urlscan.io logo urlscan.io
SecurityTrails logo

mctsptsa.givebacks.com Open in urlscan Pro
13.35.58.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mctsptsa.memberhub.com/
Effective URL: https://mctsptsa.givebacks.com/
Submission: On October 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 63 HTTP transactions. The main IP is 13.35.58.6, located in United States and belongs to AMAZON-02, US. The main domain is mctsptsa.givebacks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 10th 2023. Valid for: a year.
This is the only time mctsptsa.givebacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 18.66.102.123 16509 (AMAZON-02)
10 13.35.58.6 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:401... 15169 (GOOGLE)
1 34.36.213.229 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:4860:480... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 151.101.193.91 54113 (FASTLY)
2 172.217.16.200 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
2 52.3.104.183 14618 (AMAZON-AES)
8 17 35.175.155.78 14618 (AMAZON-AES)
4 2a03:2880:f17... 32934 (FACEBOOK)
8 52.217.197.72 16509 (AMAZON-02)
2 157.240.252.35 32934 (FACEBOOK)
1 216.239.34.36 15169 (GOOGLE)
63 25
1    18.66.102.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-123.fra56.r.cloudfront.net
mctsptsa.memberhub.com
10    13.35.58.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-6.fra60.r.cloudfront.net
mctsptsa.givebacks.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4013:c16::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
accounts.google.com
1    34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com
cdn.pendo.io
3    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2606:4700::6810:4b8e (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
1    2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
1    2606:4700:4400::ac40:9310 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
3    2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
track.hubspot.com
3    151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.growthbook.io
2    172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net
www.googletagmanager.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
2    52.3.104.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-104-183.compute-1.amazonaws.com
api.givebacks.com
17    35.175.155.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-155-78.compute-1.amazonaws.com
api.memberhub.com
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    52.217.197.72 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 memberhub.com
mctsptsa.memberhub.com
api.memberhub.com — Cisco Umbrella Rank: 274907
53 KB
12 givebacks.com
mctsptsa.givebacks.com
api.givebacks.com — Cisco Umbrella Rank: 314089
2 MB
8 amazonaws.com
s3.amazonaws.com
886 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
372 KB
3 growthbook.io
cdn.growthbook.io — Cisco Umbrella Rank: 8786
1 KB
3 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5132
track.hubspot.com — Cisco Umbrella Rank: 2324
2 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3643
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
182 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3483
989 B
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2191
25 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2172
26 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3176
4 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5048
26 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
924 B
1 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 626
200 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 18
86 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2500
997 B
63 19
Domain Requested by
17 api.memberhub.com 8 redirects mctsptsa.givebacks.com
10 mctsptsa.givebacks.com mctsptsa.givebacks.com
8 s3.amazonaws.com
6 www.facebook.com
5 www.googletagmanager.com mctsptsa.givebacks.com
www.googletagmanager.com
js.hsadspixel.net
3 cdn.growthbook.io mctsptsa.givebacks.com
3 region1.google-analytics.com www.googletagmanager.com
3 securepubads.g.doubleclick.net mctsptsa.givebacks.com
securepubads.g.doubleclick.net
2 api.givebacks.com mctsptsa.givebacks.com
2 connect.facebook.net js.hsadspixel.net
connect.facebook.net
2 api.hubspot.com js.usemessages.com
1 track.hubspot.com
1 api.hubapi.com js.hsadspixel.net
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 fonts.googleapis.com mctsptsa.givebacks.com
1 cdn.pendo.io mctsptsa.givebacks.com
1 accounts.google.com mctsptsa.givebacks.com
1 js.hs-scripts.com mctsptsa.givebacks.com
1 mctsptsa.memberhub.com 1 redirects
63 22

This site contains links to these domains. Also see Links.

Domain
support.memberhub.com
www.givebacks.com
support.givebacks.com
Subject Issuer Validity Valid
*.givebacks.com
Amazon RSA 2048 M02		 2023-12-10 -
2025-01-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hs-scripts.com
WE1		 2024-09-26 -
2024-12-25		 3 months crt.sh
accounts.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
cdn.pendo.io
WR3		 2024-09-19 -
2024-12-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
usemessages.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
hsadspixel.net
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
hs-banner.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
hubapi.com
WE1		 2024-09-09 -
2024-12-08		 3 months crt.sh
hubspot.com
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh
cdn.growthbook.io
R11		 2024-09-24 -
2024-12-23		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-02 -
2024-10-31		 3 months crt.sh
*.memberhub.com
Amazon RSA 2048 M02		 2024-02-24 -
2025-03-23		 a year crt.sh

This page contains 2 frames:

Primary Page: https://mctsptsa.givebacks.com/
Frame ID: 2AE57D028936A3F706601B2236CD79B4
Requests: 60 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmctsptsa.givebacks.com
Frame ID: 5BF43ED947328B08ABE2F4D8DF06A225
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Givebacks

Page URL History Show full URLs

  1. http://mctsptsa.memberhub.com/ HTTP 307
    https://mctsptsa.memberhub.com/ HTTP 301
    https://mctsptsa.givebacks.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Page Statistics

63
Requests

87 %
HTTPS

52 %
IPv6

19
Domains

22
Subdomains

25
IPs

3
Countries

4155 kB
Transfer

11180 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mctsptsa.memberhub.com/ HTTP 307
    https://mctsptsa.memberhub.com/ HTTP 301
    https://mctsptsa.givebacks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNEM0T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--789cbea4e050ecb43e450b018f46c1aec4f9c000/MCTS-PTSA-Logo-Circle.png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/cxt2c2itg8iigq6xg8fbxi6lzh55?response-content-disposition=inline%3B%20filename%3D%22MCTS-PTSA-Logo-Circle.png%22%3B%20filename%2A%3DUTF-8%27%27MCTS-PTSA-Logo-Circle.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000219Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=c1f03b2c8d974681bed797a28527c82070ca7b20c9e50aad403c3f19a4d7afb3
Request Chain 54
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0ZIT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--d72d1b483ad62f23a6a4792b81c9c53af46ddb20/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/k1pdspiahm6fijj992glbwp791d5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=145718e82889905d60edd98d2df0829ef771a5a82d6b0df4c07b64a9eb5f16d5
Request Chain 55
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMFM1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e11e10dfa558fbed6e0b1d37a74742ac9f251e8b/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/076freg7243h3g1lx60ddvek9kz7?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2a303947a2bf5102b1202d69a30e760549b2560ffe19f44f8793023269af9e85
Request Chain 56
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0pIT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--77d6194d78fffc2ed270d7ff770e04eba3ba0b98/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/0mr5f6o8zuykp29bx3f0myvp916z?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=844a352e0a8f0717939309f2ce918933862d565d4b6f685610588b1b8815f91b
Request Chain 57
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM05IT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--9c77ef12e3360cbcab1ccc8836c74dca9a517914/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/wxwdx1cuwipxgnz4fnvcoj18q148?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=570b280dbc97c8eb7614df5836cd0dcf1969008f9a5908d01a7920c72208a473
Request Chain 58
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMHE1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--d18004ffcbb739d10cc0a3d233df145d102055d1/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/0mhtss1rvxhefq211uf6pehelly3?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=465d0f448dd35e122017218cfe477f7f75b52227be59d34fe359f24b7c4ea1fc
Request Chain 59
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMG01T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8178a96b0949063789e9d53d258ce65ad4de73f2/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/nz6f51hidol3ydogb44ysqjxwh9n?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e085cc42e0ae54942c5fa530a4f9ac24e71867a48035ae1336b2e57f897d7f62
Request Chain 60
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMGE1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--c65a41933f3e9339b532ea486b951f1894193d56/png HTTP 302
  • https://s3.amazonaws.com/com.memberhub.storage/yts9th2xirgynfhxdteyxy5h0rv1?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c16f07dbfdbcc497e308486ce92a12a2affe3fbd127d2369a495899fd3ec5e8

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mctsptsa.givebacks.com/
Redirect Chain
  • http://mctsptsa.memberhub.com/
  • https://mctsptsa.memberhub.com/
  • https://mctsptsa.givebacks.com/
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ccdd04788749c6c198414746060fb8845c7bd592ddaf7dcdccb5c2b0398f6c86

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age
11026
content-encoding
gzip
content-type
text/html
date
Wed, 23 Oct 2024 20:58:28 GMT
etag
W/"51c739f0ba8c066d8e293663818076c5"
last-modified
Thu, 17 Oct 2024 20:53:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-amz-cf-id
FQXmsqybtMAdC8ppiT92jCGqzEp0eRtb8D8wxJqBSC0aK997q6QFMg==
x-amz-cf-pop
FRA60-P10
x-cache
Hit from cloudfront

Redirect headers

access-control-allow-headers
*
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
apigw-requestid
AIM06gRPIAMEPPw=
content-length
0
date
Thu, 24 Oct 2024 00:02:13 GMT
location
https://mctsptsa.givebacks.com/
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id
S-qMFJkM1eTkRYwMLBP1tKbZtLxPUWnxgtxpt9eysyE3TQOGFW4tCw==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e9ba2ef0b464b70886dac164ce774950108d41828e7740631dc8782ff07d3cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
etag
158 / 20020 / 31088405 / config-hash: 9692308689602569677
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:02:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 00:02:13 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33350
x-xss-protection
0
server
cafe
21159.js
js.hs-scripts.com/ 		2 KB
997 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21159.js
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80a5442c480b1cef8d7ff1464ba993fd5f1655454ead340f633fe164eec04d72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:03:43 GMT
date
Thu, 24 Oct 2024 00:02:13 GMT
x-hubspot-correlation-id
98883c99-d7bf-44b6-b884-def04f427fa8
content-type
application/javascript;charset=utf-8
vary
origin, Accept-Encoding
last-modified
Thu, 24 Oct 2024 00:02:13 GMT
cache-control
public, max-age=90
access-control-allow-credentials
true
cf-ray
8d75b264cdfd2c77-FRA
accept-ranges
bytes
access-control-allow-origin
https://mctsptsa.givebacks.com
content-length
621
server
cloudflare
client
accounts.google.com/gsi/ 		227 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cea5dfc3b4d3de37d98b675c3e95edb5ca595fcb6ebdefba6cf200dc9a16fc7c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Dp4YRu8i4qt72Cln0rn3ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-Dp4YRu8i4qt72Cln0rn3ZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control
private, max-age=1800
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:02:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date
Thu, 24 Oct 2024 00:02:13 GMT
x-xss-protection
0
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
index-lQSfzlWv.js
mctsptsa.givebacks.com/assets/ 		6 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
468925e492852e03bc7244ba5f57209d4a1a392bac63638437d99c2e20e13498

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
gzip
etag
W/"01d03f688f105352683e0108ae9dec66"
age
44437
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
Bwu44cN2ybg2csDPQ4QdnIdHPm_Bj43d4o0ME9FA2bR2dkYyVHakQg==
date
Wed, 23 Oct 2024 11:41:37 GMT
content-type
text/javascript
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
index-EP1NPmN6.css
mctsptsa.givebacks.com/assets/ 		642 KB
87 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11b7ff471669ac4d286aa0e41658f2698147ec64add01bb3b0c7e49d1d30cd8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
etag
W/"83d53e9c9123a3d61bc89a5b3ab161f3"
age
80184
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
dwGFg7k3zLNpLgvgoGH2gUxuZW4bHbCQ6c3Fe0i-HlhnNoXrfxfpNg==
date
Wed, 23 Oct 2024 01:45:50 GMT
content-type
text/css
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
pendo.js
cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/ 		618 KB
200 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/pendo.js
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
229.213.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
84b8e7ea7c3f013b603ee95edac2068a3b21c1e226e601ed1b2fd4786619f062
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=CImnCQ==, md5=gPIT4k6tTvIpY2ubbHnYbw==
etag
"80f213e24ead4ef229636b9b6c79d86f"
age
1215
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
204636
date
Wed, 23 Oct 2024 23:41:58 GMT
last-modified
Mon, 21 Oct 2024 21:27:16 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3i9qHlYtRWt9G-JunyNvDGxWS4VfLp-MGZ2LBE9bvbj-ipnqhxpkCOs2lmId_xZcmLxZzxB-V0Dw
strict-transport-security
max-age=63072000; includeSubDomains
cache-control
public,max-age=450
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1729546036067590
content-length
204636
server
UploadServer
gtm.js
www.googletagmanager.com/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fe1b561641d398b3df7f7e17c60d4fa6bef491a85af9b205e30f22ca06a4cf71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 00:02:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:13 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
78755
x-xss-protection
0
server
Google Tag Manager
css2
fonts.googleapis.com/ 		3 KB
924 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9aa42c76fd5ce12ba085cfd7e8361ec7260c3cd7685a43513e112064ff309015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:02:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:14 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 23 Oct 2024 23:24:34 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/ 		481 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410210101/pubads_impl.js?cb=31088405
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
etag
14283833466912019972
age
50410
x-content-type-options
nosniff
expires
Thu, 23 Oct 2025 10:02:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 23 Oct 2024 10:02:04 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
152738
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mctsptsa.givebacks.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ac32c21c19fb539f711c44a8261f518c385c35151598cc5489ad3b61ec756654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 00:02:14 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
51
date
Thu, 24 Oct 2024 00:02:14 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
js
www.googletagmanager.com/gtag/ 		304 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ea50b530775a9ad62753d77bd0cdfd4dd9e2d16bf6842016827ffb6560e195f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 00:02:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105257
x-xss-protection
0
server
Google Tag Manager
conversations-embed.js
js.usemessages.com/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4b8e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7be4c2df7752dc4274589e7b65d5dd6d893e3c0619417a461dab0b61018719bb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
7ec0813d-c2a0-438b-94ee-bee12c68bd5a
content-encoding
gzip
cf-cache-status
HIT
etag
W/"ca7bd5104f866dc147cdff83335d7287"
x-amz-version-id
xOABwZAmYNqD6NP87b30Ns4FoFcT9gei
age
438
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-amz-cf-id
cmIYxENt8FHPOtAqyHlNgBy7Q0Rsx2J6LOyYfjG3ucD7EoreWmVpdg==
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
7ec0813d-c2a0-438b-94ee-bee12c68bd5a
content-type
application/javascript; charset=utf-8
last-modified
Wed, 23 Oct 2024 15:39:05 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-t4h8b
x-envoy-upstream-service-time
1
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18426/bundles/project.js&cfRay=8d75a7b40999bbc7-FRA
via
1.1 e8eec15d9551dd475d4c478f9fbb5f04.cloudfront.net (CloudFront)
cf-ray
8d75b2671ffd4d9c-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18426/bundles/project.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
fb.js
js.hsadspixel.net/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-evy-trace-virtual-host
all
x-request-id
32b354b5-a803-4fa7-922a-c4b1b9044a4a
content-encoding
gzip
cf-cache-status
HIT
etag
W/"0df6051fb4e3e5c67b55de874a5fe993"
x-amz-version-id
KtgVA4GHJgyUOPf7T5TRgmfap.5FKp0l
age
266
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-amz-cf-id
tk68A4J-LNcEuUrLRCPJAev5m8ntGIF3xl5k5bafXRrOsX_qT5PMMQ==
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
32b354b5-a803-4fa7-922a-c4b1b9044a4a
content-type
application/javascript; charset=utf-8
last-modified
Mon, 21 Oct 2024 14:24:42 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-7df4f6b649-s7fln
x-envoy-upstream-service-time
6
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.605/bundles/pixels-release.js&cfRay=8d75abe7faa635e0-FRA
via
1.1 c0b0d7167cc2eb52d8d154aa7fc03a0a.cloudfront.net (CloudFront)
cf-ray
8d75b2671a4dd3c0-FRA
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
adsscriptloaderstatic/static-1.605/bundles/pixels-release.js
x-amz-cf-pop
IAD12-P3
server
cloudflare
x-amz-server-side-encryption
AES256
banner.js
js.hs-banner.com/v2/21159/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21159/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9310 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
97e68b00-a9b5-449a-9683-018ad874ab4c
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"2b04641007c8073968086ff34a30127b"
x-amz-version-id
.dI6XHlg_aGJ2X81dlJTa7EoEeQJvbwB
age
222
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Thu, 24 Oct 2024 00:03:32 GMT
x-evy-trace-listener
listener_https
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
97e68b00-a9b5-449a-9683-018ad874ab4c
content-type
text/javascript; charset=UTF-8
last-modified
Mon, 15 Apr 2024 13:58:30 GMT
vary
origin, Accept-Encoding
x-amz-id-2
24iNqSS7jjHKThBWFOTQbtg4kZDk/VLXyhQ9MzhpuYPkqjiTcE8g0iARw1+toxA4qS7yyPFxS9w=
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
x-envoy-upstream-service-time
108
access-control-allow-credentials
true
x-amz-request-id
B5VD6QKHG9GCJHHP
cf-ray
8d75b2671bcedb0a-FRA
access-control-allow-origin
https://glacierptsa.givebacks.com
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
21159.js
js.hs-analytics.net/analytics/1729728000000/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1729728000000/21159.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e264dd7376a6aa54dd468debd0b46618dd564109e6a5ef0870ef7523b690e332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-server-side-encryption
AES256
x-request-id
7f5d3cbd-e80f-484b-b1fd-c307c94a9011
content-encoding
gzip
cf-cache-status
MISS
etag
W/"c13418e6a8131ab0e86808746580abf5"
x-amz-version-id
null
expires
Thu, 24 Oct 2024 00:07:14 GMT
x-evy-trace-listener
listener_https
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
7f5d3cbd-e80f-484b-b1fd-c307c94a9011
content-type
text/javascript
last-modified
Tue, 22 Oct 2024 20:37:43 GMT
vary
origin, Accept-Encoding
x-amz-id-2
7GIt/rBPyZGS6+4fxv8VS3Pc8TwPyPjIoAyb6ZRPOXLmsRbA0QacQTypcilTanrOKwR3tf26iG04K1cxXO2ZVuXzlrpgvdW9TtUeZoAn49w=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-6f96cfd686-b6c9w
x-envoy-upstream-service-time
29
access-control-allow-credentials
false
x-amz-request-id
C73QNYF55Y6MN8S1
cf-ray
8d75b267091a35fa-FRA
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je4al0v892291399z89115494238za200zb9115494238&_p=1729728133808&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=852107911.1729728134&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1729728134&sct=1&seg=0&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2F&dt=Givebacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1307
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mctsptsa.givebacks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:14 GMT
content-type
text/plain
server
Golfe2
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		399 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21159
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
180
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mc7l0%2F1YBmSBxr49KXFLTliSxrhdwTva%2FV5raKPKgegnfDdKY%2B837EWinzqn8sJideceZLHXRRiHPjbTWqqi%2FLUkpRK7qcjsgHxYfqW9sON1KcsvJWSwVa1pY6uSWVkFQAmTLXJ2gG27%2B4uE"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
2f6a95bf-de37-4548-971c-cdcc149d28e4
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8d75b268ee732bf1-FRA
access-control-allow-origin
https://mctsptsa.givebacks.com
content-length
283
server
cloudflare
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.18426&mobile=false&messagesUtk=897b97094af349c4afd0b5b2b410511a&traceId=897b97094af349c4afd0b5b2b410511a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://mctsptsa.givebacks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://mctsptsa.givebacks.com
allow
HEAD,GET,OPTIONS
cf-cache-status
DYNAMIC
cf-ray
8d75b268fcd9368a-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Thu, 24 Oct 2024 00:02:14 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JnKxGJ4Wlfvd%2BtxdNfj3wWkqJFXVV0q0yfXjBwzMtgeWzB6kbpMPLdNNpdaWoipexQzYkd0ESLnO7ep8NmdFBMV4kgfESx4l5WzzMRs2I5QwmE3PvX%2BEfvdEKHEkF%2BFhM5kg0vPfof40S7dbzg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-hubspot-correlation-id
4853defe-ed8a-4749-8069-d21b4528596c
public
api.hubspot.com/livechat-public/v1/message/ 		263 B
910 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.18426&mobile=false&messagesUtk=897b97094af349c4afd0b5b2b410511a&traceId=897b97094af349c4afd0b5b2b410511a
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2438212fc419e54fe79077981a8c75e997dfcfef29d4777fc36d90d81d6acd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://mctsptsa.givebacks.com/
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LHOSLy4kRx9WPGe23EE6knBNUJybQcLwXfATu1VKjKiIjLLkeXYeNCCS29e1nTB7GtN7GDXt9yNakVH5Ybwo%2F2AKjcaevR9HFMGNGh4dpJdDnO36JAkty%2FCUTJLnobj3soz540t%2BUDG5yOLjMg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:14 GMT
x-hubspot-correlation-id
c29bcc08-a038-4764-8afa-ca8be9e2cf5a
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
false
cf-ray
8d75b269fd6a368a-FRA
access-control-allow-origin
https://mctsptsa.givebacks.com
content-length
210
server
cloudflare
sdk-ny7ikDXF211WMR7t
cdn.growthbook.io/api/features/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/api/features/sdk-ny7ikDXF211WMR7t
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash
b7e17f29fc96104f3eb1be19d0f5ea0d746f661e5c0eefca4a67dbf238166db3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-expose-headers
x-sse-support
content-encoding
gzip
etag
W/"113a-F8U7Zf4x68igEWjIiCwQQFDcXII"
age
484
x-cache
HIT, HIT
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000156-IAD, cache-fra-etou8220031-FRA
x-cache-hits
20109, 0
vary
Accept-Encoding
cache-control
public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-timer
S1729728136.044743,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-sse-support
enabled
content-length
1095
x-powered-by
Express
__ptq.gif
track.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3792790642&v=1.1&a=21159&pu=https%3A%2F%2Fmctsptsa.givebacks.com%2F&t=Givebacks&cts=1729728135410&vi=80e36ced0d7146e1753b871a5603c8ff&nc=true&u=210915018.80e36ced0d7146e1753b871a5603c8ff.1729728135399.1729728135399.1729728135399.1&b=210915018.1.1729728135399&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-robots-tag
none
x-request-id
672e85c8-b322-4edd-a5ec-63c1d644808b
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z8tA%2FLE9A3%2F4WcYLqupNIwc49sB2Vyaa7bHI2HmybospQqa5y%2FuM4b9OgcpKTf11U33bG%2BFos%2B5%2FYD4Na2t6%2FzFQHoAj8ae%2F0oDKnn5jRJcfTKxxavYbbrLFuTYFOl6mlF%2B6wfYTZTkDiN084XMO"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Thu, 24 Oct 2024 00:02:16 GMT
x-hubspot-correlation-id
672e85c8-b322-4edd-a5ec-63c1d644808b
content-type
image/gif
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-6c8f7f4884-692sf
x-envoy-upstream-service-time
8
access-control-allow-credentials
false
cf-ray
8d75b2722ef6d381-FRA
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
js
www.googletagmanager.com/gtag/ 		276 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11087670310
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
17233f87529d44019e7669ba8d68a2178328ee61a85d79816811c461025faacd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 00:02:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97785
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		276 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11087670310&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f200.1e100.net
Software
Google Tag Manager /
Resource Hash
4caec64067ec862ce028fc2f322a3fc73b10b0a60f501049e83ac9ea431cd947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 00:02:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:15 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97732
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/ 		228 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=0, c=23, mss=1232, tbw=4567, tp=12, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
48DpxYQf0ZtjP2bDQ8NPjluAOzXVaM2qY2zfmcNbAzHewcTfeY8yICW3UNmKagU8WViJtuIqJtrUDm8KZdCTjQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59508
x-xss-protection
0
origin-agent-cluster
?1
mctsptsa
api.givebacks.com/services/core/causes/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.givebacks.com/services/core/causes/mctsptsa
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.104.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-104-183.compute-1.amazonaws.com
Software
/
Resource Hash
2e2d7247ef3b2b7414d831658ae7c6bd65ce927cb344fe38bb7416c550670e85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
7dbe87b6-e597-4204-89b2-54af837808ef
access-control-expose-headers
etag
W/"2e2d7247ef3b2b7414d831658ae7c6bd"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.068357
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
content-length
1958
x-xss-protection
0
webpages
api.memberhub.com/services/memberhub-service/ 		58 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=undefined
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
0d1af2ce-ad6e-4fdb-9976-79f8f29edd7c
access-control-expose-headers
etag
W/"0c5b8dc8aff19cf814eb665f881709ff"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.019021
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
favicon.ico
mctsptsa.givebacks.com/ 		15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

etag
"33f8e225ea5a16fef01666568c3f8e9a"
age
55160
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
MLH-UTzT2-s3VymOne1jDDn_b2nwpJvfgv4J87_muBy42p3TAXxZNA==
date
Wed, 23 Oct 2024 08:42:56 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 17 Oct 2024 20:53:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
Poppins-Regular-D_fR_ai8.woff2
mctsptsa.givebacks.com/assets/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/Poppins-Regular-D_fR_ai8.woff2
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css

Response headers

etag
"46ff920efe7721f9087376e8131619e8"
age
39866
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
49652
x-amz-cf-id
LIh3RCpi0gzX5PQFsZ0JOR8vkReuPO7zs8QbWPh4Tj1C8-HYWfXYdA==
date
Wed, 23 Oct 2024 12:57:50 GMT
content-type
font/woff2
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 5BF4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fmctsptsa.givebacks.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11087670310
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 00:02:16 GMT
expires
Fri, 24 Oct 2025 00:02:16 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk-ny7ikDXF211WMR7t
cdn.growthbook.io/sub/ 		14 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/sub/sdk-ny7ikDXF211WMR7t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Cache-Control
no-cache
Referer
https://mctsptsa.givebacks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

cache-control
private, no-store
x-timer
S1729728136.103550,VS0,VE87
age
5
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, MISS
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
text/event-stream
x-powered-by
Express
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220031-FRA
x-cache-hits
50, 0
495956447226186
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/495956447226186?v=2.9.173&r=stable&domain=mctsptsa.givebacks.com&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
e8bcae73b2a443c55563f202a559608e4665c709a4053c56f1e16bcb701f223a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=66, mss=1232, tbw=67767, tp=66, tpl=0, uplat=83, ullat=1
pragma
public
x-fb-debug
FCWIHJ0js3KkA0dDaGhzc2AHL6EubGmNFfqOmnwzrsC/8zNPdhiR67TRrEPe/dCjDY8FD9ktRe2hyIM0sgf8WA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
f533ca93-005d-4adf-8473-ae1c54591fdf
api.memberhub.com/services/memberhub-service/organizations/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/organizations/f533ca93-005d-4adf-8473-ae1c54591fdf
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
a62e09fa600dee9e173137e7e0c727e41aaf13024c5f281a4dd80473556df476
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
52549d77-0cc2-42ae-a8b9-ed6ed31f6ac1
access-control-expose-headers
etag
W/"a62e09fa600dee9e173137e7e0c727e4"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.127531
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2F&rl=&if=false&ts=1729728136331&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=10, mss=1297, tbw=2924, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2F&rl=&if=false&ts=1729728136331&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429125775236215877"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:02:16 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
3PbRCTL5863VlV1GU/q7WYKmhTtuP+JfbbL5aRcVKD9r+ptmaTa0j3tJJrbeEW2s95+p03/GWRiETfyLp+ubEw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429125775236215877", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=32, rtx=0, c=12, mss=1297, tbw=3242, tp=-1, tpl=-1, uplat=197, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je4al0v892291399za200zb9115494238&_p=1729728133808&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&cid=852107911.1729728134&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1729728134&sct=1&seg=0&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2F&dt=Givebacks&en=scroll&epn.percent_scrolled=90&_et=27&tfd=6338
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mctsptsa.givebacks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
text/plain
server
Golfe2
cxt2c2itg8iigq6xg8fbxi6lzh55
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBNEM0T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--789cbea4e050ecb43e450b018f46c1aec4f9c000/MCTS...
  • https://s3.amazonaws.com/com.memberhub.storage/cxt2c2itg8iigq6xg8fbxi6lzh55?response-content-disposition=inline%3B%20filename%3D%22MCTS-PTSA-Logo-Circle.png%22%3B%20filename%2A%3DUTF-8%27%27MCTS-PT...
204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/cxt2c2itg8iigq6xg8fbxi6lzh55?response-content-disposition=inline%3B%20filename%3D%22MCTS-PTSA-Logo-Circle.png%22%3B%20filename%2A%3DUTF-8%27%27MCTS-PTSA-Logo-Circle.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000219Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=c1f03b2c8d974681bed797a28527c82070ca7b20c9e50aad403c3f19a4d7afb3
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
be778c26214da0ed6f8b98a8424d561e0deffc60d23eb816868ea3aaf5059ecf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
kOtYuC0lnegoEi8YfTUki93uW2+jhWaj+bGaofWSVfbzp/r4jelIy+MXxwymdbUFiWn4OJRdBio=
ETag
"a9b1ee9a513906daf5bc527c9db2e0fc"
x-amz-request-id
1SS9H9YTRBY0QDAT
Accept-Ranges
bytes
Content-Length
208950
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 21 Aug 2023 16:16:13 GMT
Content-Disposition
inline; filename="MCTS-PTSA-Logo-Circle.png"; filename*=UTF-8''MCTS-PTSA-Logo-Circle.png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
0292d624-8fb1-442d-ace0-3457a66fa2ca
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/cxt2c2itg8iigq6xg8fbxi6lzh55?response-content-disposition=inline%3B%20filename%3D%22MCTS-PTSA-Logo-Circle.png%22%3B%20filename%2A%3DUTF-8%27%27MCTS-PTSA-Logo-Circle.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000219Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=c1f03b2c8d974681bed797a28527c82070ca7b20c9e50aad403c3f19a4d7afb3
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:19 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.007861
x-frame-options
SAMEORIGIN
webpages
api.memberhub.com/services/memberhub-service/ 		58 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
b0f7d63b-50cc-40d2-a237-045764cdc26d
access-control-expose-headers
etag
W/"7e3bbd8fa9e2f9e5b45196a8939b5737"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.021539
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
path
api.memberhub.com/services/memberhub-service/webpages/ 		58 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/webpages/path?organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf&path=/&live=true
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
ba26df45-39d9-4306-9d81-f99e6b3f9dc1
access-control-expose-headers
etag
W/"7e3bbd8fa9e2f9e5b45196a8939b5737"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.016687
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2Fstore&rl=&if=false&ts=1729728139636&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=1&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
MODERATE; q=0.3, rtt=962, rtx=4, c=12, mss=1297, tbw=6088, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2Fstore&rl=&if=false&ts=1729728139636&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=1&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=FGET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429125789490760158"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
r2Gle1MNz6lMaQ7aJIh2iZjtdicOhSQK+RdcggzqYCGO4Mb28RivDMsb+7o1vpqfPICfjNqUE9QRad4pRYicXQ==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429125789490760158", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
MODERATE; q=0.3, rtt=654, rtx=4, c=12, mss=1297, tbw=6257, tp=-1, tpl=-1, uplat=40, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?0
store_items
api.memberhub.com/services/memberhub-service/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authentication-session-secret,authentication-session-token
Access-Control-Request-Method
GET
Origin
https://mctsptsa.givebacks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authentication-session-secret,authentication-session-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Thu, 24 Oct 2024 00:02:19 GMT
store_items
api.memberhub.com/services/memberhub-service/ 		16 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
360b2518c8bce78a3d3eaa926ebb1b4c628098c37975f9b57291063e8374d7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authentication-Session-Secret
undefined
Referer
https://mctsptsa.givebacks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Authentication-Session-Token
undefined

Response headers

access-control-max-age
7200
x-request-id
190a3f48-9886-4b62-ae21-52a8b0771fef
access-control-expose-headers
etag
W/"360b2518c8bce78a3d3eaa926ebb1b4c"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:20 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.222577
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2efe4ab979b9ff9c5d3be58f8e226077582b8bffa371cbd2c868c3b77e87cc2b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2Fstore%3Flimit%3D21%26live%3Dtrue&rl=&if=false&ts=1729728139697&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=2&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4443, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2Fstore%3Flimit%3D21%26live%3Dtrue&rl=&if=false&ts=1729728139697&sw=1600&sh=1200&ud[external_id]=80e36ced0d7146e1753b871a5603c8ff&v=2.9.173&r=stable&a=hubspot&ec=2&o=12318&fbp=fb.1.1729728136325.262548717372778159&ler=empty&cdl=API_unavailable&it=1729728136165&coo=false&rqm=FGET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429125788361067812"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
KBlzb40IhM3wxxiOVOrJ0ELQwudCLfo3Xdi4bcT3ZK5n59Urz1eeW4p0BgdYYraaPXkxhB52L+IWCoIx+h04kw==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429125788361067812", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4811, tp=12, tpl=0, uplat=39, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
store_items
api.memberhub.com/services/memberhub-service/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/store_items?&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
a9e491c80e4495b47ce51fef4d38dd0f7f987abdd97b060ab654295e0658649a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
0fb41fdf-6b39-421a-b320-634501de8e78
access-control-expose-headers
etag
W/"a9e491c80e4495b47ce51fef4d38dd0f"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:19 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.069704
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
fundraisers
api.givebacks.com/services/store/store_items/ 		659 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.givebacks.com/services/store/store_items/fundraisers?cause_id=597bfc7a-3257-43cf-84e8-6cbce3ca1ded&order[expires_at]=asc&search[live][value]=true&credits=true&limit=10&offset=0
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.104.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-104-183.compute-1.amazonaws.com
Software
/
Resource Hash
5b3e1b056353b34f00f6ccc3fd82b51ec7d19093a5f8902e625c8742d41f3efd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://mctsptsa.givebacks.com/

Response headers

access-control-max-age
7200
x-request-id
18bcf417-601c-4b9b-b73a-b313331f41a2
access-control-expose-headers
etag
W/"5b3e1b056353b34f00f6ccc3fd82b51e"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:20 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.293836
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
content-length
659
x-xss-protection
0
favicon.ico
mctsptsa.givebacks.com/ 		15 KB
296 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/store?limit=21&live=true

Response headers

content-type
image/vnd.microsoft.icon
etag
"33f8e225ea5a16fef01666568c3f8e9a"
age
55164
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
-ukLi-kCgKWnYrIfMZCPxt2zkcJKVmE5gSVGEqNQvmrWriVsh6_uqw==
date
Wed, 23 Oct 2024 08:42:56 GMT
last-modified
Thu, 17 Oct 2024 20:53:53 GMT
vary
Accept-Encoding
server
AmazonS3
x-amz-cf-pop
FRA60-P10
Poppins-Medium-MifvOy28.woff2
mctsptsa.givebacks.com/assets/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/Poppins-Medium-MifvOy28.woff2
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css

Response headers

etag
"3a0a14dc7381ee5200cadbe0af4ee7de"
age
35064
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
48956
x-amz-cf-id
3p_vTdAiGv_v2O4WUTb4iBO02ZFsNr14BiXQxtP5hwqvA70bjnqiwg==
date
Wed, 23 Oct 2024 14:17:56 GMT
content-type
font/woff2
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
Poppins-Bold--aKA7T72.woff2
mctsptsa.givebacks.com/assets/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/Poppins-Bold--aKA7T72.woff2
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css

Response headers

etag
"72eea25a559272c090d4f067e7ca3034"
age
35064
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
50576
x-amz-cf-id
iMHs_cnrr0UlepRwJsRA-axftQP2l4V-eoppy_m5YOkn1zqTDm_RQg==
date
Wed, 23 Oct 2024 14:17:56 GMT
content-type
font/woff2
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
Poppins-SemiBold-BzOT8hyL.woff2
mctsptsa.givebacks.com/assets/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/assets/Poppins-SemiBold-BzOT8hyL.woff2
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://mctsptsa.givebacks.com
Referer
https://mctsptsa.givebacks.com/assets/index-EP1NPmN6.css

Response headers

etag
"a8d9aa7ba6d196c3212919c05588eaf4"
age
10176
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
49688
x-amz-cf-id
hX0ADYiE-1vm3Dc8kpLT-GWUiZupsc6TuegOaoj7sFnFCNOYtNBYNw==
date
Wed, 23 Oct 2024 21:12:44 GMT
content-type
font/woff2
last-modified
Thu, 17 Oct 2024 20:53:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P10
vary
Accept-Encoding
favicon.ico
mctsptsa.givebacks.com/ 		15 KB
295 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mctsptsa.givebacks.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-58-6.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/store?limit=21&live=true

Response headers

content-type
image/vnd.microsoft.icon
etag
"33f8e225ea5a16fef01666568c3f8e9a"
age
55164
via
1.1 aa4673eb0527fb06f7940307fecfc1b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
15086
x-amz-cf-id
BC-asRt4FpIfhqXtmvYFwIvj3zDw5u0_zOOEuLzO8Ya_ksobGEyE-w==
date
Wed, 23 Oct 2024 08:42:56 GMT
last-modified
Thu, 17 Oct 2024 20:53:53 GMT
vary
Accept-Encoding
server
AmazonS3
x-amz-cf-pop
FRA60-P10
store_items
api.memberhub.com/services/memberhub-service/ 		16 KB
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Requested by
Host: mctsptsa.givebacks.com
URL: https://mctsptsa.givebacks.com/assets/index-lQSfzlWv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash
360b2518c8bce78a3d3eaa926ebb1b4c628098c37975f9b57291063e8374d7e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authentication-Session-Secret
undefined
Referer
https://mctsptsa.givebacks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Authentication-Session-Token
undefined

Response headers

access-control-max-age
7200
x-request-id
a58e2f1d-4877-4a33-9398-c1aa825cf219
access-control-expose-headers
etag
W/"360b2518c8bce78a3d3eaa926ebb1b4c"
x-permitted-cross-domain-policies
none
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options
nosniff
date
Thu, 24 Oct 2024 00:02:20 GMT
content-type
application/json; charset=utf-8
vary
Accept, Origin
x-runtime
0.214428
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
x-rack-cors
hit
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
access-control-allow-origin
*
x-xss-protection
1; mode=block
store_items
api.memberhub.com/services/memberhub-service/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=f533ca93-005d-4adf-8473-ae1c54591fdf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.155.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-155-78.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authentication-session-secret,authentication-session-token
Access-Control-Request-Method
GET
Origin
https://mctsptsa.givebacks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
authentication-session-secret,authentication-session-token
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
date
Thu, 24 Oct 2024 00:02:19 GMT
k1pdspiahm6fijj992glbwp791d5
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0ZIT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--d72d1b483ad62f23a6a4792b81c9c53af46ddb20/png
  • https://s3.amazonaws.com/com.memberhub.storage/k1pdspiahm6fijj992glbwp791d5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/k1pdspiahm6fijj992glbwp791d5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=145718e82889905d60edd98d2df0829ef771a5a82d6b0df4c07b64a9eb5f16d5
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
44a2b41ee63a3053eade7afa56053bf7a7f276ef4ec449572ab3c2d8c1e24f8b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
IFnxUohQVeDoJujjHXADQbpHommxuJyiiSuah0R0/bZPbRL9oewdfjoCFMxh9BZHb3nEKA6VHhM=
ETag
"8c72da90c104025f809c69419a4b5193"
x-amz-request-id
1SS0KX61KMEGW3T8
Accept-Ranges
bytes
Content-Length
151735
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 03 Jul 2023 19:42:26 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
821376b4-bedd-4130-a1d5-664974ba395f
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/k1pdspiahm6fijj992glbwp791d5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=145718e82889905d60edd98d2df0829ef771a5a82d6b0df4c07b64a9eb5f16d5
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.010671
x-frame-options
SAMEORIGIN
076freg7243h3g1lx60ddvek9kz7
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMFM1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e11e10dfa558fbed6e0b1d37a74742ac9f251e8b/png
  • https://s3.amazonaws.com/com.memberhub.storage/076freg7243h3g1lx60ddvek9kz7?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/076freg7243h3g1lx60ddvek9kz7?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2a303947a2bf5102b1202d69a30e760549b2560ffe19f44f8793023269af9e85
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a8f649cd919d92a60f0dfe380d9650cdc14531b75178a45e530312d2b4083047

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
DZ0vorfTgxA20PNJXTZ8XudAhTGrhSJxzo9zDrwfyC0TUewtKFUpjQtDs7mnONDs5O1l5OkGec8=
ETag
"262ed976e804ecb86ff7f145e1421e0c"
x-amz-request-id
1SS88CCCXYZVCSD2
Accept-Ranges
bytes
Content-Length
61127
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 21 Aug 2023 18:38:15 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
8e526ce5-77d9-48c9-b00c-f565272bcd8f
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/076freg7243h3g1lx60ddvek9kz7?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=2a303947a2bf5102b1202d69a30e760549b2560ffe19f44f8793023269af9e85
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.010905
x-frame-options
SAMEORIGIN
0mr5f6o8zuykp29bx3f0myvp916z
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM0pIT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--77d6194d78fffc2ed270d7ff770e04eba3ba0b98/png
  • https://s3.amazonaws.com/com.memberhub.storage/0mr5f6o8zuykp29bx3f0myvp916z?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/0mr5f6o8zuykp29bx3f0myvp916z?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=844a352e0a8f0717939309f2ce918933862d565d4b6f685610588b1b8815f91b
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e205264cc5096836da261786971d241306c699da121f01ab7d078972c979ed9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
1WkNMewPvQJwKhsANArmiDrF3IVGP+YIYfCpwYfXbOLoQN02mgJOpD0czMeC1PhTXCH440yusMA=
ETag
"081143d90e460aa3a61f0de05cf41c13"
x-amz-request-id
DY4Q1BY488KZ54NQ
Accept-Ranges
bytes
Content-Length
151543
Date
Thu, 24 Oct 2024 00:02:22 GMT
Last-Modified
Mon, 03 Jul 2023 19:43:18 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
3c8c7b7c-5f6f-472b-a82a-1c1b87c9c0e8
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/0mr5f6o8zuykp29bx3f0myvp916z?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=844a352e0a8f0717939309f2ce918933862d565d4b6f685610588b1b8815f91b
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.019098
x-frame-options
SAMEORIGIN
wxwdx1cuwipxgnz4fnvcoj18q148
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBM05IT1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--9c77ef12e3360cbcab1ccc8836c74dca9a517914/png
  • https://s3.amazonaws.com/com.memberhub.storage/wxwdx1cuwipxgnz4fnvcoj18q148?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
143 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/wxwdx1cuwipxgnz4fnvcoj18q148?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=570b280dbc97c8eb7614df5836cd0dcf1969008f9a5908d01a7920c72208a473
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5dfaf99ec3668a228a9e10bf236e4b4e5059f0795e157b06a95afc380241240b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
utuaMGo6XZxRxhH6uPPi4N4X74RJFsFudZS6GtpoWxb76QdHJ7Aje5NEexs/L+mMqVJt6bOv85s=
ETag
"99391ea7bc6db126946ddb289177583b"
x-amz-request-id
1SS4E85HAS9RMD8C
Accept-Ranges
bytes
Content-Length
146667
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 03 Jul 2023 19:44:47 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
f862e385-812d-4dd7-9a29-0547f7ce27b9
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/wxwdx1cuwipxgnz4fnvcoj18q148?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=570b280dbc97c8eb7614df5836cd0dcf1969008f9a5908d01a7920c72208a473
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.007331
x-frame-options
SAMEORIGIN
0mhtss1rvxhefq211uf6pehelly3
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMHE1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--d18004ffcbb739d10cc0a3d233df145d102055d1/png
  • https://s3.amazonaws.com/com.memberhub.storage/0mhtss1rvxhefq211uf6pehelly3?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/0mhtss1rvxhefq211uf6pehelly3?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=465d0f448dd35e122017218cfe477f7f75b52227be59d34fe359f24b7c4ea1fc
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5a1fa21a2301c30340761b8b29a64dc3f8bacf87b34f47ebb5b2512524df671c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
hHfrULwSFzha/8gQ7aNUzeRM5E7HpJPpVnLsxF3VZudpNBBt7RvCFUZzUp1DxKznuyXe5bjObNU=
ETag
"3457aadaf715234982affdbaf246a055"
x-amz-request-id
1SS0YDGDJ007Y0G4
Accept-Ranges
bytes
Content-Length
61182
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 21 Aug 2023 18:39:30 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
49dbb410-185f-44bd-a125-6d6122ebde6d
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/0mhtss1rvxhefq211uf6pehelly3?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=465d0f448dd35e122017218cfe477f7f75b52227be59d34fe359f24b7c4ea1fc
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.008471
x-frame-options
SAMEORIGIN
nz6f51hidol3ydogb44ysqjxwh9n
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMG01T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--8178a96b0949063789e9d53d258ce65ad4de73f2/png
  • https://s3.amazonaws.com/com.memberhub.storage/nz6f51hidol3ydogb44ysqjxwh9n?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/nz6f51hidol3ydogb44ysqjxwh9n?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e085cc42e0ae54942c5fa530a4f9ac24e71867a48035ae1336b2e57f897d7f62
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6a0b4baa1a655f75fa5338621ec955134679801902e8352d487717cf8b8c6b1d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
/lC6NtyjZLDzJV3dmdgvyvW2TJ0PBHsjVfe27FmS41Cc+SobWlS90mhLGgtts93N3AGVwpNJDYM=
ETag
"815585ca0d0b6bace7a662d114389e0e"
x-amz-request-id
1SS0NHJC9H14KDFV
Accept-Ranges
bytes
Content-Length
61117
Date
Thu, 24 Oct 2024 00:02:21 GMT
Last-Modified
Mon, 21 Aug 2023 18:39:07 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
c3c6135b-de0b-4db9-b27b-773082130904
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/nz6f51hidol3ydogb44ysqjxwh9n?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e085cc42e0ae54942c5fa530a4f9ac24e71867a48035ae1336b2e57f897d7f62
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.023485
x-frame-options
SAMEORIGIN
yts9th2xirgynfhxdteyxy5h0rv1
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain
  • https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMGE1T3c9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--c65a41933f3e9339b532ea486b951f1894193d56/png
  • https://s3.amazonaws.com/com.memberhub.storage/yts9th2xirgynfhxdteyxy5h0rv1?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...
60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.memberhub.storage/yts9th2xirgynfhxdteyxy5h0rv1?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c16f07dbfdbcc497e308486ce92a12a2affe3fbd127d2369a495899fd3ec5e8
Protocol
HTTP/1.1
Server
52.217.197.72 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
5a1fa21a2301c30340761b8b29a64dc3f8bacf87b34f47ebb5b2512524df671c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

x-amz-id-2
leyBeUVYYdK39bgQFF+rXShzSq9Wy4uMU9TrOvFw0Hw3FDBtZaPNrT4PeoF8ZwhRJog1xeR+Ir4=
ETag
"3457aadaf715234982affdbaf246a055"
x-amz-request-id
DY4TNWQBPWJ48EB9
Accept-Ranges
bytes
Content-Length
61182
Date
Thu, 24 Oct 2024 00:02:22 GMT
Last-Modified
Mon, 21 Aug 2023 18:38:43 GMT
Content-Disposition
inline; filename="png"; filename*=UTF-8''png
Server
AmazonS3
Content-Type
image/png
x-amz-server-side-encryption
AES256

Redirect headers

x-request-id
500b41f9-8884-4de0-8dae-8661960bb344
cache-control
max-age=300, private
location
https://s3.amazonaws.com/com.memberhub.storage/yts9th2xirgynfhxdteyxy5h0rv1?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241024%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241024T000220Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9c16f07dbfdbcc497e308486ce92a12a2affe3fbd127d2369a495899fd3ec5e8
x-rack-cors
miss; no-origin
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-download-options
noopen
referrer-policy
strict-origin-when-cross-origin
date
Thu, 24 Oct 2024 00:02:20 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8
vary
Origin
x-runtime
0.015855
x-frame-options
SAMEORIGIN
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je4al0v892291399za200zb9115494238&_p=1729728133808&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685~101794737~101823848&gdid=dZTQ1Zm&cid=852107911.1729728134&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&dl=https%3A%2F%2Fmctsptsa.givebacks.com%2Fstore%3Flimit%3D21%26live%3Dtrue&dr=https%3A%2F%2Fmctsptsa.givebacks.com%2F&sid=1729728134&sct=1&seg=1&dt=Givebacks&en=page_view&_et=6436&tfd=12782
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://mctsptsa.givebacks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://mctsptsa.givebacks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 00:02:25 GMT
content-type
text/plain
server
Golfe2
sdk-ny7ikDXF211WMR7t
cdn.growthbook.io/sub/ 		22 B
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://cdn.growthbook.io/sub/sdk-ny7ikDXF211WMR7t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/ Express
Resource Hash

Request headers

Cache-Control
no-cache
Referer
https://mctsptsa.givebacks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

cache-control
private, no-store
x-timer
S1729728147.585584,VS0,VE1
age
15
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
date
Thu, 24 Oct 2024 00:02:26 GMT
content-type
text/event-stream
x-powered-by
Express
x-served-by
cache-iad-kiad7000168-IAD, cache-fra-etou8220031-FRA
x-cache-hits
50, 1

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| pendo object| googletag object| dataLayer object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager object| _hsp object| default_gsi object| _F_toggles object| google object| closure_lm_898167 function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state boolean| PIXELS_RAN object| enabledEventSettings object| _hsq object| hsCookieBanner boolean| _hspb_loaded boolean| _hspb_ran boolean| hubspot_live_messages_running object| HubSpotConversations function| sanitizeKey boolean| _hstc_loaded object| regeneratorRuntime object| FontAwesomeConfig object| ___FONT_AWESOME___ function| QuillImageDropAndPaste boolean| _hstc_ran object| hsCallsToActionsReady string| __hsUserToken number| expireDateTime function| fbq function| _fbq

10 Cookies

Domain/Path Name / Value
.givebacks.com/ Name: _ga
Value: GA1.1.852107911.1729728134
.givebacks.com/ Name: __hstc
Value: 210915018.80e36ced0d7146e1753b871a5603c8ff.1729728135399.1729728135399.1729728135399.1
.givebacks.com/ Name: hubspotutk
Value: 80e36ced0d7146e1753b871a5603c8ff
.givebacks.com/ Name: __hssrc
Value: 1
.givebacks.com/ Name: __hssc
Value: 210915018.1.1729728135399
.givebacks.com/ Name: _gcl_au
Value: 1.1.344299325.1729728136
.hubspot.com/ Name: __cf_bm
Value: At4Cz9uYAVDjyyI8KMpvf9xTc7BpmYHsAIOfVocE1pc-1729728136-1.0.1.1-qqm.bmICh5IuOjJppAtsutxY7a8T6YV03n.WzrCrxtfiAwE7a6kUqLerDcEitRGK2fL7Up31qAeqkV_NZ8IEeg
.hubspot.com/ Name: _cfuvid
Value: T0zFjAOomU95e7Vqi9D_K1cctpqVqPXGYhXaUNSGzrA-1729728136145-0.0.1.1-604800000
.givebacks.com/ Name: _fbp
Value: fb.1.1729728136325.262548717372778159
.givebacks.com/ Name: _ga_LZN7J64ECH
Value: GS1.1.1729728134.1.1.1729728140.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.givebacks.com
api.hubapi.com
api.hubspot.com
api.memberhub.com
cdn.growthbook.io
cdn.pendo.io
connect.facebook.net
fonts.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
mctsptsa.givebacks.com
mctsptsa.memberhub.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.googletagmanager.com
13.35.58.6
142.250.185.98
151.101.193.91
157.240.252.13
157.240.252.35
172.217.16.200
18.66.102.123
2001:4860:4802:32::36
216.239.34.36
2606:4700:4400::ac40:9310
2606:4700::6810:4b8e
2606:4700::6810:7574
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6811:80ac
2606:4700::6812:f06c
2a00:1450:4001:803::200a
2a00:1450:4001:806::2008
2a00:1450:4001:80f::2002
2a00:1450:4013:c16::54
2a03:2880:f177:83:face:b00c:0:25de
34.36.213.229
35.175.155.78
52.217.197.72
52.3.104.183
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
11b7ff471669ac4d286aa0e41658f2698147ec64add01bb3b0c7e49d1d30cd8c
17233f87529d44019e7669ba8d68a2178328ee61a85d79816811c461025faacd
1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55
1e9ba2ef0b464b70886dac164ce774950108d41828e7740631dc8782ff07d3cd
2e2d7247ef3b2b7414d831658ae7c6bd65ce927cb344fe38bb7416c550670e85
2ea50b530775a9ad62753d77bd0cdfd4dd9e2d16bf6842016827ffb6560e195f
2efe4ab979b9ff9c5d3be58f8e226077582b8bffa371cbd2c868c3b77e87cc2b
360b2518c8bce78a3d3eaa926ebb1b4c628098c37975f9b57291063e8374d7e9
440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349
44a2b41ee63a3053eade7afa56053bf7a7f276ef4ec449572ab3c2d8c1e24f8b
468925e492852e03bc7244ba5f57209d4a1a392bac63638437d99c2e20e13498
4caec64067ec862ce028fc2f322a3fc73b10b0a60f501049e83ac9ea431cd947
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11
5a1fa21a2301c30340761b8b29a64dc3f8bacf87b34f47ebb5b2512524df671c
5b3e1b056353b34f00f6ccc3fd82b51ec7d19093a5f8902e625c8742d41f3efd
5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7
5dfaf99ec3668a228a9e10bf236e4b4e5059f0795e157b06a95afc380241240b
5e205264cc5096836da261786971d241306c699da121f01ab7d078972c979ed9
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
6a0b4baa1a655f75fa5338621ec955134679801902e8352d487717cf8b8c6b1d
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
7be4c2df7752dc4274589e7b65d5dd6d893e3c0619417a461dab0b61018719bb
7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a
80a5442c480b1cef8d7ff1464ba993fd5f1655454ead340f633fe164eec04d72
84b8e7ea7c3f013b603ee95edac2068a3b21c1e226e601ed1b2fd4786619f062
9aa42c76fd5ce12ba085cfd7e8361ec7260c3cd7685a43513e112064ff309015
a62e09fa600dee9e173137e7e0c727e41aaf13024c5f281a4dd80473556df476
a8f649cd919d92a60f0dfe380d9650cdc14531b75178a45e530312d2b4083047
a9e491c80e4495b47ce51fef4d38dd0f7f987abdd97b060ab654295e0658649a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac32c21c19fb539f711c44a8261f518c385c35151598cc5489ad3b61ec756654
b3cad51ca0cfdbeac9d38f7aad54e6564408f0da56a6fd56350e0d03d4f0aef9
b7e17f29fc96104f3eb1be19d0f5ea0d746f661e5c0eefca4a67dbf238166db3
be778c26214da0ed6f8b98a8424d561e0deffc60d23eb816868ea3aaf5059ecf
c2438212fc419e54fe79077981a8c75e997dfcfef29d4777fc36d90d81d6acd7
ccdd04788749c6c198414746060fb8845c7bd592ddaf7dcdccb5c2b0398f6c86
cea5dfc3b4d3de37d98b675c3e95edb5ca595fcb6ebdefba6cf200dc9a16fc7c
dad10a832ba51b5db08691887a58b582022dd25c7849e0dd70f1ff8484d74a2c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e264dd7376a6aa54dd468debd0b46618dd564109e6a5ef0870ef7523b690e332
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bcae73b2a443c55563f202a559608e4665c709a4053c56f1e16bcb701f223a
f42615ee0d75d5afd126f639e3f2aaed37b6aaf21ba13902db3d7d8c331e6a9e
fe1b561641d398b3df7f7e17c60d4fa6bef491a85af9b205e30f22ca06a4cf71