properstrategies.membirds.com Open in urlscan Pro
3.124.215.16 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://properstrategies.membirds.com/
Effective URL:
https://properstrategies.membirds.com/login
Submission: On April 01 via api (April 1st 2024, 6:30:53 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 15 HTTP transactions. The main IP is 3.124.215.16, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is properstrategies.membirds.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 8th 2024. Valid for: a year.

This is the only time properstrategies.membirds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 4	3.124.215.16 3.124.215.16	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
1	104.21.234.234 104.21.234.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:275... 2600:9000:275b:f400:1b:e83f:e380:21	16509 (AMAZON-02) (AMAZON-02)
1	18.245.46.33 18.245.46.33	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.26.2.162 104.26.2.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3038::6815:eaeb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.21.153.157 23.21.153.157	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.26.3.162 104.26.3.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.5.139.118 3.5.139.118	16509 (AMAZON-02) (AMAZON-02)
15	12

4 3.124.215.16 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-215-16.eu-central-1.compute.amazonaws.com

properstrategies.membirds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.234 (None, )

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275b:f400:1b:e83f:e380:21 (United States)

ASN16509 (AMAZON-02, US)

d2a9jxoztkdk7i.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-33.fra56.r.cloudfront.net

w.soundcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.2.162 (None, )

ASN13335 (CLOUDFLARENET, US)

static.widget.trengo.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eaeb (United States)

ASN13335 (CLOUDFLARENET, US)

rsms.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.21.153.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-153-157.compute-1.amazonaws.com

stats.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.162 (None, )

ASN13335 (CLOUDFLARENET, US)

api.widget.trengo.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.139.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-central-1.amazonaws.com

membirds-production.s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	membirds.com 3 redirects properstrategies.membirds.com	243 KB
2	amazonaws.com membirds-production.s3.eu-central-1.amazonaws.com	11 KB
2	trengo.eu static.widget.trengo.eu — Cisco Umbrella Rank: 76152 api.widget.trengo.eu — Cisco Umbrella Rank: 69424	10 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 182	70 KB
2	cloudfront.net d2a9jxoztkdk7i.cloudfront.net	1 MB
2	rsms.me rsms.me — Cisco Umbrella Rank: 10637	340 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	273 B
1	pusher.com stats.pusher.com — Cisco Umbrella Rank: 8191	75 B
1	soundcloud.com w.soundcloud.com — Cisco Umbrella Rank: 19372	4 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
15	10

	Domain	Requested by
4	properstrategies.membirds.com	3 redirects
2	membirds-production.s3.eu-central-1.amazonaws.com
2	connect.facebook.net	properstrategies.membirds.com connect.facebook.net
2	d2a9jxoztkdk7i.cloudfront.net	properstrategies.membirds.com
2	rsms.me	properstrategies.membirds.com rsms.me
1	api.widget.trengo.eu	static.widget.trengo.eu
1	www.facebook.com	properstrategies.membirds.com
1	stats.pusher.com	d2a9jxoztkdk7i.cloudfront.net
1	static.widget.trengo.eu	d2a9jxoztkdk7i.cloudfront.net
1	w.soundcloud.com	properstrategies.membirds.com
1	fonts.googleapis.com	properstrategies.membirds.com
15	11

This site contains no links.

Subject Issuer	Validity	Valid
membirds.com Amazon RSA 2048 M02	`2024-02-08` - `2025-03-08`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
rsms.me E1	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.soundcloud.com GlobalSign GCC R3 DV TLS CA 2020	`2024-02-06` - `2025-03-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.widget.trengo.eu E1	`2024-03-15` - `2024-06-13`	3 months	crt.sh
*.pusher.com Gandi Standard SSL CA 2	`2023-04-11` - `2024-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://properstrategies.membirds.com/login
Frame ID: 88AF26C6E8278F095C00784790E75B6F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Proper Strategies

Page URL History Show full URLs

http://properstrategies.membirds.com/ HTTP 307
https://properstrategies.membirds.com/ HTTP 302
https://properstrategies.membirds.com/login Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

15
Requests

87 %
HTTPS

33 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1975 kB
Transfer

7078 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://properstrategies.membirds.com/ HTTP 307
https://properstrategies.membirds.com/ HTTP 302
https://properstrategies.membirds.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://properstrategies.membirds.com/assets/favicon.ico HTTP 302
https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon.ico

Request Chain 13

https://properstrategies.membirds.com/assets/favicon-32x32.png HTTP 302
https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon-32x32.png

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
properstrategies.membirds.com/
Redirect Chain

http://properstrategies.membirds.com/
https://properstrategies.membirds.com/
https://properstrategies.membirds.com/login

236 KB
238 KB

118ms
118ms

Document
text/html

3.124.215.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://properstrategies.membirds.com/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.124.215.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-215-16.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 3018688008a78f5e561e67586933c645c09924905fd4e6c09efbb2c13edd9b29

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-length: 242148
content-type: text/html; charset=UTF-8
date: Mon, 01 Apr 2024 18:30:48 GMT
server: awselb/2.0

Redirect headers

cache-control: no-cache, private
content-length: 418
content-type: text/html; charset=UTF-8
date: Mon, 01 Apr 2024 18:30:48 GMT
location: https://properstrategies.membirds.com/login
server: awselb/2.0

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 433ms
46ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito:wght@400;600;700&display=swap

Requested by

Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f10.1e100.net

Software

ESF /

Resource Hash

aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 01 Apr 2024 18:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 01 Apr 2024 17:19:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Apr 2024 18:30:48 GMT

GET
H3 200 inter.css
rsms.me/inter/ 7 KB
1 KB 52ms
27ms Stylesheet
text/css 104.21.234.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/inter.css
Requested by: Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.234.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: ac2d6683f487b33514faffd0c8f3da1073a659d1
date: Mon, 01 Apr 2024 18:30:48 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 26 Mar 2024 10:49:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 480
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230133-FRA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: FD4E:0DB5:2B1BF69:2BDFC1D:6601ACBB
x-timer: S1711386020.295228,VS0,VE2
etag: W/"6601abff-1b8d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5u0exmRMQ2whsoakoT2P0JTYxkvQkEsen1q8SKyFXySGtwQVH15uwla%2FL2birlBZzOkchmkBpKccKZN0tfgQUWRVH4US4m02RkkydTz6HXQ5bXv28Lrft9m7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-origin-cache: HIT
cf-ray: 86daa709db499001-FRA
x-cache-hits: 1

GET
H2 200 app.css
d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/css/ 83 KB
13 KB 37ms
9ms Stylesheet
text/css 2600:9000:275b:f400:1b:e83f:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/css/app.css?id=e4cb997b2cb6c34af875
Requested by: Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:f400:1b:e83f:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dce57007fd1f24a361708a8ad068839316159ca3cfdf25b0972f04d1ffa6c808

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 10:51:35 GMT
content-encoding: br
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
last-modified: Fri, 29 Mar 2024 09:48:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 286754
etag: W/"e4cb997b2cb6c34af875533030394d8e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=2628000
x-amz-cf-id: fhBPaYt8yZctyqoVI34t9Pnb-_mHM8Foq6WY2x9EOtyh-i8NfxFp1A==
expires: Fri, 29 Mar 2024 16:27:13 GMT

GET
H2 200 api.js Show response
w.soundcloud.com/player/ 5 KB
4 KB 50ms
12ms Script
application/javascript 18.245.46.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://w.soundcloud.com/player/api.js

Requested by

Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.33 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-33.fra56.r.cloudfront.net

Software

am/2 /

Resource Hash

fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 18:27:01 GMT
via: sssr, 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
content-encoding: gzip
strict-transport-security: max-age=63072000
x-amz-cf-pop: FRA56-P9
age: 227
x-cache: Hit from cloudfront
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
last-modified: Wed, 20 Mar 2024 14:56:06 GMT
server: am/2
etag: W/"15a4-18e5c5cbf70"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=300
accept-ranges: bytes
x-amz-cf-id: 8qwzbW_Y-SXDPJUTU3SJIPyl8kzMM54wDmpAmMJRDC7kNFDN0s0W0g==

GET
H2 200 app.js Show response
d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/js/ 6 MB
1 MB 10ms
10ms Script
text/javascript 2600:9000:275b:f400:1b:e83f:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/js/app.js?id=343521150b769cd73cca
Requested by: Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275b:f400:1b:e83f:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00b8e46d1c0ace704a353a503bff1342346b0f7ffe272cb951f9ef85f89184d8

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 10:51:35 GMT
content-encoding: br
via: 1.1 e9b74ccbde368a1365608891aeccb498.cloudfront.net (CloudFront)
last-modified: Fri, 29 Mar 2024 09:48:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P7
age: 286754
etag: W/"343521150b769cd73cca0d4ea0116765"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=2628000
x-amz-cf-id: 6DtjFV1yTdSu0evGJEOmGiNtSAIxefik5cfmGZDuD93wLT83m6HCDg==
expires: Fri, 19 Apr 2024 11:35:20 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 37ms
8ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 Apr 2024 18:30:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58040
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1326, tbw=2789, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: hLQqOXXmIZ5jsZL0s76q3v4BspQE2dk6AO1Fz3zzXwSwr4k2HMrjHxT58IyStFNu/A5clYlnmX2KtdIgNaHp0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 embed.js Show response
static.widget.trengo.eu/ 23 KB
10 KB 82ms
27ms Script
text/javascript 104.26.2.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.widget.trengo.eu/embed.js

Requested by

Host: d2a9jxoztkdk7i.cloudfront.net
URL: https://d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/js/app.js?id=343521150b769cd73cca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.2.162 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6809165acbeac09630fe72d97f42a22922fd8bb878cffa3c4ae75e53ae7894ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 18:30:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 12 Dec 2023 13:04:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 599918
server: cloudflare
etag: W/"65785a40-5c27"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DXC5yKRr5zmXLrgZmEeo%2F56b33ZWK6sgOISKLI%2FT5ls2AJ2bp7%2B0e4gbgySySJghVluPoFzNwDfw8pIAjleDPBwZlQXTctZyBC%2FF%2BaWWrFpiwE68mC5mgl6eba9kNwlMum%2FkkpBFmDSk"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 86daa70de9ef3673-FRA
expires: Mon, 01 Apr 2024 19:52:11 GMT

GET
H2 200 InterVariable.woff2
rsms.me/inter/font-files/ 337 KB
339 KB 606ms
35ms Font
font/woff2 2606:4700:3038::6815:eaeb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rsms.me/inter/font-files/InterVariable.woff2?v=4.0
Requested by: Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3038::6815:eaeb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://rsms.me/inter/inter.css
Origin: https://properstrategies.membirds.com
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 3f5b7ca8c2fa27f2d810bacecdc282450dbf1b92
date: Mon, 01 Apr 2024 18:30:49 GMT
via: 1.1 varnish
expires: Mon, 25 Mar 2024 17:06:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache: MISS
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 345588
x-served-by: cache-fra-eddf8230085-FRA
last-modified: Mon, 25 Mar 2024 16:53:19 GMT
server: cloudflare
x-github-request-id: 5C26:0E2C:90FF383:9359BD1:6601ACB7
x-timer: S1711996250.822874,VS0,VE3
etag: "6601abff-545f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FSYbDZiUI%2BubjehOItCJO9tpxk7qcfkh3YogBw%2BC5sXXvCmAOX6iyYRnLIgxgEriN3iZTUHggVAgO8xqwLyblt0hCq4L%2FeAIfvKsVtH9dqrVlONjngyWjT3yzaSy1QVWvQDVts1r"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
x-origin-cache: HIT
cf-ray: 86daa71148d937c8-FRA
x-cache-hits: 1

GET
H2 200 1 Show response
stats.pusher.com/timeline/v2/jsonp/ 0
75 B 334ms
105ms Script
application/javascript 23.21.153.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.pusher.com/timeline/v2/jsonp/1?session=OTI0MjE5MDA1&bundle=MQ%3D%3D&key=NTYyNDM2ZTcwZDk0MzM3OTNiNGQ%3D&lib=anM%3D&version=Ny4wLjM%3D&cluster=bXQx&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE3MTE5OTYyNDkxMTF9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNzExOTk2MjQ5MTExfSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNzExOTk2MjQ5MTEzfSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTcxMTk5NjI0OTExM30seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTcxMTk5NjI0OTExM30seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTcxMTk5NjI0OTI0OH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI4NTg2ODM3NzMuNjc2MTUyMDY4In0sInRpbWVzdGFtcCI6MTcxMTk5NjI0OTI0OX1d
Requested by: Host: d2a9jxoztkdk7i.cloudfront.net
URL: https://d2a9jxoztkdk7i.cloudfront.net/48e59449-fffe-4ea7-b613-429c001d876f/js/app.js?id=343521150b769cd73cca
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.21.153.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-21-153-157.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Apr 2024 18:30:49 GMT
server: awselb/2.0
content-length: 0
content-type: application/javascript; charset=utf-8

GET
H2 200 1648819232196660 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 175ms
175ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1648819232196660?v=2.9.151&r=stable&domain=properstrategies.membirds.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4609972c84a8dd8f7895f041fae27e679b059c38c99253db61ddc10452ef779

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 01 Apr 2024 18:30:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1326, tbw=63199, tp=-1, tpl=-1, uplat=162, ullat=0
pragma: public
x-fb-debug: KRINvCuoVwU7wEM2G+MkAsCjDWoAHhtxo3rG3Ef/t0AZ2C58zfouD8U+m51oWK0fXjbrcZlYh6pW+mNDHpjOHQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 28ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1648819232196660&ev=PageView&dl=https%3A%2F%2Fproperstrategies.membirds.com%2Flogin&rl=&if=false&ts=1711996249517&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1711996249514.376332616&ler=empty&cdl=API_unavailable&it=1711996249278&coo=false&rqm=GET

Requested by

Host: properstrategies.membirds.com
URL: https://properstrategies.membirds.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1326, tbw=2759, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 01 Apr 2024 18:30:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 widget Show response
api.widget.trengo.eu/web-widget-api/ 14 B
549 B 99ms
58ms XHR
application/json 104.26.3.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.widget.trengo.eu/web-widget-api/widget?vt=b82050b3-8842-48fe-c862-c96b10e94973&path=%2Flogin&state=

Requested by

Host: static.widget.trengo.eu
URL: https://static.widget.trengo.eu/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.3.162 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac5c23aeecfb35b1b0337352dbeb040393fd4f2a4df9d0659a55e63b70acd3ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://properstrategies.membirds.com/
accept-language: de-DE,de;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-trace-id: 96e78664-eaed-4260-9b25-1754526cee1e
date: Mon, 01 Apr 2024 18:30:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VQ69VbAsbx%2FXEdCur2aMvRRIIIY5W%2FBULFyc%2FsNE1rs1PsAH5UN9WCYBO2rOwqGd8rTW3PTXVMk04V%2FjeJuepJzQjfSSHxomelfphgqmcErBEIC0aScPW%2BsHEIpNx%2FYyxLyzsQJL"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, private
cf-ray: 86daa70fde389211-FRA

GET
H/1.1

200
OK

favicon.ico
membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/
Redirect Chain

https://properstrategies.membirds.com/assets/favicon.ico
https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon.ico

7 KB
8 KB

91ms
42ms

Other
image/x-icon

3.5.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon.ico
Protocol: HTTP/1.1
Server: 3.5.139.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b40ec33c0805cb020e8f48619ed3664a8797476ce4c312d6cb6b78f37e56ef5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://properstrategies.membirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 01 Apr 2024 18:30:51 GMT
x-amz-version-id: t3tuARr0WmxV7ZeY7Ly_w0zMS.yH8SZX
Last-Modified: Sat, 02 Mar 2024 01:15:48 GMT
Server: AmazonS3
x-amz-request-id: F6K8KHZVGXVYSYHP
ETag: "dac83b7432bbfe3043107b05c0d7574f"
x-amz-server-side-encryption: AES256
Content-Type: image/x-icon
Accept-Ranges: bytes
Content-Length: 7662
x-amz-id-2: 2gOutOvYrqcPULlukZHPmNnIamUiIhFbnGd1K0vzJTRu0903JfBJO8tLArT3ZLWtLDMq2hkwSm3Hi+ov0BZpyg==

Redirect headers

location: https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon.ico
x-vapor-base64-encode: True
date: Mon, 01 Apr 2024 18:30:49 GMT
cache-control: max-age=3600, public
server: awselb/2.0
content-length: 682
content-type: image/x-icon

GET
H/1.1

200
OK

favicon-32x32.png
membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/
Redirect Chain

https://properstrategies.membirds.com/assets/favicon-32x32.png
https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon-32x32.png

2 KB
3 KB

37ms
36ms

Other
image/png

3.5.139.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon-32x32.png
Protocol: HTTP/1.1
Server: 3.5.139.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 367707cd8a5e12c0fd0279ab41b432bb53878af325fc8669457ed4fde394f1bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://properstrategies.membirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Date: Mon, 01 Apr 2024 18:30:51 GMT
x-amz-version-id: 84b.XBobEQCqPBnknK9rqyRuZydAViCc
Last-Modified: Sat, 02 Mar 2024 01:15:51 GMT
Server: AmazonS3
x-amz-request-id: F6K8R2CHA4Y7BV3M
ETag: "c0df72421a8b94e7ee986d593348d5cc"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2333
x-amz-id-2: AlGpEDuJ8wV4yyckox2M3+qLGSyhwmIX1YqaDR0rHW+TtoH3yPfRpLw9uWAD/mk+VCRqDN4chGdxSZLxZxkRXA==

Redirect headers

location: https://membirds-production.s3.eu-central-1.amazonaws.com/2b6becfb260664d1de83687ed801b020/assets/favicon-32x32.png
x-vapor-base64-encode: True
date: Mon, 01 Apr 2024 18:30:50 GMT
cache-control: max-age=3600, public
server: awselb/2.0
content-length: 706
content-type: image/png

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.membirds.com/	1970-01-20 21:42:52	Name: _fbp Value: fb.1.1711996249514.376332616
properstrategies.membirds.com/	1970-01-20 19:33:23	Name: 9P2ragwWaGq1jhuYubPuEyE9aygkXuwthiRnNXV9 Value: eyJpdiI6IldSZkRFQUh6TTB3Y3pFR3kxVEhNRnc9PSIsInZhbHVlIjoiZ09FMVIreDZHbXRwSHhubEQ2dTIrUW1Yc0YxdXNlOUpNcmwxSU4xVncrZGRMclNmRXVkd2dGQ053eDhBZ3UrZm1uZlFvSml3dW80ZlcxTVY5RzlhbkNaNUJBYWhSL0ZKdUlYcmZQQWRWczF0Y2lIYUJuODRtR3orMnNKdFhjWXZKdWo3cWg1REova3llYmdXQkJFVmhuQXBPdFF2ZldzYUtPcm12TmlVc0RaVFVNQUZiL2JUVDJmME5oSHhubGttNlZkeDhpb2REay9xM200RGRWNUlvOFhnUTZWSW1COWc4MWo0UVFGTmMrSERXRjNtUlJSdnNZc0pLSnJ1QitKK0NVekZUQjNYYXRYRWEzT29yUXZHZEVTS0R6Sitwa2I5WlArdzhwY09OQXZRamRJem1qZjEvRDZjRnEzM3R0bkJHUjZDSTkrS0Q4SzdsSkY5VTRhWFFNNVltQS9YR3ZrSHJrWWNFWHZTVnAvRzRPN2tOVWZaaTkrT2FHU0ZWU1k1L0xVQnhZaFdISEdVUE9YbUQzNS9ENTdCTmQxS3RyOU9OaWJhaHdJMWxMY2FhMWJ0WHNHTllTcVVYcGw1SjhuNnpWTEcwV2RDdityU3RiU0lBUkdrWGJWSVkrNDV6cjdyRllIQ05UcWRRTDBCNkFWQjRZZW1UTXE4YmZwNFNGT1RPcktMQ0RaS0l0YXh3Z2RPYTN5b3B3PT0iLCJtYWMiOiI4MTJlZWI4MDZjZDMzNGQwNGUwMjkyYTQxZGU0NmMwNzU0NjFkMDUwODM4MTUzMDNmODJlODA5ZDZiYjU1YzE1IiwidGFnIjoiIn0%3D
properstrategies.membirds.com/	1970-01-20 19:33:23	Name: membirds_session Value: eyJpdiI6Im9uSDZjU1BDOEI0NGg3WlcxdTRjREE9PSIsInZhbHVlIjoiS1RsM2pYZXgrcWs4SU1Ib0pvaDhsaTdUTmk3aU8ycFNCM0o0NDhWRmZ6NnE3VTdxNzYwS0pOVHpoR1NaRmhhSTRBN1MvWXZTQnZycHRKRWhKdmxvOXlPT3N3Wk05OEpqYi94clgrY0dIakM1dEV6R1pmMWRrZWRrbDhrd09OMlgiLCJtYWMiOiJmMjI5N2NhYmE4NmNjN2QzNDAzYmY4YTZlMDFkMjViNzIyNTQ4N2QxNWQyZmM3NDI5YzljNWQ1NzYxZmMwNGMwIiwidGFnIjoiIn0%3D
properstrategies.membirds.com/	1970-01-20 19:33:23	Name: XSRF-TOKEN Value: eyJpdiI6InNIclNKbUpKRDJSYnRJa0NQU0tTOEE9PSIsInZhbHVlIjoiZTJwZGF0ZHdPbXNPNVEvN1RBZ2tMYjFKK2hUc0J2Q3ZLUnZSMjhYMFhza3RsQTQzbGVialJ2b0NIYzE4RVhvVkhmZDdzNHRIb002bkpPSWxQV1FJVExJWlVMbVpuMDdDMHVpSmNxZFd3eGdYRkxJSEVRWElnNzNDb29KWk1xSm4iLCJtYWMiOiJiZmM2YzE1Yzc1YWQxYzQ2OGJjYTg3MDFiOTcxYjk5MDg2NDVjMzZhYjViYjAwNWZlY2MyNTBiNWIyNTczOTlhIiwidGFnIjoiIn0%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://properstrategies.membirds.com/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://connect.facebook.net/signals/config/1648819232196660?v=2.9.151&r=stable&domain=properstrategies.membirds.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.widget.trengo.eu
connect.facebook.net
d2a9jxoztkdk7i.cloudfront.net
fonts.googleapis.com
membirds-production.s3.eu-central-1.amazonaws.com
properstrategies.membirds.com
rsms.me
static.widget.trengo.eu
stats.pusher.com
w.soundcloud.com
www.facebook.com
104.21.234.234
104.26.2.162
104.26.3.162
18.245.46.33
216.58.212.170
23.21.153.157
2600:9000:275b:f400:1b:e83f:e380:21
2606:4700:3038::6815:eaeb
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.124.215.16
3.5.139.118
00b8e46d1c0ace704a353a503bff1342346b0f7ffe272cb951f9ef85f89184d8
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
3018688008a78f5e561e67586933c645c09924905fd4e6c09efbb2c13edd9b29
367707cd8a5e12c0fd0279ab41b432bb53878af325fc8669457ed4fde394f1bf
6809165acbeac09630fe72d97f42a22922fd8bb878cffa3c4ae75e53ae7894ba
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8fedfb7def1421aa9d58d1732be7164e33eec27b9c87193e010b9ddaa67b6a18
ac5c23aeecfb35b1b0337352dbeb040393fd4f2a4df9d0659a55e63b70acd3ab
aec7c45d78ce6b774c511160ef8009df74cab9e65dc9595b612d3516977aa348
b40ec33c0805cb020e8f48619ed3664a8797476ce4c312d6cb6b78f37e56ef5a
c4609972c84a8dd8f7895f041fae27e679b059c38c99253db61ddc10452ef779
dce57007fd1f24a361708a8ad068839316159ca3cfdf25b0972f04d1ffa6c808
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe7be71169532a67a19a2178113658e2cf55413a21635fcd0a89060c839a5be6

properstrategies.membirds.com Open in urlscan Pro 3.124.215.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

87 %HTTPS

33 %IPv6

10 Domains

11 Subdomains

12 IPs

3 Countries

1975 kBTransfer

7078 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

4 Cookies

2 Console Messages

Indicators

properstrategies.membirds.com Open in urlscan Pro
3.124.215.16 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

87 %
HTTPS

33 %
IPv6

10
Domains

11
Subdomains

12
IPs

3
Countries

1975 kB
Transfer

7078 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions