elsiejohnson.givebacks.com Open in urlscan Pro
108.138.217.61 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ejpta.com/
Effective URL:
https://elsiejohnson.givebacks.com/
Submission: On May 19 via api (May 19th 2024, 8:21:33 pm UTC) from BE — Scanned from DE

Summary HTTP 42 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 42 HTTP transactions. The main IP is 108.138.217.61, located in United States and belongs to AMAZON-02, US. The main domain is elsiejohnson.givebacks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 10th 2023. Valid for: a year.

This is the only time elsiejohnson.givebacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	198.49.23.144 198.49.23.144	53831 (SQUARESPACE) (SQUARESPACE)
6	108.138.217.61 108.138.217.61	16509 (AMAZON-02) (AMAZON-02)
3	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c02::54	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.227.222.191 13.227.222.191	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	18.210.151.221 18.210.151.221	14618 (AMAZON-AES) (AMAZON-AES)
2 8	54.145.226.194 54.145.226.194	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:f16c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	52.216.239.117 52.216.239.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
42	23

1 198.49.23.144 (United States) 1 redirects

ASN53831 (SQUARESPACE, US)

ejpta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.217.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-217-61.lhr61.r.cloudfront.net

elsiejohnson.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.222.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-191.ams54.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.210.151.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-151-221.compute-1.amazonaws.com

api.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.145.226.194 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-226-194.compute-1.amazonaws.com

api.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f16c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.239.117 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	memberhub.com 2 redirects api.memberhub.com — Cisco Umbrella Rank: 380417	31 KB
7	givebacks.com elsiejohnson.givebacks.com api.givebacks.com — Cisco Umbrella Rank: 468462	2 MB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	345 KB
3	amazonaws.com s3.amazonaws.com	764 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4890 track.hubspot.com — Cisco Umbrella Rank: 2393	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	171 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	71 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	315 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	274 B
1	gstatic.com fonts.gstatic.com	8 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3473	1 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1845	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2225	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3146	4 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4801	25 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2189	23 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	871 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 761	161 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 20	83 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2460	1 KB
1	ejpta.com 1 redirects ejpta.com	168 B
42	21

	Domain	Requested by
8	api.memberhub.com	2 redirects elsiejohnson.givebacks.com
6	elsiejohnson.givebacks.com	elsiejohnson.givebacks.com
4	www.googletagmanager.com	elsiejohnson.givebacks.com www.googletagmanager.com js.hsadspixel.net
3	s3.amazonaws.com
3	securepubads.g.doubleclick.net	elsiejohnson.givebacks.com securepubads.g.doubleclick.net
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	api.hubspot.com	js.usemessages.com
2	region1.google-analytics.com	www.googletagmanager.com
1	www.facebook.com
1	fonts.gstatic.com	fonts.googleapis.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	api.givebacks.com	elsiejohnson.givebacks.com
1	cdn.segment.com	elsiejohnson.givebacks.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	fonts.googleapis.com	elsiejohnson.givebacks.com
1	cdn.pendo.io	elsiejohnson.givebacks.com
1	accounts.google.com	elsiejohnson.givebacks.com
1	js.hs-scripts.com	elsiejohnson.givebacks.com
1	ejpta.com	1 redirects
42	23

This site contains links to these domains. Also see Links.

Domain
elsiejohnson.memberhub.com
www.facebook.com
www.givebacks.com
support.givebacks.com

Subject Issuer	Validity	Valid
*.givebacks.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hs-scripts.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-05-06` - `2024-07-29`	3 months	crt.sh
cdn.pendo.io GTS CA 1D4	`2024-03-30` - `2024-06-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
hs-banner.com E1	`2024-04-01` - `2024-06-30`	3 months	crt.sh
usemessages.com E1	`2024-04-12` - `2024-07-11`	3 months	crt.sh
hsadspixel.net E1	`2024-04-16` - `2024-07-15`	3 months	crt.sh
hs-analytics.net GTS CA 1P5	`2024-04-13` - `2024-07-12`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
*.memberhub.com Amazon RSA 2048 M02	`2024-02-24` - `2025-03-23`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-27` - `2024-05-27`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://elsiejohnson.givebacks.com/
Frame ID: CFEF29A1D0123E22366F3FE26708212E
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Givebacks

Page URL History Show full URLs

http://ejpta.com/ HTTP 307
https://ejpta.com/ HTTP 301
https://elsiejohnson.givebacks.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

42
Requests

95 %
HTTPS

63 %
IPv6

21
Domains

23
Subdomains

23
IPs

3
Countries

3552 kB
Transfer

9150 kB
Size

11
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://elsiejohnson.memberhub.com/store?limit=21&live=true&category=PTA%20Memberships
Title: Click here to join the 2023-2024 Elsie Johnson PTA

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/277338739011144
Title: EJ PTA

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/story
Title: About

Search URL Search Domain Scan URL

URL: https://support.givebacks.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://www.givebacks.com/terms
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ejpta.com/ HTTP 307
https://ejpta.com/ HTTP 301
https://elsiejohnson.givebacks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMW9BR1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--db68dab2377abaaa15f3ec8645d19953696ca707/EJ.png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/p95t2ripf2g2bqg7ebuyngd0e554?response-content-disposition=inline%3B%20filename%3D%22EJ.png%22%3B%20filename%2A%3DUTF-8%27%27EJ.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=ff82f1e0372f5c4cff4f35dc1fe2ed0d720ade9220dceefbb1d53801bd4d0c63

Request Chain 35

https://api.memberhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTEwS1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--98ab78c55c6fe24285ee67cab5a8b851368ebc45/PTA%20Banner-2.png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/7ljtvmfp86wh3i36rk4x62ncchp7?response-content-disposition=inline%3B%20filename%3D%22PTA%20Banner-2.png%22%3B%20filename%2A%3DUTF-8%27%27PTA%2520Banner-2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a6b5fd0cf72747f60735bcb3b5c183b82fcf406357fd26e2f679e0b651f90c34

42 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
elsiejohnson.givebacks.com/
Redirect Chain

http://ejpta.com/
https://ejpta.com/
https://elsiejohnson.givebacks.com/

3 KB
2 KB

202ms
44ms

Document
text/html

108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb638601351028994cd73bcaa3c930f5dde37df4e37575ec19d0a01ddf6f7e69

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age: 60496
content-encoding: br
content-type: text/html
date: Sun, 19 May 2024 03:33:11 GMT
etag: W/"38bc3e5f58071a26ff542458e9414933"
last-modified: Tue, 14 May 2024 17:53:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
x-amz-cf-id: K1btIHahKBnpKNmMjkN5OP8pFtFpO_Qvc3oaeq0rayAt-Zoau6Gz4A==
x-amz-cf-pop: LHR61-P3
x-cache: Hit from cloudfront

Redirect headers

age: 0
content-length: 0
date: Sun, 19 May 2024 20:21:26 GMT
location: https://elsiejohnson.givebacks.com/
server: Squarespace
x-contextid: cOlyYutI/jepSg2bh

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
29 KB 160ms
54ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

0a458c62950061cf72692ad569fecd4c25832ac6924b6826c69fc1e57cad6897

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29811
x-xss-protection: 0
server: cafe
etag: 383 / 19862 / m202405090101 / config-hash: 6209096975862264858
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H2 200 21159.js Show response
js.hs-scripts.com/ 2 KB
1 KB 322ms
236ms Script
application/javascript 2606:4700::6810:8bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21159.js

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8b60098f4bbcca9a95686e54b11a3d49ced552d8b6710fb2be7633d955e61d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 91185814-2cc1-4535-8333-a5524ff33032
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 91185814-2cc1-4535-8333-a5524ff33032
last-modified: Sun, 19 May 2024 20:11:19 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://elsiejohnson.givebacks.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-5qls7
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 8866cb1a58f43655-FRA
expires: Sun, 19 May 2024 20:22:56 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 217 KB
83 KB 174ms
63ms Script
application/javascript 2a00:1450:400c:c02::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::54 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e564cf5f63fc157d8f8a57e1f6da2bf06e960f263daa2c5cbc90eadd4ba278a0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RjX5AOuxkaxQQYPUcAhiRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-RjX5AOuxkaxQQYPUcAhiRg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H2 200 index-PXCE-dR-.js Show response
elsiejohnson.givebacks.com/assets/ 5 MB
2 MB 51ms
51ms Script
text/javascript 108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js
Requested by: Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76e5bc94269b8d98c2763cc29d4b4594a12423b258b920e85c4e3aee441dc181

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Origin: https://elsiejohnson.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 16:31:26 GMT
content-encoding: gzip
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P3
age: 13800
etag: W/"ea2a3f1d90e7e3d834edbc5903be5a96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: _S7myf5dNGGnQinMWAW9s8pz0-ju7Be0FRDWBrpnKLamcTNsp1hUIA==

GET
H2 200 index-EcXVzXri.css
elsiejohnson.givebacks.com/assets/ 371 KB
50 KB 51ms
50ms Stylesheet
text/css 108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/assets/index-EcXVzXri.css
Requested by: Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d296afdc904a1418bf022e347a0759dc3bcdf49bb02e34c21f880824be55453

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Origin: https://elsiejohnson.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 06:16:29 GMT
content-encoding: br
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P3
age: 50698
etag: W/"af08bfd0f5e6718e3f767b96712362ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: bM5Fp6ZmS6dTlJfLjIAmxJfaC-hCusScRF4_lsXYgSqd4yAngrU7kQ==

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/ 496 KB
161 KB 144ms
40ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/pendo.js

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

4f7037915ae297c63a19cf5fda77b1225e27cb37d600ae86a851ff6a9b56f535

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:11:20 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 606
x-guploader-uploadid: ABPtcPr5_3XNHAUgb_C-h5ZIQZFAHIcoPacIxJMtOYFqkR7oxRu_TJEHYfKf4Ldi7UyZKHMxo3LhBIYKvQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163796
last-modified: Thu, 16 May 2024 18:17:38 GMT
server: UploadServer
etag: "ec107eb97f74bb3bfc03bdaf91696294"
vary: Accept-Encoding
x-goog-generation: 1715883458671430
x-goog-hash: crc32c=qhT4FA==, md5=7BB+uX90uzv8A72vkWlilA==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 163796
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
71 KB 155ms
68ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0dfc9517c41ceae73d740c1f9aac7511db77e43e095d274135dede75eb925d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72466
x-xss-protection: 0
last-modified: Sun, 19 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
871 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-EcXVzXri.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 May 2024 18:49:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 43ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 18:59:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4922
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 19 May 2025 18:59:24 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
77 B 156ms
73ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=elsiejohnson.givebacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

bb2fef423b7a675bf54e151de25d28a09b655157c72409a9b791ca41ee5fe1b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53
x-xss-protection: 0
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 287 KB
97 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9df88aca5197198230410f44022b9045c329cb2200dd8203881e4ede60d9b4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 May 2024 20:21:26 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21159/ 71 KB
23 KB 424ms
336ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21159/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
x-amz-version-id: .dI6XHlg_aGJ2X81dlJTa7EoEeQJvbwB
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: J9DST44CGF9WTKN9
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 50897d3b-2821-4f4a-b39a-b7e398bcaf19
x-envoy-upstream-service-time: 24
x-amz-id-2: sqgF3eyWQlqfW8/12rcWOUwvVe7+cgMEHwcebBCnjU7f6GGacpb6IAp+4LXNcxWdB8b0OPdzz10=
x-evy-trace-listener: listener_https
x-request-id: 50897d3b-2821-4f4a-b39a-b7e398bcaf19
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 13:58:30 GMT
server: cloudflare
etag: W/"2b04641007c8073968086ff34a30127b"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://ramsteinispta.memberhub.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-fp48c
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8866cb1c6b3635fe-FRA
expires: Sun, 19 May 2024 20:26:27 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 86 KB
25 KB 138ms
52ms Script
application/javascript 2606:4700::6810:4f8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4f8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ea8ae540bfd3741931be1df2906e59e664377eed99869d76a85bce4085fcfe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
x-amz-version-id: yX8Tr.ecKb1hXuiS0UCj8JAxntDEH03I
via: 1.1 d0d53eedec01ac540f737b5fafb16436.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 552
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16344/bundles/project.js&cfRay=8866bda24d2c35df-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 4d8fd8cc-b085-4aef-aaa0-db37425d5bf7
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4d8fd8cc-b085-4aef-aaa0-db37425d5bf7
last-modified: Thu, 16 May 2024 19:44:45 UTC
server: cloudflare
etag: W/"65e60b3b4bb6c9eb228f325809068ee7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp
cf-ray: 8866cb1c5e9f9064-FRA
x-amz-cf-id: r6HS0bxoU3VpxDeWzCqwAUD5aDPxiD90uX6Fwc5dZVaetFKJbYPodg==
x-hs-target-asset: conversations-embed/static-1.16344/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 149ms
55ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
x-amz-version-id: mFY3j4a3uPqa1nxwSjuH9WwSOlmw5rRi
via: 1.1 2a3aa853116c0a37d6c7762eca54d208.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 568
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.557/bundles/pixels-release.js&cfRay=8866bd3e1f9e71c4-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: b980a717-c045-492f-8222-38e581e0b5ad
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b980a717-c045-492f-8222-38e581e0b5ad
last-modified: Mon, 13 May 2024 14:08:11 UTC
server: cloudflare
etag: W/"c43db96a42a0426e882c9ce0209630a5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-ddwd7
cf-ray: 8866cb1c68be1917-FRA
x-amz-cf-id: e-aftQ-ZsqMXAA2dJ6G6tgcZK3syQ2ZWT6wciK889JQaZj7qqsulhA==
x-hs-target-asset: adsscriptloaderstatic/static-1.557/bundles/pixels-release.js

GET
H2 200 21159.js Show response
js.hs-analytics.net/analytics/1716150000000/ 67 KB
21 KB 256ms
172ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1716150000000/21159.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66dcf86826fc5e42d2ac4899fed7adf4ca44c0650c607fb8db1432ea94ea0d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: PY19V4XDZPRDA7AB
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: a81e40be-f28b-47ee-bba1-1f9f7b0c586b
x-envoy-upstream-service-time: 16
x-amz-id-2: 3aZX+MZwiwiBMIn6Vr0mUG9JBOh38IkozqJR5TEc/RNBxULDzKvWalBFXw9rozIm071wTJ8jVTE=
x-evy-trace-listener: listener_https
x-request-id: a81e40be-f28b-47ee-bba1-1f9f7b0c586b
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 24 Apr 2024 18:12:20 GMT
server: cloudflare
etag: W/"e0baa4bb414c983117aea1d35de72542"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-9fld2
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8866cb1c5b9265c2-FRA
expires: Sun, 19 May 2024 20:26:27 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/X4xDGvn414cvbHMw9IZimsr56zOCmLXT/ 603 B
1 KB 384ms
39ms Fetch
application/json 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/X4xDGvn414cvbHMw9IZimsr56zOCmLXT/settings
Requested by: Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fcd7101ea71940e2a6d533fa173de7afaadac7a0e8a97579ea9dc2fa2ccb3d0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rMnpekrZVfwEG7wfpBwHtxnyAcBatBJ9
date: Sun, 19 May 2024 19:38:57 GMT
via: 1.1 1396f0307ab4835adf6e4163507d4c8a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 9454
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 603
last-modified: Wed, 08 Nov 2023 17:26:01 GMT
server: AmazonS3
etag: "d713a6e7d57414e88efd8688915032f2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 556i3pzS8A0sHXCJQ4W5nLhcv7cQcoJQ-6-6lQgMCnLfEuUY-ma8PQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
261 B 135ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je45f0v892291399z89115494238za200&_p=1716150086677&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=158968128.1716150087&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716150087&sct=1&seg=0&dl=https%3A%2F%2Felsiejohnson.givebacks.com%2F&dt=Givebacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1437
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 20:21:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elsiejohnson.givebacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 elsiejohnson Show response
api.givebacks.com/services/core/causes/ 2 KB
3 KB 404ms
157ms XHR
application/json 18.210.151.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.givebacks.com/services/core/causes/elsiejohnson

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.210.151.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-210-151-221.compute-1.amazonaws.com

Software

Resource Hash

3dcf6b7b01070ac50d6529c27fca2ffbb8c56f1e6949f3362e830dcef57df5fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 2300
x-xss-protection: 0
x-request-id: 25c39508-68a6-40ce-ace5-43304815a9e7
x-runtime: 0.038223
referrer-policy: strict-origin-when-cross-origin
etag: W/"3dcf6b7b01070ac50d6529c27fca2ffb"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 58 B
572 B 379ms
130ms XHR
application/json 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=undefined

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-226-194.compute-1.amazonaws.com

Software

Resource Hash

0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Sun, 19 May 2024 20:21:27 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 548510e1-bcae-4e50-b598-ad2e512de749
x-runtime: 0.010550
referrer-policy: strict-origin-when-cross-origin
etag: W/"0c5b8dc8aff19cf814eb665f881709ff"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 Poppins-Regular-D_fR_ai8.woff2
elsiejohnson.givebacks.com/assets/ 48 KB
49 KB 49ms
48ms Font
font/woff2 108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/assets/Poppins-Regular-D_fR_ai8.woff2
Requested by: Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Origin: https://elsiejohnson.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 13:15:09 GMT
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P3
age: 25579
etag: "46ff920efe7721f9087376e8131619e8"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 49652
x-amz-cf-id: vmhEmkxOsStGVPUSl25aVtM0SDqQG2yG-wo1wV-yyTZ61C5TP3uuGg==

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 267 B
984 B 178ms
178ms XHR
application/json 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.16344&mobile=false&messagesUtk=98ad8045edc94e12ab1e1617911eb8eb&traceId=98ad8045edc94e12ab1e1617911eb8eb

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1a40bbd505177242a9ec40660a77a970462f0f30b4d419a9a9c75e013c9fde4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://elsiejohnson.givebacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: aae2bd3c-ee6b-4b6a-bf3c-a00de8e06534
x-envoy-upstream-service-time: 8
content-length: 210
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: aae2bd3c-ee6b-4b6a-bf3c-a00de8e06534
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://elsiejohnson.givebacks.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NZzG5BaYSkAOlAjSA4XYu3qOckC5p%2F0R0EWWhIEJOM%2BXnLhAHz4SpCV8UJVB6NAp9Dg6Mo7LRqxs5LSe7%2BjyNdOVIu3De1o9FF3Omo6EgRBRE2pgwpQD5ZPSQQdCPSFbvIXL7rOv6MtfWKgrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8866cb20dbc71981-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 293ms
199ms Preflight
text/plain 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://elsiejohnson.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://elsiejohnson.givebacks.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8866cb1f99f41981-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Sun, 19 May 2024 20:21:27 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bh1V%2BoUhApYNwFi%2Fr0taNBixQaM6huPwyWDe2O7OhAB%2BNdXumgozjG%2Bbqy8LZ8pRZEpX%2B%2BFsNh7Ofhx0AKr4rD3vYTFSSxbPUOKX3u5k20KZ%2FkNb%2Fw8Z3SuCgfZGIZ83i8VW0YOj1pbBDwdauQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-5kbgp
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: eeb026d2-774d-4429-ab5a-7718bd98ded5
x-request-id: eeb026d2-774d-4429-ab5a-7718bd98ded5

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 399 B
1 KB 270ms
177ms XHR
application/json 2606:4700::6812:f16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21159

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 42235850-c56c-4bac-8cdb-8cfc2429424a
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 42235850-c56c-4bac-8cdb-8cfc2429424a
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://elsiejohnson.givebacks.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-lkzpt
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBf1U0e3jOLA9ZsivPF4h8l5clsi4fhyfR8tQ0G8rPt9zn9TpKgkAcRBhQqbf0E9fzb%2FHXAnsmWDih5cunPHjHCqDMQVGgaa1T5Pbxza4YE%2BdjMLzrDMf7gFKdrpGoVGvMLydGhBcTbJg5lZ"}],"group":"cf-nel","max_age":604800}
cf-ray: 8866cb1faf431e68-FRA
access-control-allow-headers: *

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 253ms
170ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=21159&pu=https%3A%2F%2Felsiejohnson.givebacks.com%2F&t=Givebacks&cts=1716150087564&vi=0bf0003769acb8d77f6de6372f5220d7&nc=true&u=210915018.0bf0003769acb8d77f6de6372f5220d7.1716150087562.1716150087562.1716150087562.1&b=210915018.1.1716150087563&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 97d43473-0784-4e49-9057-6d922fcc1782
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 97d43473-0784-4e49-9057-6d922fcc1782
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jks6n50SiVzCxgjSfy3IpPt%2F3r2asXz4hkdubg4uOOn1Q956tW%2FEOJaxEYwH7boJrcMJcjq5mb3wQR%2F8r8nSZkpaPjssYD2IPaSBLhxEjX%2BGSc1MQjz1J1%2FNOqEKFA3VDbl1aaY7wk7%2FaWC8FIfY"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-nmffp
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 8866cb1ffa3d3a78-FRA
x-robots-tag: none

GET
H2 200 favicon.ico
elsiejohnson.givebacks.com/ 15 KB
15 KB 44ms
44ms Other
image/vnd.microsoft.icon 108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 06:49:08 GMT
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:40 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P3
age: 48740
etag: "33f8e225ea5a16fef01666568c3f8e9a"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
content-length: 15086
x-amz-cf-id: mMqTfX4n7HYAyFBhQT_cPMlW-Xqbot6bNNHhEZ6X8L7UK-phdJlnLQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
88 KB 69ms
68ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ebc11d6c6602806a94043ee695c5563637a621d9f55f5c5e230a91fd4724e3fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90498
x-xss-protection: 0
last-modified: Sun, 19 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 20:21:27 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
88 KB 72ms
72ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

184d297631fc39114b8f6906bf565fea2aec0a9009b864e0ea571fa69e9d45cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 20:21:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90488
x-xss-protection: 0
last-modified: Sun, 19 May 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 May 2024 20:21:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 127ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 May 2024 20:21:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1294, tbw=2779, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: vl5mQ9qSX8rgEigehBFzj0EEHlJ2cjyVHYT4ZxmDCNpaROk0eAl3eF60Pz6zYpCckS0e7ub7lLTf2EU4IHg2Zw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 75ae8aef-191c-4c14-aefd-a355adda18cc Show response
api.memberhub.com/services/memberhub-service/organizations/ 7 KB
7 KB 186ms
186ms XHR
application/json 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/organizations/75ae8aef-191c-4c14-aefd-a355adda18cc

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-226-194.compute-1.amazonaws.com

Software

Resource Hash

ec28931a13a124788eba856065aa5b7ce2a48ee8a2d5a3cf059e3fb3e90c2c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1eb70b09-5983-42ce-954f-fa5a507bb228
x-runtime: 0.067338
referrer-policy: strict-origin-when-cross-origin
etag: W/"ec28931a13a124788eba856065aa5b7c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 495956447226186 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 281ms
280ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495956447226186?v=2.9.156&r=stable&domain=elsiejohnson.givebacks.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f5b895e61134c3ae8bc85bb66185d7262a219ea5f5b773ceba4a2a1c6c8ee09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 19 May 2024 20:21:28 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=0, c=64, mss=1294, tbw=63359, tp=-1, tpl=-1, uplat=240, ullat=0
pragma: public
x-fb-debug: +tOQeu8gbWlsxDwetioOEn0pP5MOKU7vfrw1RxlWbg99I1AExgk+oDcBsWPo08uuWQwX5zYEWoxuYOpa4QFfPQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

p95t2ripf2g2bqg7ebuyngd0e554
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBMW9BR1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--db68dab2377abaaa15f3ec8645d19953696ca707/EJ.png
https://s3.amazonaws.com/com.memberhub.storage/p95t2ripf2g2bqg7ebuyngd0e554?response-content-disposition=inline%3B%20filename%3D%22EJ.png%22%3B%20filename%2A%3DUTF-8%27%27EJ.png&response-content-ty...

118 KB
119 KB

439ms
197ms

Image
image/png

52.216.239.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/p95t2ripf2g2bqg7ebuyngd0e554?response-content-disposition=inline%3B%20filename%3D%22EJ.png%22%3B%20filename%2A%3DUTF-8%27%27EJ.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=ff82f1e0372f5c4cff4f35dc1fe2ed0d720ade9220dceefbb1d53801bd4d0c63
Protocol: HTTP/1.1
Server: 52.216.239.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 67cea85c6ab25535ef87a983141f0e7f9d70a7f435b590f8db07d9f3ef726dae

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://elsiejohnson.givebacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sun, 19 May 2024 20:21:29 GMT
Last-Modified: Tue, 16 Nov 2021 23:02:01 GMT
Server: AmazonS3
x-amz-request-id: GXVJH44M7MCJZTJW
ETag: "953a40d52ec1e34167d99a6bb850e253"
Content-Type: image/png
Content-Disposition: inline; filename="EJ.png"; filename*=UTF-8''EJ.png
Accept-Ranges: bytes
Content-Length: 121281
x-amz-id-2: DyO8fHUG+IQVsTq5IaATv1baJ3FLEA7un5+rNfofh1XPdEBShPLB2ZeI8OHDzPhTSJ0P3QJOTyI=

Redirect headers

x-rack-cors: miss; no-origin
x-runtime: 0.007587
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
location: https://s3.amazonaws.com/com.memberhub.storage/p95t2ripf2g2bqg7ebuyngd0e554?response-content-disposition=inline%3B%20filename%3D%22EJ.png%22%3B%20filename%2A%3DUTF-8%27%27EJ.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=ff82f1e0372f5c4cff4f35dc1fe2ed0d720ade9220dceefbb1d53801bd4d0c63
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: c2994fba-df63-4260-a01e-20775384f0be

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 8 KB
8 KB 139ms
138ms XHR
application/json 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=75ae8aef-191c-4c14-aefd-a355adda18cc

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-226-194.compute-1.amazonaws.com

Software

Resource Hash

e5d3a686328e215f1739a68976a51f1519b8ee39652785916033d4f1b997a127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f18f33ca-6386-4f20-a0ab-478689335c40
x-runtime: 0.018018
referrer-policy: strict-origin-when-cross-origin
etag: W/"e5d3a686328e215f1739a68976a51f15"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 path Show response
api.memberhub.com/services/memberhub-service/webpages/ 6 KB
6 KB 162ms
162ms XHR
application/json 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages/path?organization_uuid=75ae8aef-191c-4c14-aefd-a355adda18cc&path=/&live=true

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-226-194.compute-1.amazonaws.com

Software

Resource Hash

0432f754919c768f9980d5e8afe6f6d0ca1623ddaea27d4c93015923b72f16cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 9c3d6100-21b1-48d3-ace9-5e6aea822a7c
x-runtime: 0.042147
referrer-policy: strict-origin-when-cross-origin
etag: W/"0432f754919c768f9980d5e8afe6f6d0"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

OPTIONS
H2 200 store_items
api.memberhub.com/services/memberhub-service/ 0
0 119ms
119ms Preflight 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.memberhub.com/services/memberhub-service/store_items?organization_uuid=75ae8aef-191c-4c14-aefd-a355adda18cc&featured=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-226-194.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authentication-session-secret,authentication-session-token
Access-Control-Request-Method: GET
Origin: https://elsiejohnson.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: authentication-session-secret,authentication-session-token
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 7200
date: Sun, 19 May 2024 20:21:28 GMT

GET
H2 200 store_items Show response
api.memberhub.com/services/memberhub-service/ 7 KB
7 KB 375ms
375ms Fetch
application/json 54.145.226.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/store_items?organization_uuid=75ae8aef-191c-4c14-aefd-a355adda18cc&featured=true

Requested by

Host: elsiejohnson.givebacks.com
URL: https://elsiejohnson.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.145.226.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-145-226-194.compute-1.amazonaws.com

Software

Resource Hash

72f0224ba4c20f82f9474a7736033d12f50ee6885dc8d47d73ffb278f79e4a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Authentication-Session-Secret: undefined
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://elsiejohnson.givebacks.com/
Authentication-Session-Token: undefined
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 70089c9f-9f2a-4d89-8b34-e892200faab3
x-runtime: 0.254056
referrer-policy: strict-origin-when-cross-origin
etag: W/"72f0224ba4c20f82f9474a7736033d12"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept, Origin

GET
H/1.1

200
OK

7ljtvmfp86wh3i36rk4x62ncchp7
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBOTEwS1E9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--98ab78c55c6fe24285ee67cab5a8b851368ebc45/PTA%20Banner-...
https://s3.amazonaws.com/com.memberhub.storage/7ljtvmfp86wh3i36rk4x62ncchp7?response-content-disposition=inline%3B%20filename%3D%22PTA%20Banner-2.png%22%3B%20filename%2A%3DUTF-8%27%27PTA%2520Banner...

158 KB
158 KB

447ms
210ms

Image
image/png

52.216.239.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/7ljtvmfp86wh3i36rk4x62ncchp7?response-content-disposition=inline%3B%20filename%3D%22PTA%20Banner-2.png%22%3B%20filename%2A%3DUTF-8%27%27PTA%2520Banner-2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a6b5fd0cf72747f60735bcb3b5c183b82fcf406357fd26e2f679e0b651f90c34
Protocol: HTTP/1.1
Server: 52.216.239.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 202ee055a4c6abd5c7a3fea3e26acaaacbc3361e28dce7e531142e42a5c61a8c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://elsiejohnson.givebacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Date: Sun, 19 May 2024 20:21:29 GMT
Last-Modified: Wed, 31 Aug 2022 02:09:37 GMT
Server: AmazonS3
x-amz-request-id: GXVHVSZ2YJ6HZCGG
ETag: "3d41da2ed60cdc9acea8065b699551f1"
Content-Type: image/png
Content-Disposition: inline; filename="PTA Banner-2.png"; filename*=UTF-8''PTA%20Banner-2.png
Accept-Ranges: bytes
Content-Length: 161632
x-amz-id-2: tY4CDySfgzp90WxO7uLYnMHWbaWkYDRD6gXZbYcodYVcYs5uULm0uCpNnyzU70VyFa6nNFhQgc0=

Redirect headers

x-rack-cors: miss; no-origin
x-runtime: 0.007361
date: Sun, 19 May 2024 20:21:28 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
location: https://s3.amazonaws.com/com.memberhub.storage/7ljtvmfp86wh3i36rk4x62ncchp7?response-content-disposition=inline%3B%20filename%3D%22PTA%20Banner-2.png%22%3B%20filename%2A%3DUTF-8%27%27PTA%2520Banner-2.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240519%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240519T202128Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=a6b5fd0cf72747f60735bcb3b5c183b82fcf406357fd26e2f679e0b651f90c34
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: 31690691-af85-4310-9973-ff6b3f0a9261

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://elsiejohnson.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 08:24:13 GMT
x-content-type-options: nosniff
age: 475035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7816
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 08:24:13 GMT

GET
H2 200 Poppins-Medium-MifvOy28.woff2
elsiejohnson.givebacks.com/assets/ 48 KB
48 KB 45ms
44ms Font
font/woff2 108.138.217.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elsiejohnson.givebacks.com/assets/Poppins-Medium-MifvOy28.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.217.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-217-61.lhr61.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Origin: https://elsiejohnson.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 13:15:06 GMT
via: 1.1 4dadb74d326de45531ccbef5e30cd3b6.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: LHR61-P3
age: 25583
etag: "3a0a14dc7381ee5200cadbe0af4ee7de"
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 48956
x-amz-cf-id: 3J66zUmOTm4JQ0DnUdiXkGYdPBSAYII4d4SV9-7idLSsM7sUG_8lNg==

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 125ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Felsiejohnson.givebacks.com%2F&rl=&if=false&ts=1716150088352&sw=1600&sh=1200&ud[external_id]=0bf0003769acb8d77f6de6372f5220d7&v=2.9.156&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1716150088351.522744104&ler=empty&cdl=API_unavailable&it=1716150088009&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2769, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 19 May 2024 20:21:28 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK pta_logo.png
s3.amazonaws.com/com.memberhub.public/static/images/ 487 KB
487 KB 377ms
140ms Image
image/png 52.216.239.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.public/static/images/pta_logo.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.239.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 27311660054ad8ee26ed9b17792259494f20804b756c05ada0baa92c99b7ca7d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 19 May 2024 20:21:30 GMT
Last-Modified: Thu, 06 Jan 2022 21:47:09 GMT
Server: AmazonS3
x-amz-request-id: XZFS0MH0SKTQJW5J
ETag: "08383fa10bd81e7ca4557f703f91890c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 498574
x-amz-id-2: YXmjiIIzJPBisDQZK/q6nnlzMFg1t2xQ6cPnAooGf7mnWyAJza+2pABoERiNiIOkl76CbLZSH5c=

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je45f0v892291399za200&_p=1716150086677&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=158968128.1716150087&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1716150087&sct=1&seg=0&dl=https%3A%2F%2Felsiejohnson.givebacks.com%2F&dt=Givebacks&en=scroll&epn.percent_scrolled=90&_et=36&tfd=6474
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://elsiejohnson.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 19 May 2024 20:21:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://elsiejohnson.givebacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ejpta.com/	1969-12-31 23:59:59	Name: crumb Value: BQmbt+cgMlKiMDM0NWQ1ZmYzYmIzZjRmNThlY2E2ZGRmYjNiZjhj
.givebacks.com/	1970-01-21 06:18:30	Name: _ga Value: GA1.1.158968128.1716150087
.givebacks.com/	1970-01-21 06:18:30	Name: _ga_LZN7J64ECH Value: GS1.1.1716150087.1.0.1716150087.0.0.0
.givebacks.com/	1970-01-21 01:01:42	Name: __hstc Value: 210915018.0bf0003769acb8d77f6de6372f5220d7.1716150087562.1716150087562.1716150087562.1
.givebacks.com/	1970-01-21 01:01:42	Name: hubspotutk Value: 0bf0003769acb8d77f6de6372f5220d7
.givebacks.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.givebacks.com/	1970-01-20 20:42:31	Name: __hssc Value: 210915018.1.1716150087563
.hubspot.com/	1970-01-20 20:42:31	Name: __cf_bm Value: ABRJhK2YttlhEkJEtlfMYbENDbZgeIpTgEwe4Hmx9YI-1716150087-1.0.1.1-4qc9AW0kJtr8Y3pP2f7HWvsDUhVv_aCw2u1HgwetqLw3zfWAmFxo0BrShmY04BWGl5nyoIIXgliOpwSEiF0BmA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: KBoRW1hlD6roSVf9w5FEC9g8KEULuqy2dxzcX9x9kNI-1716150087798-0.0.1.1-604800000
.givebacks.com/	1970-01-20 22:52:06	Name: _gcl_au Value: 1.1.1241984832.1716150088
.givebacks.com/	1970-01-20 22:52:06	Name: _fbp Value: fb.1.1716150088351.522744104

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://elsiejohnson.givebacks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://elsiejohnson.givebacks.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/495956447226186?v=2.9.156&r=stable&domain=elsiejohnson.givebacks.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.givebacks.com
api.hubapi.com
api.hubspot.com
api.memberhub.com
cdn.pendo.io
cdn.segment.com
connect.facebook.net
ejpta.com
elsiejohnson.givebacks.com
fonts.googleapis.com
fonts.gstatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
track.hubspot.com
www.facebook.com
www.googletagmanager.com
108.138.217.61
13.227.222.191
142.250.181.232
172.217.16.130
18.210.151.221
198.49.23.144
2001:4860:4802:32::36
2606:4700:4400::6812:22e5
2606:4700::6810:4f8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8bd1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:f16c
2a00:1450:4001:809::2008
2a00:1450:4001:810::200a
2a00:1450:4001:81d::2003
2a00:1450:400c:c02::54
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.36.213.229
52.216.239.117
54.145.226.194
0432f754919c768f9980d5e8afe6f6d0ca1623ddaea27d4c93015923b72f16cc
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
0a458c62950061cf72692ad569fecd4c25832ac6924b6826c69fc1e57cad6897
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
0dfc9517c41ceae73d740c1f9aac7511db77e43e095d274135dede75eb925d7d
0f5b895e61134c3ae8bc85bb66185d7262a219ea5f5b773ceba4a2a1c6c8ee09
184d297631fc39114b8f6906bf565fea2aec0a9009b864e0ea571fa69e9d45cd
1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55
202ee055a4c6abd5c7a3fea3e26acaaacbc3361e28dce7e531142e42a5c61a8c
27311660054ad8ee26ed9b17792259494f20804b756c05ada0baa92c99b7ca7d
2ea8ae540bfd3741931be1df2906e59e664377eed99869d76a85bce4085fcfe6
3dcf6b7b01070ac50d6529c27fca2ffbb8c56f1e6949f3362e830dcef57df5fb
440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349
4f7037915ae297c63a19cf5fda77b1225e27cb37d600ae86a851ff6a9b56f535
4fcd7101ea71940e2a6d533fa173de7afaadac7a0e8a97579ea9dc2fa2ccb3d0
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11
65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057
67cea85c6ab25535ef87a983141f0e7f9d70a7f435b590f8db07d9f3ef726dae
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
72f0224ba4c20f82f9474a7736033d12f50ee6885dc8d47d73ffb278f79e4a8f
76e5bc94269b8d98c2763cc29d4b4594a12423b258b920e85c4e3aee441dc181
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9d296afdc904a1418bf022e347a0759dc3bcdf49bb02e34c21f880824be55453
9df88aca5197198230410f44022b9045c329cb2200dd8203881e4ede60d9b4a3
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
bb2fef423b7a675bf54e151de25d28a09b655157c72409a9b791ca41ee5fe1b2
bb638601351028994cd73bcaa3c930f5dde37df4e37575ec19d0a01ddf6f7e69
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd8b60098f4bbcca9a95686e54b11a3d49ced552d8b6710fb2be7633d955e61d
e1a40bbd505177242a9ec40660a77a970462f0f30b4d419a9a9c75e013c9fde4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e564cf5f63fc157d8f8a57e1f6da2bf06e960f263daa2c5cbc90eadd4ba278a0
e5d3a686328e215f1739a68976a51f1519b8ee39652785916033d4f1b997a127
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ebc11d6c6602806a94043ee695c5563637a621d9f55f5c5e230a91fd4724e3fb
ec28931a13a124788eba856065aa5b7ce2a48ee8a2d5a3cf059e3fb3e90c2c76
ef61f745ab49ef3bbdb192b7f791f9d645caa5f89817f099470397b13e742ea8
f66dcf86826fc5e42d2ac4899fed7adf4ca44c0650c607fb8db1432ea94ea0d0

elsiejohnson.givebacks.com Open in urlscan Pro 108.138.217.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

42 Requests

95 %HTTPS

63 %IPv6

21 Domains

23 Subdomains

23 IPs

3 Countries

3552 kBTransfer

9150 kBSize

11 Cookies

5 Outgoing links

Page URL History

Redirected requests

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

elsiejohnson.givebacks.com Open in urlscan Pro
108.138.217.61 Public Scan

Screenshot
Live screenshot

Full Image

42
Requests

95 %
HTTPS

63 %
IPv6

21
Domains

23
Subdomains

23
IPs

3
Countries

3552 kB
Transfer

9150 kB
Size

11
Cookies

42 HTTP transactions
0 data transactions