x-matched-path: /_next/static/chunks/pages/a/%5Bcampaign_slug%5D-dbffe476b5007150.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="[campaign_slug]-dbffe476b5007150.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::4f8v5-1735207165415-eb501a992e02

GET
H2 200 _buildManifest.js Show response
action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/ 1 KB
720 B 48ms
46ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_buildManifest.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e6e3acc1921ff20222abab561df12bd26bd58e9fedb3c910d2ab2b186d4fdce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"3cbe50877ea47fdcb2dcd96a6f8d9548"
age: 558803
x-matched-path: /_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_buildManifest.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::qp8p5-1735207165415-406d1c593a5d

GET
H2 200 _ssgManifest.js Show response
action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/ 168 B
370 B 54ms
52ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_ssgManifest.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7dc42ffebba11642d0baf2550de9893f6baa6a6bc042ecd244a3792669f6b7cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
x-vercel-cache: HIT
etag: "1cec8fa09251c1766d5f1c144ae1c3cb"
age: 578006
x-matched-path: /_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_ssgManifest.js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 168
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="_ssgManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::g2jvn-1735207165415-f427451eebf2

POST
H2 200 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 2 B
297 B 130ms
17ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://action.eko.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H3 200 logger-1.min.js Show response
cdn.logr-ingest.com/ 903 KB
186 KB 152ms
26ms Script
text/javascript 2606:4700:3036::ac43:d163
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.logr-ingest.com/logger-1.min.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3036::ac43:d163 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

787df506f104e98b3516ac91751198f13e2081ad617f8742fb69b6d37a19f678

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"55112cf94314591165d6f062225f15b1bf49369d68310f319b41b28a749b4ec2-br"
age: 263
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yE1vBnn9iRYs0%2FhQbj8w28uJbu8RtLvUiW8ICJOgjJnB7So%2BudZAVkgI2atFwS%2Bgq%2B6ZwrgVrK2H2jW60NPzC2CodB9n1igHvI%2BA03JFY%2FCGVV4%2FaC10hBr1p8aDDEQOT5CbMq%2FFA33opJ%2FsMu1Dk6%2B"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: HIT
server-timing: cfL4;desc="?proto=QUIC&rtt=9025&min_rtt=9013&rtt_var=1917&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4214&recv_bytes=4316&delivery_rate=64571&cwnd=12000&unsent_bytes=0&cid=c24d7916eb72c906&ts=95&x=1", cfExtPri, cfHdrFlush;dur=0
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 24 Dec 2024 15:13:34 GMT
x-served-by: cache-lga21926-LGA
x-cache-hits: 1
vary: x-fh-requested-host, accept-encoding
strict-transport-security: max-age=31556926
priority: u=3,i=?0
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-timer: S1735053385.074927,VS0,VE1
cross-origin-resource-policy: cross-origin
cf-ray: 8f8037d1efd74376-EWR
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 438 KB
133 KB 194ms
93ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PMEW5CDHC1&l=ga4DataLayer

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82efc0ca69e65cf8b9990fa838c650d1b83062b7ce889eddba9c4dd86472f0a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Dec 2024 09:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 136037
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 316 KB
104 KB 140ms
40ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

832e81e3a365fa088fc4d781e48dd5ea6533f95b0a498f9d0ae931fe54622d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 26 Dec 2024 09:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105958
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 enterprise.js Show response
www.google.com/recaptcha/ 2 KB
1 KB 82ms
34ms Script
text/javascript 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29fc8aea2dbd87b852a1c1401dc311a6f148e27d59ce80457eb9b2b00b2a0eba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 26 Dec 2024 09:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 26 Dec 2024 09:59:25 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 2dbd38df1217ec6c.css Show response
action.eko.org/_next/static/css/ 1 KB
0 0ms
0ms Fetch
text/css 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://action.eko.org/_next/static/css/2dbd38df1217ec6c.css
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.33.60.130 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Vercel /
Resource Hash: eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-80985c19aa88ff5e-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"077c03d76098a88c00f515eb80809855"
age: 576984
x-matched-path: /_next/static/css/2dbd38df1217ec6c.css
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="2dbd38df1217ec6c.css"
content-type: text/css; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::g2jvn-1735207165382-51bc96dd2e32

GET
H2 200 Poppins-Regular.woff2
action.eko.org/fonts/ 48 KB
48 KB 19ms
18ms Font
font/woff2 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/fonts/Poppins-Regular.woff2

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/css/be73b96b22761013.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8b897b9fecc3c8751c321c06c243e75ac3e533b7f594bca75a68cf40e5fe3206

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://action.eko.org
Referer: https://action.eko.org/_next/static/css/be73b96b22761013.css

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "bebb23ead35b42aaf2cb2ddf30d5339b"
age: 578006
x-matched-path: /fonts/Poppins-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 49048
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="Poppins-Regular.woff2"
content-type: font/woff2
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:59 GMT
x-vercel-id: iad1::rk55n-1735207165784-e0e2f5bd22bc

GET
H2 200 _buildManifest.js Show response
action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/ 1 KB
608 B 18ms
17ms Fetch
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_buildManifest.js?1735207165779

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

e6e3acc1921ff20222abab561df12bd26bd58e9fedb3c910d2ab2b186d4fdce9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-81299bb8c7518741-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"3cbe50877ea47fdcb2dcd96a6f8d9548"
age: 516406
x-matched-path: /_next/static/Tu2u9vSkfMJ0OTV_tZuFD/_buildManifest.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:25 GMT
content-disposition: inline; filename="_buildManifest.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:25:58 GMT
x-vercel-id: iad1::rk55n-1735207165789-8691581bbd11

GET
H2 200 geo Show response
action.eko.org/api/member/ 33 B
158 B 147ms
146ms Fetch
application/json 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/member/geo

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2167545ceed2d2d0a16289ee581af5de8dedea25123804767bc51c0d60b5bae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-b5b2456973ff4e55-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: MISS
x-matched-path: /api/member/geo
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/json
server: Vercel
x-vercel-id: iad1::rk55n-1735207165795-f5e383b89227

GET
H2 200 sdk-bNj7ZTsKYzLGY2TN Show response
cdn.growthbook.io/api/features/ 20 KB
15 KB 45ms
10ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-bNj7ZTsKYzLGY2TN
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 26694100d855cd68c025def769c294002529c65e28f3d049876b047690395faf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

access-control-expose-headers: x-sse-support
content-encoding: gzip
etag: W/"4f51-A85DDsEaLHbchy5Uhmpa4OQJlFA"
age: 1889
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kjyo7100079-IAD, cache-lga21924-LGA
x-cache-hits: 1, 0
vary: Accept-Encoding
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-timer: S1735207166.828546,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-sse-support: enabled
content-length: 15426
x-powered-by: Express

GET ea8a7767-32c2-40da-a7a0-fc59f984e1c0
https://action.eko.org/ Frame 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/ 547 KB
216 KB 55ms
17ms Script
text/javascript 2607:f8b0:4004:c21::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c21::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://action.eko.org
Referer: https://action.eko.org/

Response headers

content-encoding: gzip
age: 42997
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Thu, 25 Dec 2025 22:02:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Dec 2024 22:02:48 GMT
last-modified: Tue, 10 Dec 2024 23:05:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 220882
x-xss-protection: 0
server: sffe

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
100 KB 34ms
33ms Script
application/javascript 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658075530&l=dataLayer&cx=c&gtm=45He4cc1v9177287219za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37009c285d7ed0049e02f59a24ae9dc1c04e10bd5f7e9fa27ec3b94fbaa30194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 26 Dec 2024 09:59:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 26 Dec 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 102091
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 sdk-bNj7ZTsKYzLGY2TN
cdn.growthbook.io/sub/ 22 B
0 17ms
17ms EventSource
text/event-stream 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-bNj7ZTsKYzLGY2TN
Requested by: Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1735207166.911408,VS0,VE7
age: 4
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, MISS
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kcgs7200104-IAD, cache-lga21924-LGA
x-cache-hits: 2, 0

GET
H2 200 geo Show response
action.eko.org/api/member/ 33 B
123 B 56ms
32ms Fetch
application/json 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/member/geo

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2167545ceed2d2d0a16289ee581af5de8dedea25123804767bc51c0d60b5bae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-b7dfbeba4f1dd31a-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: MISS
x-matched-path: /api/member/geo
date: Thu, 26 Dec 2024 09:59:25 GMT
content-type: application/json
server: Vercel
x-vercel-id: iad1::fgdhj-1735207165943-80ae29f85f33

GET
H3 200 anchor
www.google.com/recaptcha/enterprise/ Frame BFC2 0
0 101ms
41ms Document
text/html 2607:f8b0:400d:c01::93
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdTZbYUAAAAAFwasHZq7BZMxMpxFBq66UhaWhIq&co=aHR0cHM6Ly9hY3Rpb24uZWtvLm9yZzo0NDM.&hl=en&v=zIriijn3uj5Vpknvt_LnfNbF&size=invisible&cb=3bpxeo7j0tyy

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zIriijn3uj5Vpknvt_LnfNbF/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::93 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sSopXU-D4FplvEviDFZ-DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sSopXU-D4FplvEviDFZ-DA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 09:59:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK favico.ico
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 4 KB
5 KB 298ms
104ms Other
image/x-icon 3.5.81.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/favico.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.81.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ee6da6d74d2eb9f06aca74cb5d8053884676a45cf9e7b2c4814c33a09162a3cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

x-amz-id-2: qR+J8IaelqyYujz1F3pGrlsAba7k+yZWeZeD4d1TLFgSFn6V3kDq20cgfVUem4gfwsoVtCjhXQnjSSJ5fGflIA==
ETag: "b8c38945e21d36e0eae78f5aa2dc2af0"
x-amz-request-id: X5Y0JBW2CMHGVDPD
Accept-Ranges: bytes
Content-Length: 4286
Date: Thu, 26 Dec 2024 09:59:27 GMT
Last-Modified: Thu, 25 Apr 2024 16:14:23 GMT
Content-Type: image/x-icon
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 551.05a4377f6435144f.js Show response
action.eko.org/_next/static/chunks/ 1 KB
915 B 21ms
20ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/551.05a4377f6435144f.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-c2091bf624ceeaf1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2f17c43ac8c827fb8dd0e02c94de8bf29c160758872c45190e198a368eb7607f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"74b513c7a17e70a3fa1282426ba0889e"
age: 500750
x-matched-path: /_next/static/chunks/551.05a4377f6435144f.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:26 GMT
content-disposition: inline; filename="551.05a4377f6435144f.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:26:00 GMT
x-vercel-id: iad1::jltq2-1735207166513-57419434fa57

GET
H/1.1 200
OK Eko_Logo_Purple.svg
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 1 KB
2 KB 243ms
92ms Image
image/svg+xml 3.5.81.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/Eko_Logo_Purple.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.81.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f680993d38ab5fb27f295afc5e25cff413bb2db882c6adee4730963937055b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

x-amz-id-2: gn5vf545lfMyP8g2x3CZdZI+KtV1f203/MRi/2GUfR54bhn1nMEeAAAMubFLLPXdU1ghzz2VlQMUitWIQTl7tA==
ETag: "b529f6ab691fcfc4893374968421abb9"
x-amz-request-id: X5YCC5T41CXKHWNR
Accept-Ranges: bytes
Content-Length: 1200
Date: Thu, 26 Dec 2024 09:59:27 GMT
Last-Modified: Fri, 06 Jan 2023 12:52:35 GMT
Content-Type: image/svg+xml
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 image
action.eko.org/_next/ 9 KB
9 KB 38ms
38ms Image
image/webp 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://action.eko.org/_next/image?url=https%3A%2F%2Fsumofus.imgix.net%2Fimages%2Fcontents%2F000%2F023%2F551%2Foriginal%2FEKO-Cover_Photo_v2_FB.png%3Fcrop%3Dedges%26auto%3Dformat%26fit%3Dclip%26w%3D980%26h%3D500%26ixlib%3Dreact-9.8.1&w=640&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

91bc1bc9ae28d0e35d540f6ca440006a5e16b070ff7d0d0d49d05d8c35f4e75e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
cache-control: public, max-age=31536000, must-revalidate
x-vercel-cache: HIT
x-vercel-id: iad1::rltvp-1735207166515-bd54bcbc5b32
age: 1887885
content-length: 8958
date: Wed, 04 Dec 2024 13:34:41 GMT
content-disposition: inline; filename="EKO-Cover_Photo_v2_FB.webp"
content-type: image/webp
server: Vercel
last-modified: Wed, 04 Dec 2024 13:34:41 GMT
vary: Accept

GET
H/1.1 200
OK Eko_Logo_White.svg
champaign-assets-production.s3.us-west-2.amazonaws.com/unique/ 1 KB
2 KB 267ms
103ms Image
image/svg+xml 3.5.81.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://champaign-assets-production.s3.us-west-2.amazonaws.com/unique/Eko_Logo_White.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.81.117 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d70128e4980e86c085a22261c696ee11385c6a3063e7865cac40730cf3c1f54a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

x-amz-id-2: 7vvOm5TbbE1l06zawYPX+ocjC5oY75AG0fWRHi3SJBnzkUtt0DDl1pa0RiyFEOfpOdyy90xlkqOpM5OpDE5zrQ==
ETag: "80b85711688fefa79dad42401accc2fc"
x-amz-request-id: X5Y664R20BKCK9NF
Accept-Ranges: bytes
Content-Length: 1200
Date: Thu, 26 Dec 2024 09:59:27 GMT
Last-Modified: Fri, 06 Jan 2023 12:52:38 GMT
Content-Type: image/svg+xml
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 Poppins-Bold.woff2
action.eko.org/fonts/ 48 KB
48 KB 18ms
17ms Font
font/woff2 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/fonts/Poppins-Bold.woff2

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/css/be73b96b22761013.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

7d65b2e5e0e2ccfd42a74c7fabfd7295c1bddbf5f90f35d90120a1afca776c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://action.eko.org
Referer: https://action.eko.org/_next/static/css/be73b96b22761013.css

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: HIT
etag: "e4c7b713e4aa4df2effbb68ae349eabd"
age: 510454
x-matched-path: /fonts/Poppins-Bold.woff2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48748
date: Thu, 26 Dec 2024 09:59:26 GMT
content-disposition: inline; filename="Poppins-Bold.woff2"
content-type: font/woff2
server: Vercel
last-modified: Thu, 19 Dec 2024 17:26:00 GMT
x-vercel-id: iad1::jltq2-1735207166526-ddaa9e0b5d20

GET
H2 200 6408.4d561433c0e4c222.js Show response
action.eko.org/_next/static/chunks/ 37 KB
12 KB 23ms
22ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/6408.4d561433c0e4c222.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-c2091bf624ceeaf1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

dbaafe7a1006e416a1efd1e53fb4f1af18c71d58b8779b058fb941cc9c31ddf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"6a91674730d88c471b80139e59e338a9"
age: 577949
x-matched-path: /_next/static/chunks/6408.4d561433c0e4c222.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:26 GMT
content-disposition: inline; filename="6408.4d561433c0e4c222.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:26:56 GMT
x-vercel-id: iad1::jltq2-1735207166529-22b955d4dfda

GET
H2 200 6154.1d1279f9f41cc7a3.js Show response
action.eko.org/_next/static/chunks/ 29 KB
11 KB 37ms
36ms Script
application/javascript 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/webpack-c2091bf624ceeaf1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ce6785673dc22cb997b9f1f4737078668ecd2b60eea10138ad4abdd891b92522

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public,max-age=31536000,immutable
content-encoding: br
x-vercel-cache: HIT
etag: W/"272721c8b42976d786d0c5a9ba1b7cb0"
age: 499538
x-matched-path: /_next/static/chunks/6154.1d1279f9f41cc7a3.js
access-control-allow-origin: *
date: Thu, 26 Dec 2024 09:59:26 GMT
content-disposition: inline; filename="6154.1d1279f9f41cc7a3.js"
content-type: application/javascript; charset=utf-8
server: Vercel
last-modified: Thu, 19 Dec 2024 17:26:56 GMT
x-vercel-id: iad1::fgdhj-1735207166543-2165934b0757

GET
H2

201

status Show response
action.eko.org/api/
Redirect Chain

https://action.eko.org/api/status/
https://action.eko.org/api/status

23 B
181 B

37ms
36ms

Fetch
application/json

66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/status

Protocol

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

6716727ba6856e8902b1c9c6d7b4b2b7ddb1e14cbec10e44a7d6bf76d5edd813

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
x-vercel-cache: MISS
etag: "fyldulds3xn"
age: 0
x-matched-path: /api/status
content-length: 23
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: application/json; charset=utf-8
server: Vercel
x-vercel-id: iad1::iad1::fgdhj-1735207166640-eb43744fa139

Redirect headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
location: /api/status
refresh: 0;url=/api/status
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: text/plain
server: Vercel
x-vercel-id: iad1::rltvp-1735207166536-adeb77f30f78

POST
H3 200 collect
www.google.com/ccm/ 0
0 32ms
31ms Ping
text/plain 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper&scrsrc=www.googletagmanager.com&frm=0&rnd=402146544.1735207167&dt=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&auid=639318363.1735207167&navt=n&npa=0&gtm=45He4cc1v9177287219za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735207166544&tfd=1414&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658075530/ 4 KB
2 KB 78ms
34ms Script
text/javascript 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658075530/?random=1735207166034&cv=11&fst=1735207166034&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658075530&l=dataLayer&cx=c&gtm=45He4cc1v9177287219za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec380b1ead6c3fc83a8619c847e1bfaa420d07f0db16d50518b7bd129ec3be7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2306
date: Thu, 26 Dec 2024 09:59:26 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 658075530
td.doubleclick.net/td/rul/ Frame E038 0
0 75ms
34ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/658075530?random=1735207166034&cv=11&fst=1735207166034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658075530&l=dataLayer&cx=c&gtm=45He4cc1v9177287219za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 09:59:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 658075530
td.doubleclick.net/td/rul/ Frame DC77 0
0 116ms
36ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658075530&l=dataLayer&cx=c&gtm=45He4cc1v9177287219za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 09:59:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.com/pagead/1p-user-list/658075530/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658075530/?random=1735207166034&cv=11&fst=1735207166034&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb917...
https://www.google.com/pagead/1p-user-list/658075530/?random=1735207166034&cv=11&fst=1735203600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5...

42 B
64 B

31ms
30ms

Image
image/gif

2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658075530/?random=1735207166034&cv=11&fst=1735203600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&is_vtc=1&cid=CAQSGwCa7L7d7Hyjv5IEufeRnK1TqsA3VLRFbcHtKw&random=2780968183

Protocol

Server

2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Dec 2024 09:59:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
location: https://www.google.com/pagead/1p-user-list/658075530/?random=1735207166034&cv=11&fst=1735203600000&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&is_vtc=1&cid=CAQSGwCa7L7d7Hyjv5IEufeRnK1TqsA3VLRFbcHtKw&random=2780968183
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Thu, 26 Dec 2024 09:59:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
553 B 64ms
25ms Ping
text/plain 2607:f8b0:4004:c21::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PMEW5CDHC1&cid=304309820.1735207167&gtm=45je4cc1v868788875za200&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMEW5CDHC1&l=ga4DataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c21::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://action.eko.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame F893 0
0 34ms
33ms Document
text/html 2607:f8b0:4004:c17::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-PMEW5CDHC1&gacid=304309820.1735207167&gtm=45je4cc1v868788875za200&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&z=888599558

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PMEW5CDHC1&l=ga4DataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Dec 2024 09:59:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect
www.google.com/ccm/ 0
0 32ms
31ms Ping
text/plain 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=user_id_update&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper&scrsrc=www.googletagmanager.com&frm=0&rnd=402146544.1735207167&dt=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&auid=639318363.1735207167&navt=n&npa=0&ga_uid=G-PMEW5CDHC1.23033312&gtm=45He4cc1v9177287219za200&gcs=G111&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1735207166605&tfd=1474&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

POST
H2 204 collect Show response
analytics.google.com/g/ 0
553 B 72ms
34ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je4cc1v868788875za200&_p=1735207165653&_gaz=1&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&cid=304309820.1735207167&ecid=1572874503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&_s=1&sid=1735207166&sct=1&seg=0&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&dt=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&en=scroll&_fv=1&_nsi=1&_ss=1&ep.anonymize_ip=false&epn.percent_scrolled=90&tfd=1470
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://action.eko.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect Show response
analytics.google.com/g/ 0
57 B 72ms
35ms Fetch
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PMEW5CDHC1&gtm=45je4cc1v868788875za200&_p=1735207165653&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102123608~102198178&cid=304309820.1735207167&ecid=1572874503&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=AAAACA&_s=2&dt=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&dp=%2Fa%2Fdonate-wrapper&sid=1735207166&sct=1&seg=1&ci=141695&cm=email&cn=donate-wrapper&cs=mailing&uid=23033312&en=page_view&_ee=1&ep.anonymize_ip=false&ep.page_hash=&_et=5&tfd=1486
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://action.eko.org
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: text/plain
server: Golfe2

GET
H2 403 0259555302.js
kit.fontawesome.com/ 0
0 95ms
60ms Script
text/plain 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/0259555302.js
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/main-2b8f48f8615e987a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

access-control-max-age: 3000
x-request-id: GBSxuX7CQhJbu6pvv0rh
cache-control: max-age=0, private, must-revalidate
cf-cache-status: MISS
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f8037d7ab4b4288-EWR
access-control-allow-origin: *
content-length: 9
date: Thu, 26 Dec 2024 09:59:26 GMT
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 42ms
15ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-TWPeDC3q' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-TWPeDC3q' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4524, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: LY4lIeJiYzB2VZ/0cgU5uXJQiYGE0xpc+yYHHPCexT0pCE/ZHtwoyJVX+oP3Rrdy2Qi8sNmG56AkPEf6pbV3RA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62282
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 126E 0
0 93ms
23ms Document
text/html 2607:f8b0:400d:c09::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Faction.eko.org

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MSGMG2JQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 248577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Dec 2024 12:56:29 GMT
expires: Tue, 23 Dec 2025 12:56:29 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 geo Show response
action.eko.org/api/member/ 33 B
124 B 48ms
35ms Fetch
application/json 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/member/geo

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2167545ceed2d2d0a16289ee581af5de8dedea25123804767bc51c0d60b5bae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-8adb252124ee7c87-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: MISS
x-matched-path: /api/member/geo
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: application/json
server: Vercel
x-vercel-id: iad1::4f8v5-1735207166700-af857237fd15

GET
H2 200 token Show response
action.eko.org/api/braintree/ 4 KB
2 KB 136ms
136ms Fetch
application/json 66.33.60.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://action.eko.org/api/braintree/token?merchantAccountId=sumofus

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.33.60.130 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

5b0bf1824e179ce4136096ad5e1aaa03d96e9423184b892f736514275111d224

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sentry-trace: 3490f2bb5179428284cec537623a74c4-b424eac0885fc07f-1
Referer: https://action.eko.org/a/donate-wrapper?akid=141695.23033312.ONZAEz
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
baggage: sentry-environment=production,sentry-release=9d111078d67dc15eacb1a0fadc2338759a9e1bb5,sentry-public_key=1e52508b98b44ddd832ef40b2600f26e,sentry-trace_id=3490f2bb5179428284cec537623a74c4,sentry-sample_rate=1,sentry-transaction=%2Fa%2F%5Bcampaign_slug%5D,sentry-sampled=true

Response headers

strict-transport-security: max-age=63072000
cache-control: public, max-age=0, must-revalidate
content-encoding: br
x-vercel-cache: MISS
etag: W/"8q30kuuivg2s4"
age: 0
x-matched-path: /api/braintree/token
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: application/json; charset=utf-8
server: Vercel
x-vercel-id: iad1::iad1::rltvp-1735207166740-a30035356623

GET
H3 200 /
www.google.com/pagead/1p-user-list/658075530/ 42 B
64 B 27ms
26ms Image
image/gif 2607:f8b0:400d:c01::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658075530/?random=1735207166034&cv=11&fst=1735203600000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v870589530z89177287219za200zb9177287219&gcd=13t3t3t3t5l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&hn=www.googleadservices.com&frm=0&tiba=Donate%20now%20to%20keep%20Ek%C5%8D%20strong&npa=0&pscdl=noapi&auid=639318363.1735207167&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dOWThiyC9OIm-cUH9FCWgiKtPW-slYA&random=2124201036&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c01::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Thu, 26 Dec 2024 09:59:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 938117079582809 Show response
connect.facebook.net/signals/config/ 69 KB
14 KB 19ms
19ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/938117079582809?v=2.9.179&r=stable&domain=action.eko.org&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2ee7a632a3fb0b363ca16927177ae23d3962c1f0988b18b44ce9c8cd845adddf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-c2LIfoWT' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-c2LIfoWT' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=73, mss=1232, tbw=71274, tp=67, tpl=0, uplat=4, ullat=-1
pragma: public
x-fb-debug: HMlBM7pTNQ9BNe/9q2k6s+7Div2FtocopnaS1dFVYY65pF5234yOCORfsx+mXzMuFlnbvptHpadMswOxFpS1fw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 14249
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 36ms
15ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=938117079582809&ev=PageView&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&rl=&if=false&ts=1735207166777&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735207166775.776997890117501260&ler=empty&cdl=API_unavailable&it=1735207166740&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4577, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
197 B 103ms
83ms Image
image/png 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=938117079582809&ev=PageView&dl=https%3A%2F%2Faction.eko.org%2Fa%2Fdonate-wrapper%3Fakid%3D141695.23033312.ONZAEz&rl=&if=false&ts=1735207166777&sw=1600&sh=1200&v=2.9.179&r=stable&ec=0&o=4126&fbp=fb.1.1735207166775.776997890117501260&ler=empty&cdl=API_unavailable&it=1735207166740&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7452658031012666923"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Dec 2024 09:59:26 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: cn+OI3ovfpDBM895I3oHAgd7z+ZsPwEStLOeiuW8MKoMNmP3sSNT43JH+kKmEMB1rAYDbXXqG2/WOOB9S/AbCw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7452658031012666923", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4945, tp=13, tpl=0, uplat=65, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 92ms
20ms Preflight 3.210.51.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.210.51.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-51-78.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://action.eko.org
access-control-max-age: 1800
date: Thu, 26 Dec 2024 09:59:26 GMT
paypal-debug-id: 0f0650c6e26c4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 3 KB
2 KB 77ms
76ms XHR
application/json 3.210.51.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.210.51.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-210-51-78.compute-1.amazonaws.com

Software

nginx /

Resource Hash

83b24b7af1374d4db06ca1938420f52bf2b858ec53ef87808c1fb84da31862b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MzUyOTM1NjYsImp0aSI6IjRmNjQzMmY1LTkzNTgtNGZmMi05MWI5LWE3ZGFmY2YxMGM0MSIsInN1YiI6InE0YnRxNHRieWtzbXZqdnMiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InE0YnRxNHRieWtzbXZqdnMiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6eyJtZXJjaGFudF9hY2NvdW50X2lkIjoic3Vtb2Z1cyJ9fQ.ckoTsE4cg06pqHWPZA8oq5RxpsHBS3lzNDCttHXlb7q1uNRr0jRyTR3xuzE48m8yg0TpMmZ4K-1u0bjY2v5pow
Referer: https://action.eko.org/
Braintree-Version: 2018-05-10
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache, no-store
paypal-debug-id: a9a9eb61dfbb4
braintree-version: 2016-10-07
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://action.eko.org
content-length: 1362
date: Thu, 26 Dec 2024 09:59:27 GMT
content-type: application/json
vary: Braintree-Version, Accept-Encoding
server: nginx
x-frame-options: DENY

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 116ms
27ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 115ms
26ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 48ms
46ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 48ms
42ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 103ms
28ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 103ms
26ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/ 5 KB
3 KB 50ms
23ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: "0f522ada62dd81:0"
age: 10
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yQxErd9fMqExkTuSCERGsRQhmFlOvieht%2BfzWOMiC3IB%2BfsHHjr1RBuaUILQLEBmutlOtUyzCQ6ucZbLjfD4VR4I6v5MpobYrRi5igEVAFL5g3t6R3AzZ1JT9ghRbdLnuQ2Uv5fnyviCWqrIe%2BWrfkGDegU1yYNRZwO%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
expires: Thu, 26 Dec 2024 13:59:27 GMT
date: Thu, 26 Dec 2024 09:59:27 GMT
content-type: application/javascript
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8037da3e41f793-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2490
server: cloudflare

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 43ms
41ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 42ms
37ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

GET
H2 200 dispatch-frame.min.html
assets.braintreegateway.com/web/3.102.0/html/ Frame 8939 0
0 79ms
11ms Document
text/html 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.102.0/html/dispatch-frame.min.html

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/638014a0-497614741d5f0431.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 3558
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Thu, 26 Dec 2024 09:59:27 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6633f9a1-2d9c"
last-modified: Thu, 02 May 2024 20:37:53 GMT
paypal-debug-id: 3d0a3de373501
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-00000000000000000003d0a3de373501-c268df7c2ca27f1f-01
vary: Accept-Encoding, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 26298, 0
x-content-type-options: nosniff
x-served-by: cache-dfw-kdfw8210044-DFW, cache-lga21938-LGA
x-timer: S1735207167.122927,VS0,VE1

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 44ms
28ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 70 KB
24 KB 44ms
10ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (dac/9C80) /

Resource Hash

72561daecad9d07460125458467e9c4ae115aa992bf99bf5856d7606519be13c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

access-control-max-age: 86400
paypal-debug-id: 425366a381362
content-encoding: gzip
etag: W/"673387c8-118bf"
age: 165815
x-content-type-options: nosniff
access-control-allow-methods: GET
traceparent: 00-0000000000000000000425366a381362-e5246d166f03d224-01
expires: Fri, 27 Dec 2024 09:59:27 GMT
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
x-cache: HIT
date: Thu, 26 Dec 2024 09:59:27 GMT
content-type: application/javascript
x-served-by: cache-lga21975-LGA
x-cache-hits: 25240
last-modified: Tue, 12 Nov 2024 16:52:24 GMT
access-control-allow-headers: x-csrf-token
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate,max-age=86400
timing-allow-origin: *
x-timer: S1735207167.087576,VS0,VE1
access-control-allow-credentials: false
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23767
server: ECAcc (dac/9C80)

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 105ms
29ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

logo.htm
ssl.kaptcha.com/ Frame 7062
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d
https://ssl.kaptcha.com/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d

0
0

314ms
83ms

Document
text/html

54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d
Requested by: Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/6154.1d1279f9f41cc7a3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 41
Content-Type: text/html
Date: Thu, 26 Dec 2024 09:59:27 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 8ba8122c-30ad-410d-b88b-cf69f8a49800

Redirect headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public, max-age=3600
content-length: 138
content-type: text/html
date: Thu, 26 Dec 2024 09:59:27 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://ssl.kaptcha.com/logo.htm?m=null&s=51c1390d352ba02d85511fb40e96d19d
paypal-debug-id: 49f604e42effd
strict-transport-security: max-age=31557600
traceparent: 00-000000000000000000049f604e42effd-d11ae49c882c0930-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-dfw-kdfw8210069-DFW, cache-lga21938-LGA
x-timer: S1735207167.122905,VS0,VE186

OPTIONS
H/1.1 200
OK q4btq4tbyksmvjvs
client-analytics.braintreegateway.com/ Frame 0
0 71ms
26ms Preflight 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 1.597f4104d311c33d4189.songbird.js Show response
songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/ 388 KB
112 KB 58ms
33ms Script
application/javascript 2606:4700::c6d9:fbfb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://songbird.cardinalcommerce.com/edge/v1/597f4104d311c33d4189/1.597f4104d311c33d4189.songbird.js

Requested by

Host: songbird.cardinalcommerce.com
URL: https://songbird.cardinalcommerce.com/edge/v1/songbird.js

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://action.eko.org
Referer: https://action.eko.org/

Response headers

content-encoding: gzip
cf-bgj: minify
etag: W/"0f522ada62dd81:0"
age: 9283757
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BXECexB46%2F6A29vxpWIR82Nzz4sG5TvdZ%2FX0tAayYjkheq6DfYelm4GY8dPgdDyzMT1lMpE3%2FaK4Maqrujiu5FCSK4lGDU9CmC5g401nEFbZAYqMNsO3gcvGp9X%2BkuM6N9RjstGRtnqHGgsGPP%2Bh0m5sKNIbiQ%2FHGoK0"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST
expires: Tue, 24 Jun 2025 09:59:27 GMT
cf-polished: origSize=397453
date: Thu, 26 Dec 2024 09:59:27 GMT
content-type: application/javascript
last-modified: Tue, 01 Mar 2022 19:58:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f8037da8941c472-EWR
access-control-allow-origin: *
server: cloudflare

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 56ms
30ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

GET
H2 200 i
c.paypal.com/v1/r/d/ Frame 6137 0
0 116ms
97ms Document
text/html 151.101.193.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.21 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://action.eko.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 43087f6aaf307
date: Thu, 26 Dec 2024 09:59:27 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 43087f6aaf307
server-timing: "traceparent;desc="00-000000000000000000043087f6aaf307-4707e1907cc82f2d-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-000000000000000000043087f6aaf307-b56f0f348e20874d-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-iad-kcgs7200158-IAD, cache-lga21945-LGA
x-timer: S1735207167.148355,VS0,VE89
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
lvs.stats.paypal.com/ Frame B36D
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14
https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14

42 B
299 B

253ms
79ms

Image
image/jpeg

35.235.122.5
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14
Protocol: HTTP/1.1
Server: 35.235.122.5 Los Angeles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 5.122.235.35.bc.googleusercontent.com
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

Content-Length: 42
Date: Thu, 26 Dec 2024 09:59:27 GMT
Content-Type: image/jpeg
Connection: close
Server: PayPal-B.Stats/1.0

Redirect headers

Location: https://lvs.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=e6e1e760bcfa52a1605c3fb9c53e020c&t=1735207167.048&a=14
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Content-Type: application/octet-stream
Connection: close
Server: PayPal-B.Stats/1.0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ 0
500 B 138ms
97ms Image
text/plain 2a04:4e42:600::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=e6e1e760bcfa52a1605c3fb9c53e020c&s=BRAINTREE_SIGNIN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://action.eko.org/

Response headers

paypal-debug-id: 915595f1570b4
access-control-expose-headers: Server-Timing
correlation-id: 915595f1570b4
traceparent: 00-0000000000000000000915595f1570b4-672421ac7d1a7593-01
server-timing: "traceparent;desc="00-0000000000000000000915595f1570b4-eccfa21c4a1af1dd-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-cache: MISS, MISS
date: Thu, 26 Dec 2024 09:59:27 GMT
x-served-by: cache-iad-kiad7000164-IAD, cache-lga21941-LGA
x-cache-hits: 0, 0
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
timing-allow-origin: *
x-timer: S1735207167.168285,VS0,VE87
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 0

POST
H/1.1 200
OK q4btq4tbyksmvjvs Show response
client-analytics.braintreegateway.com/ 0
349 B 40ms
34ms XHR
text/plain 13.59.183.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/q4btq4tbyksmvjvs

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.59.183.69 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-59-183-69.us-east-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://action.eko.org/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://action.eko.org
Content-Length: 0
Date: Thu, 26 Dec 2024 09:59:27 GMT
Server: nginx
Access-Control-Allow-Headers

POST
H2 429 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 198 B
282 B 45ms
27ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://action.eko.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-sentry-rate-limits: 28:transaction;profile:project:smart_rate_limit
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
retry-after: 28
content-encoding: zstd
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:28 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: nginx

OPTIONS
H2 204 i
r.logr-ingest.com/ Frame 0
0 123ms
35ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.logr-ingest.com/i?a=vw8gdk%2Fproduction-c53vb&r=5-f833598f-daf5-431f-b6b3-9c19df6c217a&t=9e3271fb-b668-495a-a0a9-030ad2540871&s=0&u=e834032d-73e4-467a-be75-7136a85da2b3&is=1&rs=0%2Cu

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://action.eko.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 26 Dec 2024 09:59:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.logr-ingest.com/ 4 KB
5 KB 125ms
86ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.logr-ingest.com/i?a=vw8gdk%2Fproduction-c53vb&r=5-f833598f-daf5-431f-b6b3-9c19df6c217a&t=9e3271fb-b668-495a-a0a9-030ad2540871&s=0&u=e834032d-73e4-467a-be75-7136a85da2b3&is=1&rs=0%2Cu

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

ff4122bc115769d571f01d773fab3a854698ed209f36aa2f9c29b5b9a54d4fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

X-LogRocket-Relay-Version: 2024.9.0
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/octet-stream

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 1728000
etag: W/"1063-MmjkGQRUjdVz7cSSJ9skSoB/npw"
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
content-length: 4195
date: Thu, 26 Dec 2024 09:59:29 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version

POST
H3 200 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 2 B
19 B 20ms
19ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://action.eko.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:29 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

POST
H3 200 / Show response
o142675.ingest.sentry.io/api/6382461/envelope/ 41 B
58 B 20ms
17ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0

Requested by

Host: action.eko.org
URL: https://action.eko.org/_next/static/chunks/pages/_app-20032c2e1f3311c7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

284b36b7aa48fe6f87af6a4c15e5f908efda1a536efe46afdbe75691367e6cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://action.eko.org/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Dec 2024 09:59:29 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers
server: nginx

GET
H2 200 sdk-bNj7ZTsKYzLGY2TN
cdn.growthbook.io/sub/ 22 B
0 10ms
10ms EventSource
text/event-stream 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-bNj7ZTsKYzLGY2TN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://action.eko.org/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1735207171.377073,VS0,VE1
age: 9
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
date: Thu, 26 Dec 2024 09:59:31 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kcgs7200104-IAD, cache-lga21924-LGA
x-cache-hits: 2, 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: action.eko.org
URL: blob:https://action.eko.org/ea8a7767-32c2-40da-a7a0-fc59f984e1c0

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
action.eko.org/	1970-01-21 02:00:14	Name: unique_id Value: Oe6AqjOcdcKNOtE3
action.eko.org/	1970-01-21 10:45:46	Name: pronto_id Value: saXLFXx3vNoWC4mjg5Rjd8Fl
action.eko.org/	1970-01-21 04:09:46	Name: _eko_mdk Value: fwbyoFoveNsS9u-PafsJ3mri
action.eko.org/	1970-01-21 02:01:33	Name: _lr_tabs_-vw8gdk%2Fproduction-c53vb Value: {%22recordingID%22:%225-f833598f-daf5-431f-b6b3-9c19df6c217a%22%2C%22sessionID%22:0%2C%22lastActivity%22:1735207166039%2C%22hasActivity%22:false}
action.eko.org/	1970-01-21 02:01:33	Name: _lr_hb_-vw8gdk%2Fproduction-c53vb Value: {%22heartbeat%22:1735207166040}
action.eko.org/	1969-12-31 23:59:59	Name: _lr_uf_-vw8gdk Value: 2e389106-e0c0-49b0-b290-f1af923445da
.eko.org/	1970-01-21 04:09:43	Name: _gcl_au Value: 1.1.639318363.1735207167
.eko.org/	1970-01-21 11:36:07	Name: _ga Value: GA1.1.304309820.1735207167
.eko.org/	1970-01-21 11:36:07	Name: _ga_PMEW5CDHC1 Value: GS1.1.1735207166.1.1.1735207166.60.1.1572874503
.doubleclick.net/	1970-01-21 02:00:08	Name: test_cookie Value: CheckForPermission
.eko.org/	1970-01-21 04:09:43	Name: _fbp Value: fb.1.1735207166775.776997890117501260
.paypal.com/	1970-01-21 11:36:07	Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK Value: xPEQmx4Whpjwxq1zaIsfbXKTV37qyR_ySd4M3RIp8Yr2H4M2Ni23J_XAa8Y3NLOUrXcCyQWm31QzDD6x
.paypal.com/	1970-01-21 02:00:08	Name: l7_az Value: dcg16.slc
.paypal.com/	1970-01-21 11:36:07	Name: sc_f Value: olDGkFT1qrxSFT3V5sKw31a62aJKWPCG4qrCWO80fHUUl76e9pg6hNjfCbQqdP-rKTKFp2XKqV9yNcrIYsGINUW5zTbl2BCsSurF7W

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://kit.fontawesome.com/0259555302.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://o142675.ingest.sentry.io/api/6382461/envelope/?sentry_key=1e52508b98b44ddd832ef40b2600f26e&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.114.0 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

action.eko.org
analytics.google.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.growthbook.io
cdn.logr-ingest.com
champaign-assets-production.s3.us-west-2.amazonaws.com
client-analytics.braintreegateway.com
connect.facebook.net
googleads.g.doubleclick.net
kit.fontawesome.com
lvs.stats.paypal.com
o142675.ingest.sentry.io
payments.braintree-api.com
r.logr-ingest.com
songbird.cardinalcommerce.com
ssl.kaptcha.com
stats.g.doubleclick.net
td.doubleclick.net
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
action.eko.org
104.198.23.205
13.59.183.69
151.101.129.21
151.101.130.133
151.101.193.21
151.101.193.91
2001:4860:4802:38::181
2606:4700:3036::ac43:d163
2606:4700:4400::ac40:93bc
2606:4700::c6d9:fbfb
2607:f8b0:4004:c17::9c
2607:f8b0:4004:c1b::9d
2607:f8b0:4004:c21::5e
2607:f8b0:4004:c21::9a
2607:f8b0:400d:c01::63
2607:f8b0:400d:c01::93
2607:f8b0:400d:c09::61
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:600::291
3.210.51.78
3.5.81.117
34.120.195.249
35.235.122.5
54.148.115.137
66.33.60.130
0ed7c483fe234f47b5db906d0ef82bf8a1dcb7e87f3f422d04b3b1d8554e8aee
1538aeb684c942e705c95b6c85fd754ed7ab0f833d096dfaa3a70b6e9f655f07
1d2f5f751a029e1c91ed14a24f48da4d4680c21251629bc17f0046a7ec195034
2167545ceed2d2d0a16289ee581af5de8dedea25123804767bc51c0d60b5bae8
24751cbae618f6fbeb532498fd1ceeda5350f30085086cd5426961a2695e3d9f
26694100d855cd68c025def769c294002529c65e28f3d049876b047690395faf
284b36b7aa48fe6f87af6a4c15e5f908efda1a536efe46afdbe75691367e6cbe
29fc8aea2dbd87b852a1c1401dc311a6f148e27d59ce80457eb9b2b00b2a0eba
2ee7a632a3fb0b363ca16927177ae23d3962c1f0988b18b44ce9c8cd845adddf
2f17c43ac8c827fb8dd0e02c94de8bf29c160758872c45190e198a368eb7607f
37009c285d7ed0049e02f59a24ae9dc1c04e10bd5f7e9fa27ec3b94fbaa30194
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
467eed23abc5f7759d976c9fbb973cc38dba4b277d1cfc9e15696bc0f486c527
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
5b0bf1824e179ce4136096ad5e1aaa03d96e9423184b892f736514275111d224
6716727ba6856e8902b1c9c6d7b4b2b7ddb1e14cbec10e44a7d6bf76d5edd813
72561daecad9d07460125458467e9c4ae115aa992bf99bf5856d7606519be13c
787df506f104e98b3516ac91751198f13e2081ad617f8742fb69b6d37a19f678
7d65b2e5e0e2ccfd42a74c7fabfd7295c1bddbf5f90f35d90120a1afca776c40
7dc42ffebba11642d0baf2550de9893f6baa6a6bc042ecd244a3792669f6b7cd
82efc0ca69e65cf8b9990fa838c650d1b83062b7ce889eddba9c4dd86472f0a9
832e81e3a365fa088fc4d781e48dd5ea6533f95b0a498f9d0ae931fe54622d07
83b24b7af1374d4db06ca1938420f52bf2b858ec53ef87808c1fb84da31862b2
8b897b9fecc3c8751c321c06c243e75ac3e533b7f594bca75a68cf40e5fe3206
8bd10ac188ddd2f1f2ee06c961e4035ce70e92a836fff69e319f132494ad5f09
8effdbbd29e67ddddfaf8c5e5bdafd0c449965e7cf391e52b31ab3b9e65b4b2d
91bc1bc9ae28d0e35d540f6ca440006a5e16b070ff7d0d0d49d05d8c35f4e75e
94e4c01ae02e47232efcd52f9598827c04546a9b1bb5c953c931209a5ef6820f
a9a7abc5925ee78d57f12338bf6651c0f6d859f0bb0bc01239ce52e024f2aa81
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b261530f05e272e18b5b5c86d860c4979c82b5b6c538e1643b3c94fc9ba76dd6
b6761650624ca02061377299968b0bb6fc64c2e40d2d2f0e90b4ea9ae7ffe057
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
bf8754d316f3c1ba39924f7e2746d6220089073f756acf4c3d8c334a0558b7fe
c61f0140fce603b105c57026c9c21a3e799d1223f0b893641e6d735a649bb780
ce6785673dc22cb997b9f1f4737078668ecd2b60eea10138ad4abdd891b92522
d70128e4980e86c085a22261c696ee11385c6a3063e7865cac40730cf3c1f54a
dbaafe7a1006e416a1efd1e53fb4f1af18c71d58b8779b058fb941cc9c31ddf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e3acc1921ff20222abab561df12bd26bd58e9fedb3c910d2ab2b186d4fdce9
e7c0bda535e3d69a6963adee5c7591ff09fce5cdbcaf86aa30d72a9cb6fdac42
ec380b1ead6c3fc83a8619c847e1bfaa420d07f0db16d50518b7bd129ec3be7e
edaf389f4a99044d400dd4583eb794ac752aa67eeb28a3dca693caab1a0e829f
ee137b22cf3783b2d9e3d4583e4e871fc3e562da74149a0e775a065f4545e59b
ee6da6d74d2eb9f06aca74cb5d8053884676a45cf9e7b2c4814c33a09162a3cd
eedc6f5ba51ee5cac106927dcb371771f96d52864036899ae3cb1b1c01d60c23
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe05c98224ae236e96330132bac1bb7fb43ac5fae1d9abbbc9f3b71c608bc3
f680993d38ab5fb27f295afc5e25cff413bb2db882c6adee4730963937055b60
f8919e77312f2a4234c3b71e85bad6cb358c3ff63686baa7b41076eb04ff8f1d
ff4122bc115769d571f01d773fab3a854698ed209f36aa2f9c29b5b9a54d4fb0

action.eko.org Open in urlscan Pro 66.33.60.130 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

54 %IPv6

17 Domains

25 Subdomains

27 IPs

1 Countries

1868 kBTransfer

6184 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

action.eko.org Open in urlscan Pro
66.33.60.130 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

54 %
IPv6

17
Domains

25
Subdomains

27
IPs

1
Countries

1868 kB
Transfer

6184 kB
Size

14
Cookies

90 HTTP transactions
0 data transactions