wspta-01879444.givebacks.com Open in urlscan Pro
13.35.58.37 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wspta-01879444.givebacks.com/
Effective URL:
https://wspta-01879444.givebacks.com/
Submission: On November 02 via api (November 2nd 2024, 8:36:38 pm UTC) from US — Scanned from DE

Summary HTTP 59 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 59 HTTP transactions. The main IP is 13.35.58.37, located in United States and belongs to AMAZON-02, US. The main domain is wspta-01879444.givebacks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 10th 2023. Valid for: a year.

This is the only time wspta-01879444.givebacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	13.35.58.37 13.35.58.37	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:89d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c06::54	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:28f0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4b8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:80ac	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f46c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
3	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.192.248.160 34.192.248.160	14618 (AMAZON-AES) (AMAZON-AES)
3 12	18.211.130.70 18.211.130.70	14618 (AMAZON-AES) (AMAZON-AES)
6	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	16.182.36.160 16.182.36.160	16509 (AMAZON-02) (AMAZON-02)
59	23

10 13.35.58.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-37.fra60.r.cloudfront.net

wspta-01879444.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89d1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:28f0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4b8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:80ac (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f46c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.192.248.160 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-248-160.compute-1.amazonaws.com

api.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.211.130.70 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-130-70.compute-1.amazonaws.com

api.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 16.182.36.160 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	memberhub.com 3 redirects api.memberhub.com — Cisco Umbrella Rank: 274907	29 KB
12	givebacks.com wspta-01879444.givebacks.com api.givebacks.com — Cisco Umbrella Rank: 314089	2 MB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	373 KB
4	amazonaws.com s3.amazonaws.com	675 KB
3	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 8786	1 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5132 track.hubspot.com — Cisco Umbrella Rank: 2324	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	182 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643
2	google.com accounts.google.com — Cisco Umbrella Rank: 18 www.google.com — Cisco Umbrella Rank: 3	86 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3483	998 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2191	25 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3176	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5048	26 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2172	26 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	924 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 626	202 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2500	992 B
59	19

	Domain	Requested by
12	api.memberhub.com	3 redirects wspta-01879444.givebacks.com
10	wspta-01879444.givebacks.com	wspta-01879444.givebacks.com
6	www.facebook.com
5	www.googletagmanager.com	wspta-01879444.givebacks.com www.googletagmanager.com js.hsadspixel.net
4	s3.amazonaws.com
3	cdn.growthbook.io	wspta-01879444.givebacks.com
3	securepubads.g.doubleclick.net	wspta-01879444.givebacks.com securepubads.g.doubleclick.net
2	api.givebacks.com	wspta-01879444.givebacks.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	region1.google-analytics.com	www.googletagmanager.com
2	api.hubspot.com	js.usemessages.com
1	track.hubspot.com
1	www.google.com	www.googletagmanager.com
1	api.hubapi.com	js.hsadspixel.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	fonts.googleapis.com	wspta-01879444.givebacks.com
1	cdn.pendo.io	wspta-01879444.givebacks.com
1	accounts.google.com	wspta-01879444.givebacks.com
1	js.hs-scripts.com	wspta-01879444.givebacks.com
59	22

This site contains links to these domains. Also see Links.

Domain
support.memberhub.com
www.givebacks.com
support.givebacks.com

Subject Issuer	Validity	Valid
*.givebacks.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hs-scripts.com WE1	`2024-09-26` - `2024-12-25`	3 months	crt.sh
accounts.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdn.pendo.io WR3	`2024-09-19` - `2024-12-18`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
hs-banner.com WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
usemessages.com WE1	`2024-10-06` - `2025-01-04`	3 months	crt.sh
hsadspixel.net WE1	`2024-10-10` - `2025-01-08`	3 months	crt.sh
hs-analytics.net WE1	`2024-10-07` - `2025-01-05`	3 months	crt.sh
hubspot.com WE1	`2024-10-03` - `2025-01-01`	3 months	crt.sh
hubapi.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
cdn.growthbook.io R11	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-12` - `2024-11-10`	3 months	crt.sh
*.memberhub.com Amazon RSA 2048 M02	`2024-02-24` - `2025-03-23`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-09-18` - `2025-09-16`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://wspta-01879444.givebacks.com/
Frame ID: CE16C7EF31BAC74FD90CFC4686504FE0
Requests: 56 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwspta-01879444.givebacks.com
Frame ID: D9C0C1B52439EF58C3472073FF7A3100
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Givebacks

Page URL History Show full URLs

http://wspta-01879444.givebacks.com/ HTTP 307
https://wspta-01879444.givebacks.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

59
Requests

95 %
HTTPS

73 %
IPv6

19
Domains

22
Subdomains

23
IPs

3
Countries

3946 kB
Transfer

10981 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://support.memberhub.com/hc/en-us/articles/4425149109143-What-MemberHub-payers-need-to-know-
Title: Givebacks Store FAQs

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/story
Title: About

Search URL Search Domain Scan URL

URL: https://support.givebacks.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/terms
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wspta-01879444.givebacks.com/ HTTP 307
https://wspta-01879444.givebacks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOFplVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--94588f4a85627d4e2ebe4e6f1168ed5808a4e86c/png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/j6eq9nrw4res2hu1zar6b7xsiqf5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=92c8f980ca0d01f97527e114455ddfbb476f2da07b9dbb5abc7960aa4bb88501

Request Chain 55

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK2hlVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e8471233a51005909f0b282629f9fb7f1e418a37/png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/f2egr4l60lo0zvyh51rcvccqmi72?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e2a70e1ba44443ccc3be75ec847545e35399a7b67c303e212cb353f3003b32c0

Request Chain 56

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBODVlVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--35816a7b72ee50ba0c4fab3d1bda57eeea4ad5c9/png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/97fls8lb6rmd4criz0uw3x9mzz94?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=49a14e4997d5d032a1f752b798586aa5ba6936d822fc1a161be7e3d034f8e03e

59 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wspta-01879444.givebacks.com/
Redirect Chain

http://wspta-01879444.givebacks.com/
https://wspta-01879444.givebacks.com/

3 KB
2 KB

73ms
7ms

Document
text/html

13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 19ed3400797b591a278285656b6f5718ba62a71d242434ae66a0c5b47fe7edf2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 71712
content-encoding: gzip
content-type: text/html
date: Sat, 02 Nov 2024 00:41:20 GMT
etag: W/"7c4c80e240b8c58b1ea04d91e8e5eb27"
last-modified: Thu, 31 Oct 2024 17:11:20 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-amz-cf-id: y37ZTxWqirXVc2he-sTcvTFeM3G_SSEl7teiNmouPhtFbMng-j4adg==
x-amz-cf-pop: FRA60-P10
x-cache: Hit from cloudfront

Redirect headers

Location: https://wspta-01879444.givebacks.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 105 KB
33 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3eb68fa199614d77a5fa851ac6140784b26e743c41e20be6bf6dabd063815d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
etag: 615 / 20029 / m202410280101 / config-hash: 10257544082128673461
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33611
x-xss-protection: 0
server: cafe

GET
H2 200 21159.js Show response
js.hs-scripts.com/ 2 KB
992 B 79ms
43ms Script
application/javascript 2606:4700::6810:89d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21159.js

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:89d1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51b543b77077dd9893b14a9e4cf781cbd605100d67fe87cccb165045d56ac3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
cf-cache-status: HIT
age: 24
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 20:38:01 GMT
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 22dc0532-2cac-4386-8ae0-4bd784d51a7c
content-type: application/javascript;charset=utf-8
vary: origin, Accept-Encoding
last-modified: Sat, 02 Nov 2024 20:36:07 GMT
cache-control: public, max-age=90
access-control-allow-credentials: true
cf-ray: 8dc6eacffe16372d-FRA
accept-ranges: bytes
access-control-allow-origin: https://afhsptsa.givebacks.com
content-length: 616
server: cloudflare

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 92ms
36ms Script
application/javascript 2a00:1450:400c:c06::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecc3206fc68893baf155247d0ef2d585f6b16ab6b901e8abc00fef1999f639f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GoDKTfkFLhQ6L4XLaAt_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-security-policy: script-src 'report-sample' 'nonce-GoDKTfkFLhQ6L4XLaAt_qQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Sat, 02 Nov 2024 20:36:31 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 index-CMGsRG8m.js Show response
wspta-01879444.givebacks.com/assets/ 6 MB
2 MB 13ms
11ms Script
text/javascript 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c091904b8555156626724b0213fbb680e01c5cfa53f1878a697ac4d2d2f9eae6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
etag: W/"dc040304ae50c1a301bd0f0166104047"
age: 67652
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: yZxDUHA0zKR6WQ7FQjcWHNQDWU2_BO__VjUA34w_njmdpRwa8r1W1w==
date: Sat, 02 Nov 2024 01:49:00 GMT
content-type: text/javascript
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding

GET
H2 200 index--KZYIWC9.css
wspta-01879444.givebacks.com/assets/ 645 KB
97 KB 12ms
10ms Stylesheet
text/css 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5181ceec4fd4e5e37d48d4a2bd79c426c9e0fde3c81d472266ca6bd21ceb2c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
etag: W/"e3c296ce3be6f964d5b1afb9150c0d88"
age: 73175
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: lkN_agaYhS4aVrAtPgJGLfBc1UMc4QYpXzu-G9udfRW_Yr0BABKylw==
date: Sat, 02 Nov 2024 00:16:57 GMT
content-type: text/css
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/ 622 KB
202 KB 43ms
8ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/pendo.js

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

7f722946adca8d113c2b596da4a947ad18cf6154967f5aeaf25602875a6ae001

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: *
content-encoding: gzip
x-goog-hash: crc32c=RyL2BA==, md5=fVPL9vmX6JB1/6LIiCP59Q==
etag: "7d53cbf6f997e89075ffa2c88823f9f5"
age: 5
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 205901
date: Sat, 02 Nov 2024 20:36:26 GMT
last-modified: Thu, 31 Oct 2024 18:10:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-guploader-uploadid: AHmUCY0ij6hqyzDYymQeZQVttCKiBLGN4mL5JIpyxXkioaHVDItX1jUfAUteRfgo454Plf3crwWDkfPXAg
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: public,max-age=450
x-goog-storage-class: STANDARD
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1730398259762757
content-length: 205901
server: UploadServer

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
78 KB 47ms
17ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

167828e49a602724207c45d252c1934d28ae7b068c8f89688ba38260b02d8276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 79018
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
924 B 290ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9aa42c76fd5ce12ba085cfd7e8361ec7260c3cd7685a43513e112064ff309015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 02 Nov 2024 19:35:39 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/ 483 KB
150 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410280101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
etag: 2396380646379452942
age: 18071
x-content-type-options: nosniff
expires: Sun, 02 Nov 2025 15:35:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Sat, 02 Nov 2024 15:35:20 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153075
x-xss-protection: 0
server: cafe

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 76 B
83 B 25ms
24ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wspta-01879444.givebacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

babe398cc580d5fed92bd86ab38fb889d824a9cf59dff3624e93f82fc8b63afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Sat, 02 Nov 2024 20:36:31 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 59
date: Sat, 02 Nov 2024 20:36:31 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21159/ 71 KB
26 KB 48ms
19ms Script
text/javascript 2606:4700:4400::6812:28f0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21159/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:28f0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-evy-trace-virtual-host: all
access-control-max-age: 604800
x-request-id: 97e68b00-a9b5-449a-9683-018ad874ab4c
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding: gzip
cf-cache-status: HIT
etag: W/"2b04641007c8073968086ff34a30127b"
x-amz-version-id: .dI6XHlg_aGJ2X81dlJTa7EoEeQJvbwB
age: 224
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires: Sat, 02 Nov 2024 20:37:47 GMT
x-evy-trace-listener: listener_https
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 97e68b00-a9b5-449a-9683-018ad874ab4c
content-type: text/javascript; charset=UTF-8
last-modified: Mon, 15 Apr 2024 13:58:30 GMT
vary: origin, Accept-Encoding
x-amz-id-2: 24iNqSS7jjHKThBWFOTQbtg4kZDk/VLXyhQ9MzhpuYPkqjiTcE8g0iARw1+toxA4qS7yyPFxS9w=
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
timing-allow-origin: *
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6895b58fd6-wxrdh
x-envoy-upstream-service-time: 108
access-control-allow-credentials: true
x-amz-request-id: B5VD6QKHG9GCJHHP
cf-ray: 8dc6ead06c363660-FRA
access-control-allow-origin: https://glacierptsa.givebacks.com
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 93 KB
26 KB 41ms
20ms Script
application/javascript 2606:4700::6810:4b8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4b8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 57c5e01e-59fc-4676-8b61-488601b5858f
content-encoding: gzip
cf-cache-status: HIT
etag: W/"437fb84b40fd41c605a366d14a984219"
x-amz-version-id: GnpHiVDEdERXJOUylwbQwpaNqjGhipG0
age: 304
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: JON59rn9n8X6Kqu26FtlJW9rFcmjKoGHm1CL0JsE0rJZdcbeMw2GtA==
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 57c5e01e-59fc-4676-8b61-488601b5858f
content-type: application/javascript; charset=utf-8
last-modified: Thu, 31 Oct 2024 16:46:07 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-kd98q
x-envoy-upstream-service-time: 1
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18525/bundles/project.js&cfRay=8dc6e3626b593a7a-FRA
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
cf-ray: 8dc6ead05f7d9bbf-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: conversations-embed/static-1.18525/bundles/project.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 7 KB
4 KB 47ms
26ms Script
application/javascript 2606:4700::6811:80ac
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:80ac , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b722e4252644018e80e741c7bed5314d648d675a5e8a92f868fb4a37bf838fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-evy-trace-virtual-host: all
x-request-id: 7ea97b34-3b9a-4457-a97d-16de7e8b1699
content-encoding: gzip
cf-cache-status: HIT
etag: W/"de943670823a092a68f319ed95e54975"
x-amz-version-id: uP7sUJ3fPrhH7f8qp64rtb7CZvYx8ubY
age: 600
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-amz-cf-id: Smua2fOFbEP4MrHnTxzdbu9rXw72YbjnsKwaA6-9d9xdWdf7NqrJZg==
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 7ea97b34-3b9a-4457-a97d-16de7e8b1699
content-type: application/javascript; charset=utf-8
last-modified: Fri, 01 Nov 2024 17:03:42 UTC
vary: accept-encoding
x-evy-trace-listener: listener_https
x-amz-replication-status: COMPLETED
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-86c46c9777-27tb9
x-envoy-upstream-service-time: 0
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.630/bundles/pixels-release.js&cfRay=8dc6dc27f8f0dbef-FRA
via: 1.1 66b6cd04ec22251498906e833eb08668.cloudfront.net (CloudFront)
cf-ray: 8dc6ead0696dbb7f-FRA
x-evy-trace-route-configuration: listener_https/all
x-hs-target-asset: adsscriptloaderstatic/static-1.630/bundles/pixels-release.js
x-amz-cf-pop: IAD12-P3
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 21159.js Show response
js.hs-analytics.net/analytics/1730579700000/ 68 KB
25 KB 50ms
20ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1730579700000/21159.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e264dd7376a6aa54dd468debd0b46618dd564109e6a5ef0870ef7523b690e332

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-amz-server-side-encryption: AES256
x-request-id: b0851967-034a-4493-ace6-eb5976812dd4
content-encoding: gzip
cf-cache-status: HIT
etag: W/"c13418e6a8131ab0e86808746580abf5"
x-amz-version-id: null
age: 23
expires: Sat, 02 Nov 2024 20:41:08 GMT
x-evy-trace-listener: listener_https
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: b0851967-034a-4493-ace6-eb5976812dd4
content-type: text/javascript
last-modified: Tue, 22 Oct 2024 20:37:43 GMT
vary: origin, Accept-Encoding
x-amz-id-2: BfJo/8sDIzWaryORkpUxfTXbGD9j/+OvCKp2y17iEIyYpGHE/4sZSN+qGd17IuygcnZWKsChqluJ4z2YjIdeawljwOSQilPY
x-evy-trace-route-service-name: envoyset-translator
cache-control: max-age=300,public
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-58b4c4568d-jtg88
x-envoy-upstream-service-time: 24
access-control-allow-credentials: false
x-amz-request-id: CX4VV839ETSGH8RC
cf-ray: 8dc6ead06fc33826-FRA
x-evy-trace-route-configuration: listener_https/all
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 269 B
921 B 139ms
138ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.18525&mobile=false&messagesUtk=822c5d27997046c8b043eedc05887c91&traceId=822c5d27997046c8b043eedc05887c91

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b7cf6e23f3586dda369b98b722d5f2e0f542b8a73a6f09e3cb2d94c8ad55f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri: https://wspta-01879444.givebacks.com/
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fgu0a4pZ4YTVQXBWV2zO3WbaP%2FFcJD0i0CwXa9M8thEESiK%2B8naUs24y6bYaV6p3vIUG3O%2B03pNwZVJVnqOUS8OKOUOOVemugezhJ2KWXeDovDvF5l7dmvJXbfQ%2B%2FK5FPlpkxkz5iQdb56XJEA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 43d6189e-7005-4953-b735-2da63d1fac58
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8dc6ead199d0dca2-FRA
access-control-allow-origin: https://wspta-01879444.givebacks.com
content-length: 217
server: cloudflare

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 151ms
130ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://wspta-01879444.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://wspta-01879444.givebacks.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8dc6ead0cfd9dca2-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sat, 02 Nov 2024 20:36:31 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8lbd1i2oJO1EwHLLUkOrPxLWUZQzKScBQ%2BwG4pVr%2BfUt4MAOt20f7snA14NPD1KM57raJGXz%2Fwxlg8fV5VNExTR3DvsUDxviw0T4maslCq5i2Q2Bc8CdnKImTQTFLyzD2G5DUqVQMbk4kZJoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-hubspot-correlation-id: 0a7231fc-53dc-48fb-8b20-995f1b664c3e

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 399 B
998 B 159ms
136ms XHR
application/json 2606:4700::6812:f46c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21159

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f46c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 180
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6Ev9T0VOslLRwQQNhjFP%2Bslzq2%2B3F59LGmCroy65%2BTH%2FasRlKG5SYRZndjFkNzve1%2FBsAp5QPb4YjjcmjZRkqDddLaUDKugsKWV%2BmGaTl1ABHDvQmpSV%2BnSciwlAZfqOGKGY2ewzjPWhnwNb"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:31 GMT
x-hubspot-correlation-id: 662ee080-4b3e-43d9-a262-612851697da8
content-type: application/json;charset=utf-8
vary: origin, Accept-Encoding
access-control-allow-headers: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials: false
cf-ray: 8dc6ead0de2f904f-FRA
access-control-allow-origin: https://wspta-01879444.givebacks.com
content-length: 283
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 306 KB
103 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7071d34ca93e2a7e677a1f9491181bb25473f12688d8e9f2ce9f1e436bece2e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 105555
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 37ms
15ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je4au0v892291399z89115494238za200zb9115494238&_p=1730579791356&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=659221719.1730579792&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1730579791&sct=1&seg=0&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&dt=Givebacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=381
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wspta-01879444.givebacks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5aa2cd4e15bfe27a634dcc5f098c19c6aad96c793f9b1279d238327286755546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98003
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
96 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55769931a935d43ab832af997add9caa6b05702dbdb471b3008622fcd73e11eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 02 Nov 2024 20:36:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 02 Nov 2024 18:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98040
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 34ms
16ms Ping
text/plain 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=536248290.1730579792&auid=580740392.1730579792&npa=1&did=dZTQ1Zm&gdid=dZTQ1Zm&gtm=45be4au0za200zb9115494238&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&tft=1730579791692&tfd=496&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11087670310
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame D9C0 0
0 33ms
16ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fwspta-01879444.givebacks.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11087670310

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Nov 2024 20:36:31 GMT
expires: Sun, 02 Nov 2025 20:36:31 GMT
last-modified: Mon, 21 Oct 2024 16:58:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sdk-ny7ikDXF211WMR7t Show response
cdn.growthbook.io/api/features/ 4 KB
1 KB 36ms
9ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-ny7ikDXF211WMR7t
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: b7e17f29fc96104f3eb1be19d0f5ea0d746f661e5c0eefca4a67dbf238166db3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-expose-headers: x-sse-support
content-encoding: gzip
etag: W/"113a-F8U7Zf4x68igEWjIiCwQQFDcXII"
age: 9
x-cache: HIT, HIT
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
x-served-by: cache-iad-kiad7000156-IAD, cache-fra-eddf8230038-FRA
x-cache-hits: 293885, 1
vary: Accept-Encoding
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
x-timer: S1730579792.202735,VS0,VE1
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-sse-support: enabled
content-length: 1095
x-powered-by: Express

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-0cmbGKue' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-0cmbGKue' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=23, mss=1232, tbw=4447, tp=9, tpl=0, uplat=1, ullat=-1
pragma: public
x-fb-debug: VkTqJxmm36LuqD9fokCIpjn7wz7k2I9cnCWD7f2/fTTzoPIExxa3CUbB8a9Og2AzA1OJes6Bi93t1/M6zH4fZw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 154ms
128ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3377520574&v=1.1&a=21159&pu=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&t=Givebacks&cts=1730579792177&vi=d8da0738c8f80d7f9891f45c78aee0f8&nc=true&u=210915018.d8da0738c8f80d7f9891f45c78aee0f8.1730579792175.1730579792175.1730579792175.1&b=210915018.1.1730579792175&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-robots-tag: none
x-request-id: bcad826f-1f98-47c9-9dae-4fafabb7a320
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUmn87mKHJlxjaADdEdwEh%2FuOkrrojRrypWarsZo9zFhmF747KwGzL3CscNOlkr3pmgSel2VxedivCT1nCriK8IYGsP%2Bgg1mMrf%2Becce0LB5E0hgsVs85PioBTi38mOY%2Bw2ce5FSYvL%2FtJo4y12S"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-evy-trace-listener: listener_https
p3p: CP="NOI CUR ADM OUR NOR STA NID"
date: Sat, 02 Nov 2024 20:36:32 GMT
x-hubspot-correlation-id: bcad826f-1f98-47c9-9dae-4fafabb7a320
content-type: image/gif
vary: origin, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
cache-control: no-cache, no-store, no-transform
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-746d57b5c6-7d69g
x-envoy-upstream-service-time: 6
access-control-allow-credentials: false
cf-ray: 8dc6ead54857d3bd-FRA
x-evy-trace-route-configuration: listener_https/all
content-length: 45
server: cloudflare
x-evy-trace-virtual-host: all

GET
H2 200 wspta-01879444 Show response
api.givebacks.com/services/core/causes/ 3 KB
4 KB 345ms
154ms XHR
application/json 34.192.248.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.givebacks.com/services/core/causes/wspta-01879444

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.248.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-248-160.compute-1.amazonaws.com

Software

Resource Hash

cab50261f8efa7d74bef5050d66e7e1b87ceb9e6a140b98f4c203d6544130934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: 3947d136-3b0a-4205-b881-82c61e54e665
access-control-expose-headers
etag: W/"cab50261f8efa7d74bef5050d66e7e1b"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.060049
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
content-length: 3220
x-xss-protection: 0

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 58 B
572 B 305ms
106ms XHR
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=undefined

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: 4b0f8ce9-1f87-46a7-80ca-c753238129b8
access-control-expose-headers
etag: W/"0c5b8dc8aff19cf814eb665f881709ff"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.011288
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 favicon.ico
wspta-01879444.givebacks.com/ 15 KB
15 KB 9ms
9ms Other
image/vnd.microsoft.icon 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

etag: "33f8e225ea5a16fef01666568c3f8e9a"
age: 68417
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 15086
x-amz-cf-id: gegpwKZgcg5eNzvGc0nQ6k5SDR-qU8hDYl51BOONvTsxUNtPW6_F2g==
date: Sat, 02 Nov 2024 01:36:16 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10

GET
H3 200 495956447226186 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 102ms
102ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495956447226186?v=2.9.176&r=stable&domain=wspta-01879444.givebacks.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

902657393a3cc62b079674ddc62c44f0976632c793bb6ca8a81f03f8bb94314a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-nS32agf8' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-nS32agf8' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=69, mss=1232, tbw=70876, tp=68, tpl=0, uplat=94, ullat=0
pragma: public
x-fb-debug: hdiglM4x3t7bYr/T+PD0J6/84y+jl0T2FDZd8QlgVVuk5V/MMs69i4cE313I6hAGICYf2sKJ0nKbEsD6+TxcfQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 Poppins-Regular-D_fR_ai8.woff2
wspta-01879444.givebacks.com/assets/ 48 KB
49 KB 7ms
7ms Font
font/woff2 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/Poppins-Regular-D_fR_ai8.woff2
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css

Response headers

etag: "46ff920efe7721f9087376e8131619e8"
age: 66684
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 49652
x-amz-cf-id: VXozRXgpx9wxHxlBgai16lBQK-_ADT9gkUEB5wXO90opSG5BHJclFQ==
date: Sat, 02 Nov 2024 17:15:33 GMT
content-type: font/woff2
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding

GET
H2 200 sdk-ny7ikDXF211WMR7t
cdn.growthbook.io/sub/ 22 B
0 8ms
8ms EventSource
text/event-stream 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-ny7ikDXF211WMR7t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://wspta-01879444.givebacks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1730579792.351853,VS0,VE1
age: 26
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230038-FRA
x-cache-hits: 34, 1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 24ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&rl=&if=false&ts=1730579792463&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2903, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 155ms
139ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&rl=&if=false&ts=1730579792463&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=0&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432783611809119042"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: GFwOvXhsF5sXjM+vRXNNabBusEZappHaCSPuLFme2GiTf3MSJExLVqNSuNuxwCPEyovK9bc7yhJAFQpoTJ7GIQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432783611809119042", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1328, tbw=3220, tp=-1, tpl=-1, uplat=130, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H/1.1 200
OK wllqu0qtb5c8fb4yw2hqbp28qgt3
s3.amazonaws.com/production.givebacks.core.storage/ 362 KB
362 KB 392ms
203ms Image
image/png 16.182.36.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/production.givebacks.core.storage/wllqu0qtb5c8fb4yw2hqbp28qgt3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 16.182.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: df631180489eacd6b58f3cb5d082bd88706b2a53aebb9382821ebbf6100786fe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-amz-id-2: ZlXJch4+3db6qWLsibL0pLP40Dnr3F/ByItDTR/VS4l+yvL0EvTjC4fqxN32WU55D7kOhSeHEAc=
ETag: "8d08cfb15087cb0844081ac7964c74fc"
x-amz-request-id: Z09JNH2NT3HY50Q2
Accept-Ranges: bytes
Content-Length: 370762
Date: Sat, 02 Nov 2024 20:36:33 GMT
Last-Modified: Wed, 07 Aug 2024 18:11:44 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 ba2f2cf3-01cc-4786-a230-cf58808e91e0 Show response
api.memberhub.com/services/memberhub-service/organizations/ 5 KB
6 KB 206ms
206ms XHR
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/organizations/ba2f2cf3-01cc-4786-a230-cf58808e91e0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

c42c1c34b87afa98dbcc39745eaf7481b6417ce35771a9b80f80da09db7e06f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: c2ef88a4-23e0-4575-b09d-5fbd6a3120bf
access-control-expose-headers
etag: W/"c42c1c34b87afa98dbcc39745eaf7481"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.108621
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 58 B
572 B 115ms
115ms XHR
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: 05b768fc-1cd2-4ff6-8946-85b345aad8c8
access-control-expose-headers
etag: W/"7e3bbd8fa9e2f9e5b45196a8939b5737"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.020562
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 path Show response
api.memberhub.com/services/memberhub-service/webpages/ 58 B
572 B 116ms
116ms XHR
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages/path?organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0&path=/&live=true

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: 70678a43-a6c8-461d-aad7-7d64bd0ea6ab
access-control-expose-headers
etag: W/"7e3bbd8fa9e2f9e5b45196a8939b5737"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.021844
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 /
www.facebook.com/tr/ 0
124 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2Fstore&rl=&if=false&ts=1730579793020&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=1&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=10, mss=1328, tbw=6102, tp=-1, tpl=-1, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
845 B 32ms
32ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2Fstore&rl=&if=false&ts=1730579793020&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=1&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432783615087263740"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: cEdzsQf7lMFoO1zAMGReVx1xt7VmxavIlvlZW+Ok5lNWCTwRoNnpIiUeULfn1RuH4axzcMPMeUamI5VUOis/tQ==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432783615087263740", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=0, c=10, mss=1328, tbw=6270, tp=-1, tpl=-1, uplat=24, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

OPTIONS
H2 200 store_items
api.memberhub.com/services/memberhub-service/ Frame 0
0 92ms
92ms Preflight 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-130-70.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication-session-secret,authentication-session-token
Access-Control-Request-Method: GET
Origin: https://wspta-01879444.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication-session-secret,authentication-session-token
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
date: Sat, 02 Nov 2024 20:36:33 GMT

GET
H2 200 store_items Show response
api.memberhub.com/services/memberhub-service/ 8 KB
9 KB 190ms
189ms Fetch
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

735f1c012621bd9594239c0d6acbc5b05bcb5da28335b28fa0f99d96c9967f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authentication-Session-Secret: undefined
Referer: https://wspta-01879444.givebacks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Authentication-Session-Token: undefined

Response headers

access-control-max-age: 7200
x-request-id: 2c3fcb86-d329-4987-bf3c-1d9794ce8a2a
access-control-expose-headers
etag: W/"735f1c012621bd9594239c0d6acbc5b0"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-runtime: 0.095529
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2efe4ab979b9ff9c5d3be58f8e226077582b8bffa371cbd2c868c3b77e87cc2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2Fstore%3Flimit%3D21%26live%3Dtrue&rl=&if=false&ts=1730579793037&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=2&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4494, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 32ms
31ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2Fstore%3Flimit%3D21%26live%3Dtrue&rl=&if=false&ts=1730579793037&sw=1600&sh=1200&ud[external_id]=d8da0738c8f80d7f9891f45c78aee0f8&v=2.9.176&r=stable&a=hubspot&ec=2&o=12318&fbp=fb.1.1730579792462.997652542854678368&ler=empty&cdl=API_unavailable&it=1730579792340&coo=false&rqm=FGET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src 'report-sample' .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7432783614157121476"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: b7cNrqp/W1jxp9Ourdw6Hqg4mF0b3B2060g4yG6SSn4/jq1LdNC/YdjC86YGQJ0UDjYJS/CmSDRZ62dpyZdR7w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7432783614157121476", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src 'report-sample' *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4862, tp=13, tpl=0, uplat=23, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 store_items Show response
api.memberhub.com/services/memberhub-service/ 8 KB
9 KB 158ms
157ms XHR
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/store_items?&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

cd8a966a24ba64a9a42279c4037791eff733be2a500826d2e4d12a4692e16b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: 40b8d58f-1fdb-4185-824d-a3cf2dd2efe0
access-control-expose-headers
etag: W/"cd8a966a24ba64a9a42279c4037791ef"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.062116
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H2 200 fundraisers Show response
api.givebacks.com/services/store/store_items/ 659 B
1 KB 116ms
115ms XHR
application/json 34.192.248.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.givebacks.com/services/store/store_items/fundraisers?cause_id=9b70769b-0132-4ec7-89cb-13f5ebb6fd26&order[expires_at]=asc&search[live][value]=true&credits=true&limit=10&offset=0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.248.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-248-160.compute-1.amazonaws.com

Software

Resource Hash

5b3e1b056353b34f00f6ccc3fd82b51ec7d19093a5f8902e625c8742d41f3efd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://wspta-01879444.givebacks.com/

Response headers

access-control-max-age: 7200
x-request-id: c5ebfccf-2280-47c5-b755-ae59116baffc
access-control-expose-headers
etag: W/"5b3e1b056353b34f00f6ccc3fd82b51e"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.018160
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
content-length: 659
x-xss-protection: 0

GET
H2 200 favicon.ico
wspta-01879444.givebacks.com/ 15 KB
275 B 10ms
9ms Other
image/vnd.microsoft.icon 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/store?limit=21&live=true

Response headers

etag: "33f8e225ea5a16fef01666568c3f8e9a"
age: 68418
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 15086
x-amz-cf-id: uh6hVL-ftfzB4nUcUlyrbut2oQOEdoCiksQqfzwRxJ2djkfI2SVIhQ==
date: Sat, 02 Nov 2024 01:36:16 GMT
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
x-amz-cf-pop: FRA60-P10
server: AmazonS3
content-type: image/vnd.microsoft.icon

GET
H2 200 Poppins-Medium-MifvOy28.woff2
wspta-01879444.givebacks.com/assets/ 48 KB
48 KB 8ms
7ms Font
font/woff2 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/Poppins-Medium-MifvOy28.woff2
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css

Response headers

etag: "3a0a14dc7381ee5200cadbe0af4ee7de"
age: 65237
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 48956
x-amz-cf-id: lrgr0fJyaqCnyzxx5EyK7XR6rhRpDg5AbB_P6ncf6HHh5r1dVXv4AA==
date: Sat, 02 Nov 2024 17:15:33 GMT
content-type: font/woff2
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
vary: Accept-Encoding

GET
H2 200 Poppins-Bold--aKA7T72.woff2
wspta-01879444.givebacks.com/assets/ 49 KB
50 KB 9ms
9ms Font
font/woff2 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/Poppins-Bold--aKA7T72.woff2
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css

Response headers

etag: "72eea25a559272c090d4f067e7ca3034"
age: 8334
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 50576
x-amz-cf-id: 6k8TLwVBtO63vuV0r_tBVjy7EJONNxg2A0VzR1kLmFUpGDteWtKwQg==
date: Sat, 02 Nov 2024 18:17:40 GMT
content-type: font/woff2
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10

GET
H2 200 Poppins-SemiBold-BzOT8hyL.woff2
wspta-01879444.givebacks.com/assets/ 49 KB
49 KB 11ms
11ms Font
font/woff2 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/assets/Poppins-SemiBold-BzOT8hyL.woff2
Requested by: Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://wspta-01879444.givebacks.com
Referer: https://wspta-01879444.givebacks.com/assets/index--KZYIWC9.css

Response headers

etag: "a8d9aa7ba6d196c3212919c05588eaf4"
age: 74011
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 49688
x-amz-cf-id: -IkO10jvO-rrm_3W-aYxtsGreQ_brJHQVEj5ilwqx9P9IaAB6g8tLw==
date: Sat, 02 Nov 2024 00:03:03 GMT
content-type: font/woff2
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10

GET
H2 200 favicon.ico
wspta-01879444.givebacks.com/ 15 KB
276 B 11ms
8ms Other
image/vnd.microsoft.icon 13.35.58.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wspta-01879444.givebacks.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-37.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/store?limit=21&live=true

Response headers

etag: "33f8e225ea5a16fef01666568c3f8e9a"
age: 68418
via: 1.1 192147d605f496db0417cf30a0012092.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 15086
x-amz-cf-id: o7aUJA3qNxT4r213_ChFSTelSSKv4k35JUqtjlIUH9aYZMS77nmZJg==
date: Sat, 02 Nov 2024 01:36:16 GMT
last-modified: Thu, 31 Oct 2024 17:11:19 GMT
x-amz-cf-pop: FRA60-P10
server: AmazonS3
content-type: image/vnd.microsoft.icon

OPTIONS
H2 200 store_items
api.memberhub.com/services/memberhub-service/ Frame 0
0 94ms
94ms Preflight 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-130-70.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication-session-secret,authentication-session-token
Access-Control-Request-Method: GET
Origin: https://wspta-01879444.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication-session-secret,authentication-session-token
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
date: Sat, 02 Nov 2024 20:36:33 GMT

GET
H2 200 store_items Show response
api.memberhub.com/services/memberhub-service/ 8 KB
477 B 384ms
217ms Fetch
application/json 18.211.130.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/store_items?limit=21&live=true&order_by=order&organization_uuid=ba2f2cf3-01cc-4786-a230-cf58808e91e0

Requested by

Host: wspta-01879444.givebacks.com
URL: https://wspta-01879444.givebacks.com/assets/index-CMGsRG8m.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.211.130.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-130-70.compute-1.amazonaws.com

Software

Resource Hash

735f1c012621bd9594239c0d6acbc5b05bcb5da28335b28fa0f99d96c9967f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Authentication-Session-Secret: undefined
Referer: https://wspta-01879444.givebacks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Authentication-Session-Token: undefined

Response headers

access-control-max-age: 7200
x-request-id: 2a61179d-0285-4361-b57c-34cb946a377a
access-control-expose-headers
etag: W/"735f1c012621bd9594239c0d6acbc5b0"
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
x-content-type-options: nosniff
date: Sat, 02 Nov 2024 20:36:33 GMT
content-type: application/json; charset=utf-8
vary: Accept, Origin
x-runtime: 0.122832
x-frame-options: SAMEORIGIN
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

j6eq9nrw4res2hu1zar6b7xsiqf5
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOFplVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--94588f4a85627d4e2ebe4e6f1168ed5808a4e86c/png
https://s3.amazonaws.com/com.memberhub.storage/j6eq9nrw4res2hu1zar6b7xsiqf5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...

104 KB
104 KB

430ms
247ms

Image
image/png

16.182.36.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/j6eq9nrw4res2hu1zar6b7xsiqf5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=92c8f980ca0d01f97527e114455ddfbb476f2da07b9dbb5abc7960aa4bb88501
Protocol: HTTP/1.1
Server: 16.182.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8fdf5c2315d77ec08dec838fd70ab732db7c66b5e0186d9be0ce2b1d1782265d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-amz-id-2: KAxXetSf285f3/MKf4mICRV701/VJCg7mfMmCjzgy0g28nLzB/NDBvqMjIbute2NKExqRVtDGTg=
ETag: "de61834524dc81b7b70d90a1dd946190"
x-amz-request-id: P6FB104PW4K00A7A
Accept-Ranges: bytes
Content-Length: 106380
Date: Sat, 02 Nov 2024 20:36:34 GMT
Last-Modified: Tue, 27 Aug 2024 17:27:59 GMT
Content-Disposition: inline; filename="png"; filename*=UTF-8''png
Server: AmazonS3
Content-Type: image/png
x-amz-server-side-encryption: AES256

Redirect headers

x-request-id: 9ae78c13-b5a7-416e-b3e5-a0909ef02c38
cache-control: max-age=300, private
location: https://s3.amazonaws.com/com.memberhub.storage/j6eq9nrw4res2hu1zar6b7xsiqf5?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=92c8f980ca0d01f97527e114455ddfbb476f2da07b9dbb5abc7960aa4bb88501
x-rack-cors: miss; no-origin
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
date: Sat, 02 Nov 2024 20:36:33 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Origin
x-runtime: 0.016406
x-frame-options: SAMEORIGIN

GET
H/1.1

200
OK

f2egr4l60lo0zvyh51rcvccqmi72
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBK2hlVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--e8471233a51005909f0b282629f9fb7f1e418a37/png
https://s3.amazonaws.com/com.memberhub.storage/f2egr4l60lo0zvyh51rcvccqmi72?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...

104 KB
104 KB

450ms
268ms

Image
image/png

16.182.36.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/f2egr4l60lo0zvyh51rcvccqmi72?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e2a70e1ba44443ccc3be75ec847545e35399a7b67c303e212cb353f3003b32c0
Protocol: HTTP/1.1
Server: 16.182.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61210c1307803288199480cb29d41d8e355e554f694950ebc6e32b1ec2ad80fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-amz-id-2: xRb+xfmRX3plGjVy7Rr31wAAcmaDJop3ShkAXVvYPEBJexoZU+i34m3zuNqGDdQD7GSkmmh7glc=
ETag: "47d20dcf0c0415441def8867bb8a3c7a"
x-amz-request-id: P6F668V683BCBAX3
Accept-Ranges: bytes
Content-Length: 106238
Date: Sat, 02 Nov 2024 20:36:34 GMT
Last-Modified: Tue, 27 Aug 2024 17:33:34 GMT
Content-Disposition: inline; filename="png"; filename*=UTF-8''png
Server: AmazonS3
Content-Type: image/png
x-amz-server-side-encryption: AES256

Redirect headers

x-request-id: beed8663-f45b-4b98-8f25-99de44a4527f
cache-control: max-age=300, private
location: https://s3.amazonaws.com/com.memberhub.storage/f2egr4l60lo0zvyh51rcvccqmi72?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=e2a70e1ba44443ccc3be75ec847545e35399a7b67c303e212cb353f3003b32c0
x-rack-cors: miss; no-origin
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
date: Sat, 02 Nov 2024 20:36:33 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Origin
x-runtime: 0.009784
x-frame-options: SAMEORIGIN

GET
H/1.1

200
OK

97fls8lb6rmd4criz0uw3x9mzz94
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBODVlVHc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--35816a7b72ee50ba0c4fab3d1bda57eeea4ad5c9/png
https://s3.amazonaws.com/com.memberhub.storage/97fls8lb6rmd4criz0uw3x9mzz94?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=ima...

104 KB
104 KB

192ms
192ms

Image
image/png

16.182.36.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/97fls8lb6rmd4criz0uw3x9mzz94?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=49a14e4997d5d032a1f752b798586aa5ba6936d822fc1a161be7e3d034f8e03e
Protocol: HTTP/1.1
Server: 16.182.36.160 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e33af6362149549d63d3f67d6b9cf1b0e39eb02b9d519f599f190f5dc29dd77a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

x-amz-id-2: s08viAwZ89DMy/eBSfPdpPwHyxlV4LMCztBLTpXNOB8EjsJyGxPq2a1DtqR3GPa4AOjfVSSW/g8=
ETag: "0222f1c6a7144e7448387b93efe6200b"
x-amz-request-id: P6FCJK5XR8VGPN08
Accept-Ranges: bytes
Content-Length: 106317
Date: Sat, 02 Nov 2024 20:36:34 GMT
Last-Modified: Tue, 27 Aug 2024 17:30:48 GMT
Content-Disposition: inline; filename="png"; filename*=UTF-8''png
Server: AmazonS3
Content-Type: image/png
x-amz-server-side-encryption: AES256

Redirect headers

x-request-id: c74bad5b-8ae0-471b-bba8-87f2096aa3e6
cache-control: max-age=300, private
location: https://s3.amazonaws.com/com.memberhub.storage/97fls8lb6rmd4criz0uw3x9mzz94?response-content-disposition=inline%3B%20filename%3D%22png%22%3B%20filename%2A%3DUTF-8%27%27png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T203633Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=49a14e4997d5d032a1f752b798586aa5ba6936d822fc1a161be7e3d034f8e03e
x-rack-cors: miss; no-origin
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-download-options: noopen
referrer-policy: strict-origin-when-cross-origin
date: Sat, 02 Nov 2024 20:36:33 GMT
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8
vary: Origin
x-runtime: 0.009126
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 15ms
14ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je4au0v892291399za200zb9115494238&_p=1730579791356&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101823848~101878899~101878944~101925629&cid=659221719.1730579792&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730579791&sct=1&seg=0&dl=https%3A%2F%2Fwspta-01879444.givebacks.com%2F&dt=Givebacks&en=scroll&epn.percent_scrolled=90&_et=3&tfd=2869
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://wspta-01879444.givebacks.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://wspta-01879444.givebacks.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 02 Nov 2024 20:36:34 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sdk-ny7ikDXF211WMR7t
cdn.growthbook.io/sub/ 22 B
0 8ms
8ms EventSource
text/event-stream 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-ny7ikDXF211WMR7t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

Cache-Control: no-cache
Referer: https://wspta-01879444.givebacks.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: text/event-stream

Response headers

cache-control: private, no-store
x-timer: S1730579798.033416,VS0,VE0
age: 32
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT, HIT
date: Sat, 02 Nov 2024 20:36:38 GMT
content-type: text/event-stream
x-powered-by: Express
x-served-by: cache-iad-kiad7000168-IAD, cache-fra-eddf8230038-FRA
x-cache-hits: 34, 2

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.givebacks.com/	1970-01-21 10:18:59	Name: _ga Value: GA1.1.659221719.1730579792
.givebacks.com/	1970-01-21 02:52:35	Name: _gcl_au Value: 1.1.580740392.1730579792
.givebacks.com/	1970-01-21 05:02:11	Name: __hstc Value: 210915018.d8da0738c8f80d7f9891f45c78aee0f8.1730579792175.1730579792175.1730579792175.1
.givebacks.com/	1970-01-21 05:02:11	Name: hubspotutk Value: d8da0738c8f80d7f9891f45c78aee0f8
.givebacks.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.givebacks.com/	1970-01-21 00:43:01	Name: __hssc Value: 210915018.1.1730579792175
.hubspot.com/	1970-01-21 00:43:01	Name: __cf_bm Value: cxhCDz_3ehRPH_Ptz.dNoqOxRxvZxKudBQMplv0n7O4-1730579792-1.0.1.1-PMb_C3SYOFlzbE17xvu8TrFnyMyOcZhy.wZC8VXnef9cDZfgDwKR8lI5jis2dMdq.zdDDuX_nYAb514uLodKOQ
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WDau8Hn7UeF1R7OZgf6.I0PE_3q0wIuD5OCfE2GPb.8-1730579792328-0.0.1.1-604800000
.givebacks.com/	1970-01-21 02:52:35	Name: _fbp Value: fb.1.1730579792462.997652542854678368
.givebacks.com/	1970-01-21 10:18:59	Name: _ga_LZN7J64ECH Value: GS1.1.1730579791.1.1.1730579794.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.givebacks.com
api.hubapi.com
api.hubspot.com
api.memberhub.com
cdn.growthbook.io
cdn.pendo.io
connect.facebook.net
fonts.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
track.hubspot.com
wspta-01879444.givebacks.com
www.facebook.com
www.google.com
www.googletagmanager.com
13.35.58.37
151.101.193.91
16.182.36.160
18.211.130.70
2001:4860:4802:34::36
2606:4700:4400::6812:28f0
2606:4700::6810:4b8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:89d1
2606:4700::6811:80ac
2606:4700::6811:afc9
2606:4700::6812:f46c
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c06::54
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.192.248.160
34.36.213.229
067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
167828e49a602724207c45d252c1934d28ae7b068c8f89688ba38260b02d8276
19ed3400797b591a278285656b6f5718ba62a71d242434ae66a0c5b47fe7edf2
1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55
2efe4ab979b9ff9c5d3be58f8e226077582b8bffa371cbd2c868c3b77e87cc2b
346c66e4f479f4a17ed1401f493c41c4c36b694580749098da5224e7707ed994
3eb68fa199614d77a5fa851ac6140784b26e743c41e20be6bf6dabd063815d09
440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349
55769931a935d43ab832af997add9caa6b05702dbdb471b3008622fcd73e11eb
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11
5aa2cd4e15bfe27a634dcc5f098c19c6aad96c793f9b1279d238327286755546
5b3e1b056353b34f00f6ccc3fd82b51ec7d19093a5f8902e625c8742d41f3efd
5bd7a1e006fa739a820cbf397667fc86e7c4e2eb700df81b532121f78ef7d3d7
61210c1307803288199480cb29d41d8e355e554f694950ebc6e32b1ec2ad80fc
65221c19d1e390c4990c0f52f22fe4922b60b991abaa7a80dad8b2573be1bdab
7071d34ca93e2a7e677a1f9491181bb25473f12688d8e9f2ce9f1e436bece2e1
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
735f1c012621bd9594239c0d6acbc5b05bcb5da28335b28fa0f99d96c9967f3e
7e3bbd8fa9e2f9e5b45196a8939b573797d783022a803639f40cabc8cd95005a
7f722946adca8d113c2b596da4a947ad18cf6154967f5aeaf25602875a6ae001
8fdf5c2315d77ec08dec838fd70ab732db7c66b5e0186d9be0ce2b1d1782265d
902657393a3cc62b079674ddc62c44f0976632c793bb6ca8a81f03f8bb94314a
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9aa42c76fd5ce12ba085cfd7e8361ec7260c3cd7685a43513e112064ff309015
a51b543b77077dd9893b14a9e4cf781cbd605100d67fe87cccb165045d56ac3a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b5181ceec4fd4e5e37d48d4a2bd79c426c9e0fde3c81d472266ca6bd21ceb2c3
b722e4252644018e80e741c7bed5314d648d675a5e8a92f868fb4a37bf838fcc
b7e17f29fc96104f3eb1be19d0f5ea0d746f661e5c0eefca4a67dbf238166db3
b8b7cf6e23f3586dda369b98b722d5f2e0f542b8a73a6f09e3cb2d94c8ad55f2
babe398cc580d5fed92bd86ab38fb889d824a9cf59dff3624e93f82fc8b63afc
c091904b8555156626724b0213fbb680e01c5cfa53f1878a697ac4d2d2f9eae6
c42c1c34b87afa98dbcc39745eaf7481b6417ce35771a9b80f80da09db7e06f8
cab50261f8efa7d74bef5050d66e7e1b87ceb9e6a140b98f4c203d6544130934
cd8a966a24ba64a9a42279c4037791eff733be2a500826d2e4d12a4692e16b4f
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
df631180489eacd6b58f3cb5d082bd88706b2a53aebb9382821ebbf6100786fe
e264dd7376a6aa54dd468debd0b46618dd564109e6a5ef0870ef7523b690e332
e33af6362149549d63d3f67d6b9cf1b0e39eb02b9d519f599f190f5dc29dd77a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc3206fc68893baf155247d0ef2d585f6b16ab6b901e8abc00fef1999f639f1

wspta-01879444.givebacks.com Open in urlscan Pro 13.35.58.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

59 Requests

95 %HTTPS

73 %IPv6

19 Domains

22 Subdomains

23 IPs

3 Countries

3946 kBTransfer

10981 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wspta-01879444.givebacks.com Open in urlscan Pro
13.35.58.37 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

95 %
HTTPS

73 %
IPv6

19
Domains

22
Subdomains

23
IPs

3
Countries

3946 kB
Transfer

10981 kB
Size

10
Cookies

59 HTTP transactions
1 data transactions