truittpta.givebacks.com Open in urlscan Pro
18.65.39.72 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://truittpta.memberhub.com/
Effective URL:
https://truittpta.givebacks.com/
Submission: On June 14 via api (June 14th 2024, 12:05:30 pm UTC) from US — Scanned from DE

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 39 HTTP transactions. The main IP is 18.65.39.72, located in United States and belongs to AMAZON-02, US. The main domain is truittpta.givebacks.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 10th 2023. Valid for: a year.

This is the only time truittpta.givebacks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.239.83.56 18.239.83.56	16509 (AMAZON-02) (AMAZON-02)
6	18.65.39.72 18.65.39.72	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:8cd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:401... 2a00:1450:4013:c16::54	15169 (GOOGLE) (GOOGLE)
1	34.36.213.229 34.36.213.229	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:4d8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:df98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:a0a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	13.227.222.191 13.227.222.191	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	50.19.37.164 50.19.37.164	14618 (AMAZON-AES) (AMAZON-AES)
1 5	3.212.201.94 3.212.201.94	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:f06c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.216.95.93 52.216.95.93	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.35.58.6 13.35.58.6	16509 (AMAZON-02) (AMAZON-02)
39	23

1 18.239.83.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-56.ams58.r.cloudfront.net

truittpta.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.65.39.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-72.ams1.r.cloudfront.net

truittpta.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:8cd1 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4013:c16::54 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.36.213.229 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 229.213.36.34.bc.googleusercontent.com

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4d8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:df98 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a0a8 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.222.191 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-222-191.ams54.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7674 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.37.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-37-164.compute-1.amazonaws.com

api.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.212.201.94 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-201-94.compute-1.amazonaws.com

api.memberhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f06c (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.95.93 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-6.fra60.r.cloudfront.net

npo.givebacks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	givebacks.com truittpta.givebacks.com api.givebacks.com — Cisco Umbrella Rank: 835935 npo.givebacks.com	2 MB
6	memberhub.com 2 redirects truittpta.memberhub.com api.memberhub.com — Cisco Umbrella Rank: 789655	12 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	352 KB
3	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 5690 track.hubspot.com — Cisco Umbrella Rank: 2789	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	174 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	72 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2347	313 B
1	amazonaws.com s3.amazonaws.com	95 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4202	1 KB
1	segment.com cdn.segment.com — Cisco Umbrella Rank: 1816	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2600	24 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3908	4 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2567	26 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5805	24 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	870 B
1	pendo.io cdn.pendo.io — Cisco Umbrella Rank: 760	161 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 41	83 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2946	1 KB
39	19

	Domain	Requested by
6	truittpta.givebacks.com	truittpta.givebacks.com
5	api.memberhub.com	1 redirects truittpta.givebacks.com
4	www.googletagmanager.com	truittpta.givebacks.com www.googletagmanager.com js.hsadspixel.net
3	securepubads.g.doubleclick.net	truittpta.givebacks.com securepubads.g.doubleclick.net
2	www.facebook.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	api.hubspot.com	js.usemessages.com
2	region1.google-analytics.com	www.googletagmanager.com
1	npo.givebacks.com
1	s3.amazonaws.com
1	track.hubspot.com
1	api.hubapi.com	js.hsadspixel.net
1	api.givebacks.com	truittpta.givebacks.com
1	cdn.segment.com	truittpta.givebacks.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	fonts.googleapis.com	truittpta.givebacks.com
1	cdn.pendo.io	truittpta.givebacks.com
1	accounts.google.com	truittpta.givebacks.com
1	js.hs-scripts.com	truittpta.givebacks.com
1	truittpta.memberhub.com	1 redirects
39	23

This site contains no links.

Subject Issuer	Validity	Valid
*.givebacks.com Amazon RSA 2048 M02	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hs-scripts.com E1	`2024-05-31` - `2024-08-29`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
cdn.pendo.io WR3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hsadspixel.net E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.segment.com Amazon RSA 2048 M03	`2023-11-14` - `2024-12-13`	a year	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
*.memberhub.com Amazon RSA 2048 M02	`2024-02-24` - `2025-03-23`	a year	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-23` - `2024-06-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://truittpta.givebacks.com/
Frame ID: B913DBEFA105F88BF2703FB39EAD0EB1
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Givebacks

Page URL History Show full URLs

https://truittpta.memberhub.com/ HTTP 301
https://truittpta.givebacks.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Page Statistics

39
Requests

97 %
HTTPS

58 %
IPv6

19
Domains

23
Subdomains

23
IPs

3
Countries

2739 kB
Transfer

8503 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://truittpta.memberhub.com/ HTTP 301
https://truittpta.givebacks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN1o1Tmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--ae8ee516715c506ead958cd1ec3b8b7abb47c55e/TruittPTATigers.png HTTP 302
https://s3.amazonaws.com/com.memberhub.storage/afwvikczb4t6p6w6ls5ywlogl2ze?response-content-disposition=inline%3B%20filename%3D%22TruittPTATigers.png%22%3B%20filename%2A%3DUTF-8%27%27TruittPTATigers.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240614%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240614T120525Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=75d21d55c0b3719f835a5d085b27e9bac991c04f50f8bc9f1497ea3208b558d4

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
truittpta.givebacks.com/
Redirect Chain

https://truittpta.memberhub.com/
https://truittpta.givebacks.com/

3 KB
2 KB

191ms
11ms

Document
text/html

18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb638601351028994cd73bcaa3c930f5dde37df4e37575ec19d0a01ddf6f7e69

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 26019
content-encoding: gzip
content-type: text/html
date: Fri, 14 Jun 2024 04:51:42 GMT
etag: W/"38bc3e5f58071a26ff542458e9414933"
last-modified: Tue, 14 May 2024 17:53:40 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
x-amz-cf-id: GGwnG_859BW98f_SW0GSd81OybMkpzctiKGB6skMfGIDH-L_WSUoYQ==
x-amz-cf-pop: AMS1-P1
x-cache: Hit from cloudfront

Redirect headers

access-control-allow-headers: *
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
apigw-requestid: ZWzADhMUIAMEVyg=
content-length: 0
date: Fri, 14 Jun 2024 12:05:20 GMT
location: https://truittpta.givebacks.com/
via: 1.1 cf275c3404dbe6c17a831886bac6a64c.cloudfront.net (CloudFront)
x-amz-cf-id: 8ahjIlorH2TdfKIc7sc29jOP3S898b9AumpqMNclPrpYRYWPyi39PA==
x-amz-cf-pop: AMS58-P5
x-cache: Miss from cloudfront

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
30 KB 151ms
79ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

5a5f2fdb0980fc74d117401c9ce42899b6e5560bcd44df3302dbf678ae494c86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30758
x-xss-protection: 0
server: cafe
etag: 949 / 19888 / m202406110101 / config-hash: 13880094907017481449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H2 200 21159.js Show response
js.hs-scripts.com/ 2 KB
1 KB 216ms
159ms Script
application/javascript 2606:4700::6810:8cd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21159.js

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:8cd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5c7cbe055c732069cd995a01d01faab05b8e2085ba67a36b66c903a27c0e21d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 60fe6ea5-c19f-4630-8c2d-d99553698e0f
x-envoy-upstream-service-time: 12
content-length: 621
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 60fe6ea5-c19f-4630-8c2d-d99553698e0f
last-modified: Fri, 14 Jun 2024 08:55:59 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://truittpta.givebacks.com
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-m28qb
access-control-allow-credentials: true
cache-control: public, max-age=90
accept-ranges: bytes
cf-ray: 893a3022ac1618bd-FRA
expires: Fri, 14 Jun 2024 12:06:50 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 219 KB
83 KB 403ms
36ms Script
application/javascript 2a00:1450:4013:c16::54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4013:c16::54 Groningen, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9860a0d46d0cfcc15e8a2d33928f1d8a671b1e797a07be2c04292f98265a75ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kg7H7aY-VgG4aM8FaT3tMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-kg7H7aY-VgG4aM8FaT3tMQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H2 200 index-PXCE-dR-.js Show response
truittpta.givebacks.com/assets/ 5 MB
1 MB 80ms
68ms Script
text/javascript 18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js
Requested by: Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 76e5bc94269b8d98c2763cc29d4b4594a12423b258b920e85c4e3aee441dc181

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Origin: https://truittpta.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 3950
etag: W/"ea2a3f1d90e7e3d834edbc5903be5a96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: bxpeaqjWmtEzSAC1CWTZ-RugNhjK7YBL8UoTcyrt6IskJZKN2mjhRQ==

GET
H2 200 index-EcXVzXri.css
truittpta.givebacks.com/assets/ 371 KB
51 KB 49ms
45ms Stylesheet
text/css 18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/assets/index-EcXVzXri.css
Requested by: Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d296afdc904a1418bf022e347a0759dc3bcdf49bb02e34c21f880824be55453

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Origin: https://truittpta.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 9581
etag: W/"af08bfd0f5e6718e3f767b96712362ae"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 6-Kjbe5elGXrSdUzSIqTSLRXZRT0VOcg3ZqlZ7O9JAmDIn63y99k7g==

GET
H2 200 pendo.js Show response
cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/ 498 KB
161 KB 449ms
21ms Script
application/javascript 34.36.213.229
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.pendo.io/agent/static/26b58fbf-191b-41e2-590e-ae8b65766fe2/pendo.js

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.36.213.229 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

229.213.36.34.bc.googleusercontent.com

Software

UploadServer /

Resource Hash

a646ae686eb89a1693da9a71ec105127fe5eea1f192252b19608d96a7e9d4c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 01:42:14 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains
age: 37386
x-guploader-uploadid: ABPtcPohHfVtthtHKX6Fq4Vt0kvsn2ioFQ_B1epp9fieG7j5HqDo9-yNRJm56hgVeVMj6zEn2P4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164604
last-modified: Thu, 13 Jun 2024 18:13:22 GMT
server: UploadServer
etag: "ee1825f798b3257e3e7c6f48b5a26e77"
vary: Accept-Encoding
x-goog-generation: 1718302401988492
x-goog-hash: crc32c=Spa25w==, md5=7hgl95izJX4+fG9ItaJudw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public,max-age=450
x-goog-stored-content-length: 164604
accept-ranges: bytes
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
73 KB 97ms
53ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d4d5c36e3d58ce4252502344b374051e2fc0db80ead0d109059bf2b5d4de1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74677
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
870 B 403ms
26ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;700&display=swap

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-EcXVzXri.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 11:33:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/ 463 KB
144 KB 34ms
26ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b2f25671517f19b9c477ca58527ed79a2f3902d04de4d0032c91caede08c885f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147307
x-xss-protection: 0
server: cafe
etag: 17342946017096099043
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 14 Jun 2025 12:04:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 71 B
75 B 86ms
43ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=truittpta.givebacks.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

63a73ebaeee926aa21a1bd64a78f067bf3f72fdb44a8f63714d09eb38b4220e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
98 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c53da67434e6dca016ca4307e6be6c9c04b44ba940242a80f6a9773ccfd30b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 12:05:20 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 204ms
30ms Script
application/javascript 2606:4700::6810:4d8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4d8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089a2a4f2d6b7ba7a035e27acb41b1789cb3b1f5fd165d8bd54ddee7dcab4f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
x-amz-version-id: sL8KOhWUlTwf766F9ud3L.BsGnM8BVu6
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 d9057c384f4ac5ba2672d2ff44de7e08.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C3
age: 207
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16616/bundles/project.js&cfRay=893a2b12a9ee30d2-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 9e90edb1-059b-4247-873c-30d6b66f0e40
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 3
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9e90edb1-059b-4247-873c-30d6b66f0e40
last-modified: Wed, 12 Jun 2024 20:15:05 UTC
server: cloudflare
etag: W/"9764365a96ddc7a9017a5e438f632178"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-w988t
cf-ray: 893a30252d7835f8-FRA
x-amz-cf-id: VNIiZBwlkPqvT5oYJAo4wV1iVgbileWpShcYCGqnj4R0vp39mFrsOQ==
x-hs-target-asset: conversations-embed/static-1.16616/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21159/ 71 KB
26 KB 502ms
328ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21159/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:21 GMT
x-amz-version-id: .dI6XHlg_aGJ2X81dlJTa7EoEeQJvbwB
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 634SE7HZFA69FPVT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 85415cd3-3071-4f43-907a-df56dbd29572
x-envoy-upstream-service-time: 83
x-amz-id-2: MVTfSM09jIE1NDc8//J91KWjW8n0EA940MjpSzkekUopltIo5CBEWjWPH6x7Z8O+5psXzPx0vWvDuvq3JeNk4jzTpIZnJ8Lkxnu5c++jPuU=
x-evy-trace-listener: listener_https
x-request-id: 85415cd3-3071-4f43-907a-df56dbd29572
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 Apr 2024 13:58:30 GMT
server: cloudflare
etag: W/"2b04641007c8073968086ff34a30127b"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://rosa.givebacks.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 893a30252e86371c-FRA
expires: Fri, 14 Jun 2024 12:10:21 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 228ms
55ms Script
application/javascript 2606:4700::6811:df98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:df98 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
x-amz-version-id: tGbAtiolnAFnleIlWBGAzvQOiFsm5cIW
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 c35f767218cbd1125d801b52fa785c8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C3
age: 265
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.563/bundles/pixels-release.js&cfRay=893a29a85cb63608-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 622d51a1-5363-44d7-928d-b711c21e66e7
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 622d51a1-5363-44d7-928d-b711c21e66e7
last-modified: Thu, 30 May 2024 14:14:49 UTC
server: cloudflare
etag: W/"7f1cb0f6264fd05edb4cc0ec6a9bc096"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-tk5t7
cf-ray: 893a30252d9a30d8-FRA
x-amz-cf-id: V_ZVPZRlYISh1fseHbssd55BnW5CEN85kuzTvmcIBAxOXM_JxUgE1w==
x-hs-target-asset: adsscriptloaderstatic/static-1.563/bundles/pixels-release.js

GET
H2 200 21159.js Show response
js.hs-analytics.net/analytics/1718366700000/ 67 KB
24 KB 337ms
164ms Script
text/javascript 2606:4700::6810:a0a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1718366700000/21159.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21159.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5c3acb8f54768e89fad375090d9f7eb56957a99ff651f5137d27bbc70f1701

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:20 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: J7CHXG9JPEF1Y582
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 22552250-4a55-413b-a23b-56330a80249d
x-envoy-upstream-service-time: 23
x-amz-id-2: 8MPN0sUstLSYr7uN0rGnA1mKVXIWiLc7u6iSNCLI9J6yf0nQyZmVtExnENrVXmYhMecAMpFBIYI=
x-evy-trace-listener: listener_https
x-request-id: 22552250-4a55-413b-a23b-56330a80249d
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 30 May 2024 20:47:57 GMT
server: cloudflare
etag: W/"8fdaa8a17bc26846f5e14e30ae011645"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 893a30252c7e65bf-FRA
expires: Fri, 14 Jun 2024 12:10:20 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 134ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je46c0v892291399z89115494238za200zb9115494238&_p=1718366720392&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=49431792.1718366721&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718366720&sct=1&seg=0&dl=https%3A%2F%2Ftruittpta.givebacks.com%2F&dt=Givebacks&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1217&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 12:05:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://truittpta.givebacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/X4xDGvn414cvbHMw9IZimsr56zOCmLXT/ 603 B
1 KB 2673ms
55ms Fetch
application/json 13.227.222.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/X4xDGvn414cvbHMw9IZimsr56zOCmLXT/settings
Requested by: Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.222.191 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-222-191.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fcd7101ea71940e2a6d533fa173de7afaadac7a0e8a97579ea9dc2fa2ccb3d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: rMnpekrZVfwEG7wfpBwHtxnyAcBatBJ9
date: Fri, 14 Jun 2024 11:34:26 GMT
via: 1.1 eec12a22159207af63748eccf10799b2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 1858
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 603
last-modified: Wed, 08 Nov 2023 17:26:01 GMT
server: AmazonS3
etag: "d713a6e7d57414e88efd8688915032f2"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ZFy-jB2QLKjVz9ScE9zRiMLW6p3tpJsr_LaV26uOtmor_oJBMi_sRw==

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ 0
0 2744ms
155ms Preflight
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=21159&conversations-embed=static-1.16616&mobile=false&messagesUtk=fff537006570410fa685e7760f143b50&traceId=fff537006570410fa685e7760f143b50

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://truittpta.givebacks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://truittpta.givebacks.com
allow: HEAD,GET,OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 893a303c4a182c21-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 14 Jun 2024 12:05:24 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m7OC9nyzDPBa4XfxVVrAHEQw%2B87rYUf6IDdj9M2dR6D9Wwlk8whdBxgTWuscFUGHRMd0aJdLDJxcs%2BC4lRRjxdJxyc%2BGL47NHEzx%2FvcjXvxfB2RT0iUwWWTpPUIctAjW646kUHtLSMp3IV0%2BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-fb7l5
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 2096bdd4-704e-4c01-abb7-dbc587512cde
x-request-id: 2096bdd4-704e-4c01-abb7-dbc587512cde

GET
H2 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 264 B
982 B 181ms
146ms XHR
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae32eb50022a1944fea712a650ee98f2b15abdfd621f70f6c0419d63a08a02bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://truittpta.givebacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 447f312c-514c-4d20-af16-23c098fefdbe
x-envoy-upstream-service-time: 12
content-length: 207
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 447f312c-514c-4d20-af16-23c098fefdbe
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://truittpta.givebacks.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-jzhts
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=79kDbVuCID7jc1WY%2B3kerf9eOdjUl9OomzvDZKAIzBYn7igAG3zrQeiTA48uMaQIwKawr8%2FGQFlusXA%2Fwkev3UVffoLpwFKM25TXh8xdHShou5plYOk%2FZ3lqhRXHfataQw1zioNyXZu9PAbxGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a303dcc422c21-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 truittpta Show response
api.givebacks.com/services/core/causes/ 2 KB
3 KB 2709ms
147ms XHR
application/json 50.19.37.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.givebacks.com/services/core/causes/truittpta

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.37.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-37-164.compute-1.amazonaws.com

Software

Resource Hash

458911e3d82a6fb85ae88f123f9deb059cb7437b9e49f71274d1f413faf6a692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
content-length: 2345
x-xss-protection: 0
x-request-id: 2e304898-496a-464b-9ec5-d1eb8b2fdade
x-runtime: 0.042962
referrer-policy: strict-origin-when-cross-origin
etag: W/"458911e3d82a6fb85ae88f123f9deb05"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 58 B
572 B 2680ms
119ms XHR
application/json 3.212.201.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=undefined

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.201.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-201-94.compute-1.amazonaws.com

Software

Resource Hash

0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Fri, 14 Jun 2024 12:05:24 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 323b4517-e420-4f4d-884e-355ca92840c8
x-runtime: 0.017001
referrer-policy: strict-origin-when-cross-origin
etag: W/"0c5b8dc8aff19cf814eb665f881709ff"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 399 B
1 KB 2509ms
183ms XHR
application/json 2606:4700::6812:f06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21159

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4985613d-0351-49da-bf7a-2138c6390103
x-envoy-upstream-service-time: 9
content-length: 283
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4985613d-0351-49da-bf7a-2138c6390103
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://truittpta.givebacks.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-q6689
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B92lRALXpUHvVATBVbnNqzp1Ish34rDz9IDzJz4JJHNCaedojZwOFbq8n%2Bp6%2Ftzo2vEQstH8CdDIAgRF5xs7LRHDGfMtySLacoJRHEjW9eRAMPOb95eYz6O0Qryj3DWVTjgzHiURzq%2BN4wm%2F"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a303c4ad437f0-FRA
access-control-allow-headers: *

GET
H2 200 Poppins-Regular-D_fR_ai8.woff2
truittpta.givebacks.com/assets/ 48 KB
49 KB 2324ms
2323ms Font
font/woff2 18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/assets/Poppins-Regular-D_fR_ai8.woff2
Requested by: Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Origin: https://truittpta.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 58128
etag: "46ff920efe7721f9087376e8131619e8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 49652
x-amz-cf-id: LYUQTwPPKDY8NjRsk4f5lAbu2YIhNukEbxeCxbHmKWdaNQvUm1fuGw==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 385ms
177ms Image
image/gif 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=21159&pu=https%3A%2F%2Ftruittpta.givebacks.com%2F&t=Givebacks&cts=1718366724544&vi=dcf8d3398712da13628d0e9d1ae59ec9&nc=true&u=210915018.dcf8d3398712da13628d0e9d1ae59ec9.1718366724541.1718366724541.1718366724541.1&b=210915018.1.1718366724542&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 61428a11-840e-4513-a578-fb7ee5c96432
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 17
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 61428a11-840e-4513-a578-fb7ee5c96432
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h40Hh8r1f0HnImWRPIMjNYkzWXTQu4N6SIk7tjAWAVEuhV3oW8v3rv1i6Zzkk37O1SCgNZUW3dLTsWDvFss7U8Vt0CbBmjYCAFAlUfVs%2B6VxEK07GhkhGBFeM0hUWXuqfGe%2F6v2%2B3e7WgyS6%2FVVB"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-9rddg
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 893a303dcf46bc01-FRA
x-robots-tag: none

GET
H2 200 favicon.ico
truittpta.givebacks.com/ 15 KB
15 KB 119ms
29ms Other
image/vnd.microsoft.icon 18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:40 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 13955
etag: "33f8e225ea5a16fef01666568c3f8e9a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
content-length: 15086
x-amz-cf-id: VQvG847Hk8znZLkC9oX3jxZ7GSCWXrfYN0iOUAZnQcvmosg_hfebRw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
90 KB 93ms
70ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9f24c9692a34b815ad9dfb5b707ba015b8ee17339bd0c036f531bd3b60af97fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 12:05:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
90 KB 109ms
86ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11087670310&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8P2N6J

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

b05e018d8c0ff873437a5bf4593bbb782114676cb348504f15d47c87033bd3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92105
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 12:05:24 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 233ms
14ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jun 2024 12:05:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=12, mss=1297, tbw=2802, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: 2FwlNOdjGo/T4iUpen8VqRLDoIBcY3CXUcRpn5y2K/CtOCrsSKSg33rOP57AQTKM0NyUXZ+/bsHoTFG7QCwLHg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 06f8e8ac-f40c-466f-96d3-1ace94e997fd Show response
api.memberhub.com/services/memberhub-service/organizations/ 7 KB
7 KB 238ms
231ms XHR
application/json 3.212.201.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/organizations/06f8e8ac-f40c-466f-96d3-1ace94e997fd

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.201.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-201-94.compute-1.amazonaws.com

Software

Resource Hash

710ef709800705b0c4615b61bdf388908f46f493cecf2a7aba49bc0d3d83a0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Fri, 14 Jun 2024 12:05:25 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 311312ca-6611-4165-a56f-74d82b996d23
x-runtime: 0.123492
referrer-policy: strict-origin-when-cross-origin
etag: W/"710ef709800705b0c4615b61bdf38890"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 495956447226186 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 173ms
172ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/495956447226186?v=2.9.158&r=stable&domain=truittpta.givebacks.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6be6c7bff9c238e6cc67adf7b3953c9fe6f2d591a0d804cedfd1c1379bbe0297

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jun 2024 12:05:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=62, mss=1297, tbw=63581, tp=-1, tpl=-1, uplat=151, ullat=0
pragma: public
x-fb-debug: c+0NmZAzLvcldEpYsFYImQHi+qGZw9ewSgDbEEsA5GTBZOI7PbSpkjEhTK27msp9HBzES3AnldRapde+CSLq+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

afwvikczb4t6p6w6ls5ywlogl2ze
s3.amazonaws.com/com.memberhub.storage/
Redirect Chain

https://api.memberhub.com/rails/active_storage/blobs/redirect/eyJfcmFpbHMiOnsibWVzc2FnZSI6IkJBaHBBN1o1Tmc9PSIsImV4cCI6bnVsbCwicHVyIjoiYmxvYl9pZCJ9fQ==--ae8ee516715c506ead958cd1ec3b8b7abb47c55e/Trui...
https://s3.amazonaws.com/com.memberhub.storage/afwvikczb4t6p6w6ls5ywlogl2ze?response-content-disposition=inline%3B%20filename%3D%22TruittPTATigers.png%22%3B%20filename%2A%3DUTF-8%27%27TruittPTATige...

95 KB
95 KB

370ms
174ms

Image
image/png

52.216.95.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/com.memberhub.storage/afwvikczb4t6p6w6ls5ywlogl2ze?response-content-disposition=inline%3B%20filename%3D%22TruittPTATigers.png%22%3B%20filename%2A%3DUTF-8%27%27TruittPTATigers.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240614%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240614T120525Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=75d21d55c0b3719f835a5d085b27e9bac991c04f50f8bc9f1497ea3208b558d4
Protocol: HTTP/1.1
Server: 52.216.95.93 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e6d21eb8a94c18ffc49cd7261c3756c558738e014a42e74140193edc345966b5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://truittpta.givebacks.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Fri, 14 Jun 2024 12:05:26 GMT
Last-Modified: Thu, 23 Feb 2023 17:13:24 GMT
Server: AmazonS3
x-amz-request-id: 0EHCS19K1K7MKEPT
ETag: "0f301819e8e7630d0de1534df44ed8e9"
x-amz-server-side-encryption: AES256
Content-Type: image/png
Content-Disposition: inline; filename="TruittPTATigers.png"; filename*=UTF-8''TruittPTATigers.png
Accept-Ranges: bytes
Content-Length: 97021
x-amz-id-2: Z7RczPskNRdz9LGkOWimX2AJwer80k5ERek3RVdoIH5Ei29sT3p+3rIwvIhwZd+W1t1rhbhBnyA=

Redirect headers

x-rack-cors: miss; no-origin
x-runtime: 0.011341
date: Fri, 14 Jun 2024 12:05:25 GMT
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-permitted-cross-domain-policies: none
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Origin
content-type: text/html; charset=utf-8
location: https://s3.amazonaws.com/com.memberhub.storage/afwvikczb4t6p6w6ls5ywlogl2ze?response-content-disposition=inline%3B%20filename%3D%22TruittPTATigers.png%22%3B%20filename%2A%3DUTF-8%27%27TruittPTATigers.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAVT6B5PAOMIUHAH6D%2F20240614%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20240614T120525Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=75d21d55c0b3719f835a5d085b27e9bac991c04f50f8bc9f1497ea3208b558d4
cache-control: max-age=300, private
x-xss-protection: 1; mode=block
x-request-id: 12536b50-f639-4d16-9e8a-1835c1adcdf8

GET
H2 200 webpages Show response
api.memberhub.com/services/memberhub-service/ 2 KB
2 KB 336ms
331ms XHR
application/json 3.212.201.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages?live=true&organization_uuid=06f8e8ac-f40c-466f-96d3-1ace94e997fd

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.201.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-201-94.compute-1.amazonaws.com

Software

Resource Hash

7f96c97b6f9125d502ef43a589085af2d7d7765fb52bbed909943966e6bb1a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Fri, 14 Jun 2024 12:05:25 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: cf2154cc-9238-4b7a-bf77-122418175e12
x-runtime: 0.014765
referrer-policy: strict-origin-when-cross-origin
etag: W/"7f96c97b6f9125d502ef43a589085af2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 path Show response
api.memberhub.com/services/memberhub-service/webpages/ 121 B
634 B 337ms
332ms XHR
application/json 3.212.201.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.memberhub.com/services/memberhub-service/webpages/path?organization_uuid=06f8e8ac-f40c-466f-96d3-1ace94e997fd&path=/&live=true

Requested by

Host: truittpta.givebacks.com
URL: https://truittpta.givebacks.com/assets/index-PXCE-dR-.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.212.201.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-201-94.compute-1.amazonaws.com

Software

Resource Hash

6bbc1c98b0653ed1a329697a3126cbfd58062ce86bbf6d9b2fe53a78e5f18bb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-rack-cors: hit
date: Fri, 14 Jun 2024 12:05:25 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: f96da340-c7e2-4b59-a8de-9dbb95786f23
x-runtime: 0.031154
referrer-policy: strict-origin-when-cross-origin
etag: W/"6bbc1c98b0653ed1a329697a3126cbfd"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 97ms
40ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Ftruittpta.givebacks.com%2F&rl=&if=false&ts=1718366725241&sw=1600&sh=1200&ud[external_id]=dcf8d3398712da13628d0e9d1ae59ec9&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718366725240.109542172964359840&ler=empty&cdl=API_unavailable&it=1718366725011&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Jun 2024 12:05:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 395ms
339ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=495956447226186&ev=PageView&dl=https%3A%2F%2Ftruittpta.givebacks.com%2F&rl=&if=false&ts=1718366725241&sw=1600&sh=1200&ud[external_id]=dcf8d3398712da13628d0e9d1ae59ec9&v=2.9.158&r=stable&a=hubspot&ec=0&o=4126&fbp=fb.1.1718366725240.109542172964359840&ler=empty&cdl=API_unavailable&it=1718366725011&coo=false&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x46a3270010516d97","source_keys":["1","2"]},{"key_piece":"0x986974c9cce8bcc1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 14 Jun 2024 12:05:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380328887457348323", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=10, mss=1297, tbw=3104, tp=-1, tpl=-1, uplat=303, ullat=0
pragma: no-cache
x-fb-debug: YxTItpoMch2skWKOEeHYck0cDzCVKth59a5KQuHI/Dzp57yZdNivqGgTWeCKB74MQCJrGkU8qEH/umJa4ep4hw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380328887457348323"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 not_found.svg
npo.givebacks.com/ 7 KB
3 KB 194ms
132ms Image
image/svg+xml 13.35.58.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://npo.givebacks.com/not_found.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-6.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 778318e3f2949e572fd9adbab2f3397621cbe3e31bff0f7d04e36f4927026031

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:26 GMT
content-encoding: br
via: 1.1 80b00aa2dcc58ca61b2465a37c89fc92.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
etag: W/"100482a6dbc4fd5c336daa11c52dc780"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: dVs9SuWGRAaRotPnjZL5nyYHUB8vlH9JC1DBaVrVz9D-At0c_yMuFg==

GET
H2 200 Poppins-Medium-MifvOy28.woff2
truittpta.givebacks.com/assets/ 48 KB
48 KB 43ms
42ms Font
font/woff2 18.65.39.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://truittpta.givebacks.com/assets/Poppins-Medium-MifvOy28.woff2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-72.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Origin: https://truittpta.givebacks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:05:25 GMT
via: 1.1 5de5e66003332bec09dff893114ac06c.cloudfront.net (CloudFront)
last-modified: Tue, 14 May 2024 17:53:39 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 25628
etag: "3a0a14dc7381ee5200cadbe0af4ee7de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/woff2
content-length: 48956
x-amz-cf-id: sCga10KxbOrTT9gRUX2f0ulFogATg6_jvigDL4fpYbuWqWKPZ6RyXw==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 41ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-LZN7J64ECH&gtm=45je46c0v892291399za200zb9115494238&_p=1718366720392&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=49431792.1718366721&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1718366720&sct=1&seg=0&dl=https%3A%2F%2Ftruittpta.givebacks.com%2F&dt=Givebacks&en=scroll&epn.percent_scrolled=90&_et=30&tfd=6317&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LZN7J64ECH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://truittpta.givebacks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 12:05:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://truittpta.givebacks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.givebacks.com/	1970-01-21 06:55:26	Name: _ga Value: GA1.1.49431792.1718366721
.givebacks.com/	1970-01-21 06:55:26	Name: _ga_LZN7J64ECH Value: GS1.1.1718366720.1.0.1718366720.0.0.0
.givebacks.com/	1970-01-21 01:38:38	Name: __hstc Value: 210915018.dcf8d3398712da13628d0e9d1ae59ec9.1718366724541.1718366724541.1718366724541.1
.givebacks.com/	1970-01-21 01:38:38	Name: hubspotutk Value: dcf8d3398712da13628d0e9d1ae59ec9
.givebacks.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.givebacks.com/	1970-01-20 21:19:28	Name: __hssc Value: 210915018.1.1718366724542
.givebacks.com/	1970-01-20 23:29:02	Name: _gcl_au Value: 1.1.1294978837.1718366725
.hubspot.com/	1970-01-20 21:19:28	Name: __cf_bm Value: GDyFUJEv9VogF.KSX7k1RN9C7MX.eq8D8Lg.7u_iWSw-1718366724-1.0.1.1-FnyO86x_JGlBXHQ.JpeCcQzGylFalOcdTiOgA_6I9lqc.bCtbTTGpigLCex1sKWFVwqhGFGxivZOwHE4xI_vzw
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: SYwzHJhtIHgq7jrBy45dCeqHEYtGu9ZCDv7sUo9Ox2c-1718366724912-0.0.1.1-604800000
.givebacks.com/	1970-01-20 23:29:02	Name: _fbp Value: fb.1.1718366725240.109542172964359840

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.givebacks.com
api.hubapi.com
api.hubspot.com
api.memberhub.com
cdn.pendo.io
cdn.segment.com
connect.facebook.net
fonts.googleapis.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
npo.givebacks.com
region1.google-analytics.com
s3.amazonaws.com
securepubads.g.doubleclick.net
track.hubspot.com
truittpta.givebacks.com
truittpta.memberhub.com
www.facebook.com
www.googletagmanager.com
13.227.222.191
13.35.58.6
142.250.181.232
142.250.185.162
18.239.83.56
18.65.39.72
2001:4860:4802:34::36
2606:4700:4400::6812:22e5
2606:4700::6810:4d8e
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6810:8cd1
2606:4700::6810:a0a8
2606:4700::6811:df98
2606:4700::6812:f06c
2a00:1450:4001:810::2008
2a00:1450:4001:829::200a
2a00:1450:4013:c16::54
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.212.201.94
34.36.213.229
50.19.37.164
52.216.95.93
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
078a838f0e1e77b39512df1902c5197ac824cfb8d6f13e988126a8bdf597edb2
089a2a4f2d6b7ba7a035e27acb41b1789cb3b1f5fd165d8bd54ddee7dcab4f12
0c5b8dc8aff19cf814eb665f881709fffe02ab0128e0d33e731e87abbd51961a
0c5c3acb8f54768e89fad375090d9f7eb56957a99ff651f5137d27bbc70f1701
1c40149679275bc6a27d741143112fe51ac0035bc4e06d0ea2ddc743860a6b55
440ffecbe6014cabbb19beec388abc3a109db8d9b090740c82c460d1856f0349
458911e3d82a6fb85ae88f123f9deb059cb7437b9e49f71274d1f413faf6a692
47d1036cdfb7fa765e45f0f3d193baadcd53005e95a2f9bf7b531ebfbf41ea2f
4fcd7101ea71940e2a6d533fa173de7afaadac7a0e8a97579ea9dc2fa2ccb3d0
575a5fc8097cf2623cbc6cd63ea8b8ed90f3b67e8accbbd40ac2576feb092c11
5a5f2fdb0980fc74d117401c9ce42899b6e5560bcd44df3302dbf678ae494c86
5c53da67434e6dca016ca4307e6be6c9c04b44ba940242a80f6a9773ccfd30b3
63a73ebaeee926aa21a1bd64a78f067bf3f72fdb44a8f63714d09eb38b4220e3
65f297db27fc964a20f8920a595f572eb9fd59206590fdcc81c0dd532b7dd057
6bbc1c98b0653ed1a329697a3126cbfd58062ce86bbf6d9b2fe53a78e5f18bb1
6be6c7bff9c238e6cc67adf7b3953c9fe6f2d591a0d804cedfd1c1379bbe0297
710ef709800705b0c4615b61bdf388908f46f493cecf2a7aba49bc0d3d83a0b0
72d422ca01aa5059f41ff11b170fe69f993a39c7b0b06dc17fd072866b187d83
76e5bc94269b8d98c2763cc29d4b4594a12423b258b920e85c4e3aee441dc181
778318e3f2949e572fd9adbab2f3397621cbe3e31bff0f7d04e36f4927026031
7d4d5c36e3d58ce4252502344b374051e2fc0db80ead0d109059bf2b5d4de1f3
7f96c97b6f9125d502ef43a589085af2d7d7765fb52bbed909943966e6bb1a84
9860a0d46d0cfcc15e8a2d33928f1d8a671b1e797a07be2c04292f98265a75ab
9d296afdc904a1418bf022e347a0759dc3bcdf49bb02e34c21f880824be55453
9f24c9692a34b815ad9dfb5b707ba015b8ee17339bd0c036f531bd3b60af97fc
a5c7cbe055c732069cd995a01d01faab05b8e2085ba67a36b66c903a27c0e21d
a646ae686eb89a1693da9a71ec105127fe5eea1f192252b19608d96a7e9d4c33
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae32eb50022a1944fea712a650ee98f2b15abdfd621f70f6c0419d63a08a02bb
b05e018d8c0ff873437a5bf4593bbb782114676cb348504f15d47c87033bd3e8
b2f25671517f19b9c477ca58527ed79a2f3902d04de4d0032c91caede08c885f
bb638601351028994cd73bcaa3c930f5dde37df4e37575ec19d0a01ddf6f7e69
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6d21eb8a94c18ffc49cd7261c3756c558738e014a42e74140193edc345966b5

truittpta.givebacks.com Open in urlscan Pro 18.65.39.72 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

39 Requests

97 %HTTPS

58 %IPv6

19 Domains

23 Subdomains

23 IPs

3 Countries

2739 kBTransfer

8503 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

truittpta.givebacks.com Open in urlscan Pro
18.65.39.72 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

97 %
HTTPS

58 %
IPv6

19
Domains

23
Subdomains

23
IPs

3
Countries

2739 kB
Transfer

8503 kB
Size

10
Cookies

39 HTTP transactions
0 data transactions