twocarcrash.betterworld.org Open in urlscan Pro
44.195.237.61 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Submission: On December 27 via api (December 27th 2022, 10:01:11 am UTC) from IE — Scanned from DE

Summary HTTP 86 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 28 domains to perform 86 HTTP transactions. The main IP is 44.195.237.61, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is twocarcrash.betterworld.org.
TLS certificate: Issued by Amazon on June 7th 2022. Valid for: a year.

This is the only time twocarcrash.betterworld.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	44.195.237.61 44.195.237.61	14618 (AMAZON-AES) (AMAZON-AES)
13	143.204.89.104 143.204.89.104	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.102 52.222.206.102	16509 (AMAZON-02) (AMAZON-02)
2	151.139.128.8 151.139.128.8	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
2	52.216.144.83 52.216.144.83	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:73a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c03::9b	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:223... 2600:9000:223d:5000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.147.62 18.66.147.62	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
1	52.49.37.246 52.49.37.246	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:c8cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
86	39

3 44.195.237.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-237-61.compute-1.amazonaws.com

twocarcrash.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 143.204.89.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-104.fra50.r.cloudfront.net

d33u8rw00328s3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-102.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.8 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.144.83 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

betterworldcollective.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:73a2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c03::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:5000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-62.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.37.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net d33u8rw00328s3.cloudfront.net d2wy8f7a9ursnm.cloudfront.net	394 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	755 KB
10	google.com www.google.com — Cisco Umbrella Rank: 15 region1.analytics.google.com — Cisco Umbrella Rank: 4240	47 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 511	12 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 659 www.linkedin.com — Cisco Umbrella Rank: 609 px4.ads.linkedin.com — Cisco Umbrella Rank: 6985	3 KB
4	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 6887 app.hubspot.com — Cisco Umbrella Rank: 7794 track.hubspot.com — Cisco Umbrella Rank: 3664	4 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 877 script.hotjar.com — Cisco Umbrella Rank: 1157 vars.hotjar.com — Cisco Umbrella Rank: 1246 in.hotjar.com — Cisco Umbrella Rank: 2119	73 KB
3	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 5092 feedback.hubapi.com — Cisco Umbrella Rank: 47074	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4227	672 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 156 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 115	224 KB
3	betterworld.org twocarcrash.betterworld.org	66 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	202 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1461	369 B
2	ubembed.com ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 15783	48 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 178	111 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 87	20 KB
2	amazonaws.com betterworldcollective.s3.amazonaws.com	52 KB
2	fortawesome.com use.fortawesome.com — Cisco Umbrella Rank: 30311	32 KB
1	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 10912	7 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1321	5 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1273	45 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 32496	10 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 3457	20 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 7089	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 3449	63 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 4922	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 3721	985 B
86	28

	Domain	Requested by
13	d33u8rw00328s3.cloudfront.net	twocarcrash.betterworld.org
8	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	twocarcrash.betterworld.org www.gstatic.com www.google.com
5	bat.bing.com	twocarcrash.betterworld.org bat.bing.com
3	www.google.de	twocarcrash.betterworld.org
3	www.googletagmanager.com	twocarcrash.betterworld.org www.googletagmanager.com
3	twocarcrash.betterworld.org	twocarcrash.betterworld.org d33u8rw00328s3.cloudfront.net
2	feedback.hubapi.com	static.hsappstatic.net
2	fonts.gstatic.com	www.google.com
2	www.facebook.com	twocarcrash.betterworld.org
2	region1.analytics.google.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	api.hubspot.com	js.usemessages.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	twocarcrash.betterworld.org connect.facebook.net
2	www.google-analytics.com	twocarcrash.betterworld.org
2	betterworldcollective.s3.amazonaws.com	d33u8rw00328s3.cloudfront.net
2	use.fortawesome.com	twocarcrash.betterworld.org use.fortawesome.com
1	static.hsappstatic.net	app.hubspot.com
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	in.hotjar.com	script.hotjar.com
1	assets.ubembed.com	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
1	api.hubapi.com	js.hsadspixel.net
1	vars.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	twocarcrash.betterworld.org
1	www.linkedin.com	1 redirects
1	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	www.googletagmanager.com
1	snap.licdn.com	twocarcrash.betterworld.org
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-scripts.com	twocarcrash.betterworld.org
1	d2wy8f7a9ursnm.cloudfront.net	twocarcrash.betterworld.org
86	41

This site contains links to these domains. Also see Links.

Domain
betterworld.org
www.facebook.com
twitter.com
api.whatsapp.com
d33u8rw00328s3.cloudfront.net
twoinacarcrash.wixsite.com
support.betterworld.org
support-us.betterworld.org
business.betterworld.org
betterworldcandles.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
betterworld.org Amazon	`2022-06-07` - `2023-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
use.fonticons.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-15` - `2024-01-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-05` - `2023-01-03`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Frame ID: E7609D670633F7D67653D90CE1387CA5
Requests: 67 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: B4C04A223C1C83A49311B9A6BF3B0E5F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=n9bptglo69h4
Frame ID: EB96259EA832D429F4457BFD5422DAF9
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=r8380qols2iq
Frame ID: 0ADB333C99ACF8B5D2CBE501E8C27856
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Frame ID: AC4FA3C0CD9E2FF7A7695D0EF572CE47
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 0C298D123F41E21C726BF58F406054D4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Astrobleme Limited CD! giveaway supporting Two in a Car Crash | BetterWorld

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

86
Requests

99 %
HTTPS

69 %
IPv6

28
Domains

41
Subdomains

39
IPs

4
Countries

2044 kB
Transfer

5462 kB
Size

31
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://betterworld.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfsm
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Astrobleme%20Limited%20CD%21%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash&url=http%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=http%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd?utm_source=whatsapp&utm_medium=social&utm_campaign=fsm
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://d33u8rw00328s3.cloudfront.net/user/images/raffle/268830-62ad3ded2df45-ba59785f67469d3e873a-1240.jpg

Search URL Search Domain Scan URL

URL: https://twoinacarcrash.wixsite.com/website
Title: Two in a Car Crash

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/
Title: support.betterworld.org

Search URL Search Domain Scan URL

URL: https://betterworld.org/request-a-demo/
Title: Get a demo

Search URL Search Domain Scan URL

URL: https://betterworld.org/sign-up/choose-account-type/
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://betterworld.org/mission/
Title: Mission

Search URL Search Domain Scan URL

URL: https://betterworld.org/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support-us.betterworld.org/
Title: Support Us

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://betterworld.org/crowdfunding/
Title: Crowdfunding

Search URL Search Domain Scan URL

URL: https://betterworld.org/auctions/
Title: Auctions

Search URL Search Domain Scan URL

URL: https://betterworld.org/donations/
Title: Donations

Search URL Search Domain Scan URL

URL: https://betterworld.org/giveaways/
Title: Giveaways

Search URL Search Domain Scan URL

URL: https://betterworld.org/ticketing/
Title: Ticketing

Search URL Search Domain Scan URL

URL: https://betterworld.org/impact-giving/
Title: Impact Giving

Search URL Search Domain Scan URL

URL: https://business.betterworld.org/
Title: BetterWorld for Business

Search URL Search Domain Scan URL

URL: https://betterworldcandles.com/
Title: BetterWorld Candles

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BetterWorldCollective

Search URL Search Domain Scan URL

URL: https://twitter.com/betterworldc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betterworldcollective/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/better-world-collective

Search URL Search Domain Scan URL

URL: https://betterworld.org/request-password-reset
Title: Forgot your password?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1672135265288%26url%3Dhttps%253A%252F%252Ftwocarcrash.betterworld.org%252Fgiveaways%252Fastrobleme-limited-cd%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQKGK342uckEDQAAAYVTB061qzGimVDTqYLHw0-yUwzkP6HKZ25HqTqdeYmQDgURr6qYWQcp

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request astrobleme-limited-cd Show response
twocarcrash.betterworld.org/giveaways/ 28 KB
8 KB 989ms
264ms Document
text/html 44.195.237.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.237.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-237-61.compute-1.amazonaws.com

Software

Apache/2.4.54 () OpenSSL/1.0.2k-fips /

Resource Hash

6d288c4e67d671a437d403944ee7a1d5e134d5f79b56d3fb2462c4cbc12121a4

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Dec 2022 10:01:04 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding
x-frame-options: deny

GET
H/1.1 200
OK frontend.css
d33u8rw00328s3.cloudfront.net/css/bf801e0/ 472 KB
159 KB 50ms
12ms Stylesheet
text/css 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/css/bf801e0/frontend.css
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0a958cd91fe95b388ce16f851311fb9d20dd819899bfb5a7ad3d1a1182acdde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 21:46:46 GMT
Content-Encoding: gzip
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Dec 2022 21:44:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 1253659
ETag: "f9d7f5a3867589e68fd17f40b1331f43"
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 162429
X-Amz-Cf-Id: nv05-SqXqdfG2NBOTfq84zKSD1KnLY4R6ZKK9Gj605Bf-z0Fwrd72A==

GET
H/1.1 200
OK wordmark.svg
d33u8rw00328s3.cloudfront.net/images/brand/ 34 KB
35 KB 75ms
21ms Image
image/svg+xml 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/brand/wordmark.svg
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sat, 27 Aug 2022 05:17:15 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Last-Modified: Wed, 24 Aug 2022 16:19:08 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 10557830
ETag: "b90d17a9c7961df823b9f953933a34d4"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34884
X-Amz-Cf-Id: _TZKKhG6Rfu53xsYgOlz1qM8gRd10Nq2PnbjwnjAAe3orHa6y5xHQQ==

GET
H2 200 default-org-logo.png
twocarcrash.betterworld.org/images/logos/ 886 B
1 KB 115ms
113ms Image
image/png 44.195.237.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twocarcrash.betterworld.org/images/logos/default-org-logo.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.237.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-237-61.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
last-modified: Mon, 12 Dec 2022 21:44:30 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag: "376-5efa8687b2b80"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 886
expires: Thu, 26 Jan 2023 10:01:04 GMT

GET
H/1.1 200
OK facebook.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 466 B
971 B 23ms
14ms Image
image/png 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/facebook.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 01:59:57 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Last-Modified: Wed, 30 Nov 2022 22:00:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 2188868
ETag: "aa576fca66ec02d2408fc2127fa71913"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 466
X-Amz-Cf-Id: qcPknjOL0Klx_Yv1D5_X5L0s28rKe0Ta_TyZixwsjYcMH5xYZwniQA==

GET
H/1.1 200
OK twitter.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 775 B
1 KB 20ms
13ms Image
image/png 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/twitter.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 30 May 2022 08:47:20 GMT
Via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
Last-Modified: Fri, 27 May 2022 21:09:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 18234825
ETag: "9413848f672dba3937857243d27399ca"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 775
X-Amz-Cf-Id: MJ4Eg5wv5Iqo1MPkNN781SgZgVmz-GMjzjTCkNZQuuKXNHeh_rMc6Q==

GET
H/1.1 200
OK whatsapp.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 1 KB
2 KB 26ms
17ms Image
image/png 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/whatsapp.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 31 Oct 2022 07:13:32 GMT
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
Last-Modified: Wed, 26 Oct 2022 15:03:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 4934853
ETag: "5abb67522bc243d7c42e833d3cd8cc76"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1341
X-Amz-Cf-Id: LhM7iwY0jUa6mhDCS8HVIAtaxOvs0J-DomgeTdxeZguG8zAZH4Nl2w==

GET
H/1.1 200
OK email.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 2 KB
2 KB 26ms
12ms Image
image/png 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/email.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 01 Nov 2022 01:03:47 GMT
Via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
Last-Modified: Wed, 26 Oct 2022 15:03:53 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 4870638
ETag: "9c324ec5e8ace818bcc74b7f8303004d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2000
X-Amz-Cf-Id: P5w9ceUYmrmBTkjx8MelM0ai8ePl7Ws9XabFW1te6MgTRd8f5m7QRg==

GET
H/1.1 200
OK 268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg
d33u8rw00328s3.cloudfront.net/user/images/raffle/ 28 KB
28 KB 423ms
422ms Image
image/jpeg 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/raffle/268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 843615456abd5526b3efc939b0fbd04e2706ba305722de92ec8ca5142919964e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 10:01:06 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
Last-Modified: Sat, 18 Jun 2022 02:52:30 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "d5fa78b65779ec04b60aa410427f535b"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28403
X-Amz-Cf-Id: cZcr_XhnJXQVUwF_DrZFLMfe6F6bZRb__rDDyNl_Xuz5viyXEDaZhg==

GET
H/1.1 200
OK 268830-62ad3ded2df45-ba59785f67469d3e873a-145.jpg
d33u8rw00328s3.cloudfront.net/user/images/raffle/ 4 KB
5 KB 446ms
446ms Image
image/jpeg 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/raffle/268830-62ad3ded2df45-ba59785f67469d3e873a-145.jpg
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 98d8675bd0fd6577642437e6a0b5d825137f0e8a9e333cf53124ec88282bb1e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 10:01:06 GMT
Via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
Last-Modified: Sat, 18 Jun 2022 02:52:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "ef1838e762a1c90940c8fb32992eb81c"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4284
X-Amz-Cf-Id: k-tCNByHV5m2oldRsOVI3C54iQYn0tTXvi7vuY3iDNsqIHUFXpgBmg==

GET
H/1.1 200
OK bw-white-64.png
d33u8rw00328s3.cloudfront.net/images/brand/ 1 KB
2 KB 12ms
11ms Image
image/png 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/brand/bw-white-64.png
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 22 Jul 2022 02:07:03 GMT
Via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
Last-Modified: Thu, 21 Jul 2022 14:06:00 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 13679642
ETag: "fabc01ec04aadbdf899735f9c36e2021"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1280
X-Amz-Cf-Id: EwldtcUlPJKPXjbqJ7O-oAwbhDbMLtMlYwAPGc4O88p1zBQdksb0Hg==

GET
H/1.1 200
OK jquery.min.gz.js Show response
d33u8rw00328s3.cloudfront.net/js/0/jquery/3.6.0/ 87 KB
31 KB 38ms
22ms Script
application/x-javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/0/jquery/3.6.0/jquery.min.gz.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://twocarcrash.betterworld.org/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Wed, 07 Sep 2022 08:06:27 GMT
Content-Encoding: gzip
Via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Age: 9597278
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 30961
Last-Modified: Sun, 24 Jul 2022 16:41:18 GMT
Server: AmazonS3
ETag: "d56704786fed8b453b7bd2c00d5508c7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: Ttgw5SfiS8lU2mhizFZX2hIdIQBlrc-NAOh6n3YauvpoP-bVZFlgIg==

GET
H/1.1 200
OK bootstrap.min.gz.js Show response
d33u8rw00328s3.cloudfront.net/js/0/bootstrap/3.4.1/ 39 KB
11 KB 39ms
22ms Script
application/x-javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/0/bootstrap/3.4.1/bootstrap.min.gz.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

Referer: https://twocarcrash.betterworld.org/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Sun, 28 Aug 2022 02:54:24 GMT
Content-Encoding: gzip
Via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
Age: 10480000
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10957
Last-Modified: Sat, 23 Jul 2022 15:42:52 GMT
Server: AmazonS3
ETag: "06b1a7cca75620cfa121bdabd8aff5c2"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: sOUdzg_DUMnahHVv9ZCwa8g_rcK6mjxZ9xqV7Ji1DBJtHLlavRq21w==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 76ms
17ms Script
application/javascript 52.222.206.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-102.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 626c544a24a86c6cd608360f520b6d8c.cloudfront.net (CloudFront)
Date: Mon, 26 Dec 2022 05:57:41 GMT
X-Amz-Cf-Pop: FRA56-P3
Age: 101004
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
X-Amz-Cf-Id: K6OLSkshFtPIy4FvJwt8PdbS19xOWUQVKxhqCv5cAngfT_krPOPUxQ==

GET
H2 200 13854182.js Show response
use.fortawesome.com/ 10 KB
4 KB 80ms
20ms Script
application/javascript 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/13854182.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 3ba7a35f73cdc5e1764fddb79c56154c29618895d1ee9b1229701cc14d654176

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPCgq50GEooBCiRhMjdmM2U1Zi00MjJlLTRlZmItOThkZi1kYTNkNjZiZTRmZGYQoNXS8J2/7wIaBgjghKudBiIPMTg1LjIxMy4xNTUuMTc3KL6DAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGisIARIkMzFlODY5ZjYtZTM3Ny00MGNmLTg5ODUtN2Q0ZDMxM2YxNjVlGJMfIhgIAhIUY2RzMjY0LmFtNS5od2Nkbi5uZXQ=.WXBLFn3NVU3je5rmRsKaCfCPjt2//eFjgKyei9Sm1KQ=
last-modified: Wed, 28 Sep 2022 22:59:15 GMT
etag: "49354471921f8e50deda74227779dc90"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1672135264.cds214.am5.hn,1672135264.cds264.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 3987

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 156ms
42ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf69244ea925c8d1dfc27ce793afc17ddd396595a9937fd115fe3ffb541a97d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Tue, 27 Dec 2022 10:01:04 GMT

GET
H2 200 7187435.js Show response
js.hs-scripts.com/ 2 KB
985 B 189ms
140ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7187435.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e386550f38a283d3da865fb999d10c6d0d402a91e857c34698a78a6116f280f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 27 Dec 2022 08:40:06 GMT
server: cloudflare
x-hubspot-correlation-id: 7813f9f0-651d-420c-9523-9413c30e3d0b
x-trace: 2B82F54B42FDC50BC6357BE6C7B50ABCDE9F87BADC000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://twocarcrash.betterworld.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7801367ce8299b82-FRA
expires: Tue, 27 Dec 2022 10:02:04 GMT

GET
H/1.1 200
OK 7a0d2d82e9611e0733b6e1a14a68d098.js Show response
d33u8rw00328s3.cloudfront.net/js/bf801e0/ 351 KB
104 KB 43ms
34ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/bf801e0/7a0d2d82e9611e0733b6e1a14a68d098.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60d186c27a2935eec71f314acbf580acd6c294352e0e27d9fe22b8ae60630340

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 21:46:46 GMT
Content-Encoding: gzip
Via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Dec 2022 21:43:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 1253659
ETag: "c2ba56b4f90d9d169db821ba1ca0a63d"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105592
X-Amz-Cf-Id: guTTKaTMZ28u6bKE-kaaEbYWSLa44RTvLjnEPTYz2y407Z-ZOiMpyA==

GET
H/1.1 200
OK b2773045ff20dd2346f28410c2ce4b9f.js Show response
d33u8rw00328s3.cloudfront.net/js/bf801e0/ 29 KB
9 KB 44ms
20ms Script
application/javascript 143.204.89.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/bf801e0/b2773045ff20dd2346f28410c2ce4b9f.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-104.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5758670f814194545f26ae0334196329134083352ad9d0d21323e6857b2a2b50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 13 Dec 2022 02:13:52 GMT
Content-Encoding: gzip
Via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
Last-Modified: Mon, 12 Dec 2022 21:43:48 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
Age: 1237633
ETag: "721a65d122fa36760b449aaedea26a01"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9094
X-Amz-Cf-Id: bX-rAERcBhDBTr2YI4xrtFa4ICuILE3cxC-HAS_wvmLdozwWTS6vPw==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
80 KB 163ms
50ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e6d1ab74f8737e494eafd2331e4e0ff2b00caa90149da9a649fc2ef59254c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80943
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Dec 2022 10:01:04 GMT

GET
H/1.1 200
OK verb-light.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 27 KB
28 KB 421ms
162ms Font
font/woff2 52.216.144.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-light.woff2
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/css/bf801e0/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f

Request headers

Referer: https://d33u8rw00328s3.cloudfront.net/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 10:01:06 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:50 GMT
Server: AmazonS3
x-amz-request-id: DHG2XN7HF30KAXRZ
ETag: "1182fcf93f71ae6d6427c67b61a18865"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: font/woff2
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 27960
x-amz-id-2: Vn/rIEqIrAoD4GxaWeYPKrzCrWR0ew2VgNYXciAxxg9mxWD7vO+Ahbgt+anVVpNt9HuoowGqJYI=

GET
H/1.1 200
OK verb-semibold.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 24 KB
25 KB 397ms
138ms Font
font/woff2 52.216.144.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-semibold.woff2
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/css/bf801e0/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.83 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597

Request headers

Referer: https://d33u8rw00328s3.cloudfront.net/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 10:01:06 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:11 GMT
Server: AmazonS3
x-amz-request-id: DHGAG75MKAT25RE2
ETag: "30c9ed1daa069984ec816e2e481afb16"
Access-Control-Max-Age: 3000
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Access-Control-Allow-Origin: *
Content-Type: font/woff2
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 24584
x-amz-id-2: SsisRPM7uKk9f3f2iclhik1QaJMOs8jtaLvq/S/BzsS24CtWcN3hwUadGuagIEHW1vFA1Z9kOd4=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 153ms
34ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Dec 2022 09:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 621
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 27 Dec 2022 11:50:44 GMT

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Referer
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/13854182/publications/121500/ 42 KB
27 KB 34ms
27ms Stylesheet
text/css 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/13854182/publications/121500/woff2.css
Requested by: Host: use.fortawesome.com
URL: https://use.fortawesome.com/13854182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: f003e95216927682f0670dca3117b6e66a2dc57f2efa375c3a46181dd71c0819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:04 GMT
content-encoding: gzip
x-sp-metadata: HS256.CPCgq50GEooBCiRlYzViYWRlNS1mNzc0LTRlOGUtYjA2Ni01NDlkNjA2MDljMzAQoNXS8J2/7wIaBgjghKudBiIPMTg1LjIxMy4xNTUuMTc3KL6DAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIDNlOWIyMDYxMDA5OGI2YzliZmY5NTM4NTZlNTgwMTZhGiwIARIkYWFhODk4YmMtYWZiMy00YWY2LTgxZTYtOTI1Mzc4MzEzN2I1GKrYASIYCAISFGNkczI5OS5hbTUuaHdjZG4ubmV0.r6Phj5GFCcwKQsRTkuTQLFjAmsMfC7nQEQUrJwQuhrY=
last-modified: Wed, 28 Sep 2022 22:59:16 GMT
etag: "40d0d058e4864b2ca53af07b04ab0e4f"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1672135264.cds214.am5.hn,1672135264.cds299.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27690

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ 407 KB
163 KB 151ms
35ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://twocarcrash.betterworld.org/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 09:47:43 GMT

GET
DATA 200
OK truncated
/ 24 KB
24 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f0056ae81783764d9c0ccc7c77454c9003411c2b3313758de0347f5146f3bd8

Request headers

Referer
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
3 KB 141ms
48ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-amz-version-id: uc7chkM909y9_fdLpHcf_jlYEUuyZ4oj
via: 1.1 2db4851b6d360f79d8bbeb4eae3c9eb6.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 200
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.303/bundles/pixels-release.js&cfRay=7801319d1a9d9b98-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Dec 2022 06:51:27 UTC
server: cloudflare
etag: W/"cac538694d8cb071669002abe101c1fa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7801367efecf90c1-FRA
x-amz-cf-id: G2RwxSixjzSM0spnjLF3rYEhuxHagk6d96b8OtR6w7WsQzoP0_Vk1A==
x-hs-target-asset: adsscriptloaderstatic/static-1.303/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/7187435/ 202 KB
63 KB 199ms
141ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/7187435/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6854f4c75a55fe15be364f9b3b46d53bd2283ce6e519fc54b81e9eb6b6ad84b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-amz-version-id: IdXwXHXjKIqDxsazcZ4tw.5.6wRXO5iL
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: K43GF71S75NCVCHC
x-amz-server-side-encryption: AES256
x-amz-id-2: srT9ovN9ZwkNNLYEjWGrRjb4FbuqWSdfLmM4SEkWinTKh5BQj92v7nuHAeSWlErSoFPenJwmEsA=
last-modified: Thu, 08 Dec 2022 21:57:59 GMT
server: cloudflare
etag: W/"fb379fe127fd082ec138218952143b87"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://utahmuseums.betterworld.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7801367ec8d92be8-FRA
expires: Tue, 27 Dec 2022 10:06:05 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 73 KB
21 KB 128ms
33ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-amz-version-id: zFL9ePVKol2FHiQyTIIp8GqFQtgXkdvq
via: 1.1 8e6324c5a68bac8fd8e6eead6a5b73f2.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: IAD55-P4
age: 445
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.11564/bundles/project.js&cfRay=78012ba1fa35bb73-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 13 Dec 2022 07:38:59 UTC
server: cloudflare
etag: W/"3f8937b5e0033972ae4f0d4dcf06cffa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7801367f0b33901f-FRA
x-amz-cf-id: us6LwTf1zLUjudy37SDWRmBDNjGJPwn1mgi2rhlDf5eRbFumZGsVqQ==
x-hs-target-asset: conversations-embed/static-1.11564/bundles/project.js

GET
H2 200 7187435.js Show response
js.hs-analytics.net/analytics/1672135200000/ 64 KB
20 KB 254ms
162ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1672135200000/7187435.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9320f1e18bb511b63cbe99151324d16ca4c5884f9ba7748d68f37fd3a9504b55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DHGABNB92M87PKV6
x-amz-server-side-encryption: AES256
x-amz-id-2: ADI7pe//V+pKd6ZYju3Gf69Z96TxMDrifY9iJy8PdquadN5hcb7KYe7Kyn0gL+fI0gKqO4mqXxs=
last-modified: Thu, 01 Dec 2022 14:28:05 GMT
server: cloudflare
etag: W/"fc9513a51eb15b86f31c777dbe750db1"
vary: origin, Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 7801367eff8fbb53-FRA
expires: Tue, 27 Dec 2022 10:06:05 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 28 KB
10 KB 252ms
156ms Script
application/javascript 2606:4700::6811:73a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:73a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67f239c69ed9835cafcd57316ac75c9baee6036723b04f1725958fd6fa4cd687

Request headers

Referer: https://twocarcrash.betterworld.org/
Origin: https://twocarcrash.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-amz-version-id: H6_9G.4sgujCcpztZPs1UeACzHqpoc3n
via: 1.1 4091abb8cac392d8bc54145a27288bc6.cloudfront.net (CloudFront)
cf-cache-status: MISS
content-encoding: br
x-amz-cf-pop: IAD55-P4
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.12900/bundles/popupInjector.js&cfRay=7801367f0f109171-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 09:27:06 UTC
server: cloudflare
etag: W/"6b9985a9cc1d88191c35d9819dc17917"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: max-age=600
cf-ray: 7801367f0f109171-FRA
x-amz-cf-id: toT42wQwxygeYlZePRXJyIFK4WoOE_5xqttoqCNGlLeW9jptrUcPvw==
x-hs-target-asset: feedback-web-renderer-ui/static-1.12900/bundles/popupInjector.js

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 116 KB
45 KB 271ms
49ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-NV3QWDS

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d5f8168bc410e3932fef2e777fae3e1eaec870ad3b2c70343c0b06e8004c83e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 45784
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Dec 2022 10:01:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 296ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Dec 2022 10:01:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gZew4YUnzanTtR+aaggOWXx5GWuhfU+7W5xXhTSCW/agB561XRzrLFukMYAeiYyY/5f6nGPWTlVuVl2Ise5zGg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2888537.js Show response
static.hotjar.com/c/ 8 KB
4 KB 192ms
43ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

2c7eb0e9c6cdf07bc2fc2ad61236b17c81ede5b1ab120655d21dabb6e717f7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/42652a352228443b0e9b8b2b4f6f2a05
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9drzL1aNMIFiVMILljf9gNGlBSrzwH5o79qZ0NvhDsnpnezEG1LnQg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 183 KB
67 KB 98ms
64ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658085178

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e360cf8a79b07af341b4390511afaecde372e2649e3d48526cb2d61cbbe2fc6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68377
x-xss-protection: 0
last-modified: Tue, 27 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Dec 2022 10:01:05 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 161ms
13ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=67080
accept-ranges: bytes
content-length: 4654

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 161ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 27 Dec 2022 10:01:04 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E04180FD47D74211AC3FB880E457629F Ref B: FRAEDGE1815 Ref C: 2022-12-27T10:01:05Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11472

GET
H2 200 / Show response
ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/ 497 B
725 B 259ms
127ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a0264c41f41b045a8c048892c4fbfc0a59e8b285f91096f92041f3d01ca642d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 0
etag: W/2617e7e791c425aeb97efbd51bde8407-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: dzNPQHApjoEFtvQ=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
77 KB 99ms
73ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

33286336448a69b53a7621b07e3e92fe0b39953797885481198c2929bd1e343a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78940
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 27 Dec 2022 10:01:05 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 186ms
4ms XHR
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-43911805-1&cid=1946369911.1672135265&jid=1857421642&gjid=2077733233&_gid=1873724205.1672135265&_u=IGBAgEABQAAAAEAAI~&z=1432940159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://twocarcrash.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Dec 2022 10:01:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twocarcrash.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 56ms
54ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=744571759&t=pageview&_s=1&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&ul=en-us&de=UTF-8&dt=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABQAAAAAAAI~&jid=1857421642&gjid=2077733233&cid=1946369911.1672135265&tid=UA-43911805-1&_gid=1873724205.1672135265&z=1753940834

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Dec 2022 19:44:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51425
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 301 B
1 KB 197ms
166ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7187435&conversations-embed=static-1.11564&mobile=false&messagesUtk=07e5e0e10f4d4772b1db01d257ce13df&traceId=07e5e0e10f4d4772b1db01d257ce13df

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b4d7a1824603d78412c0989f551743312fdee030e6c13a99bccc98f471924c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://twocarcrash.betterworld.org/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 4cb14afa-8bb3-431c-8336-ad2b309664bf
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 236
server: cloudflare
x-trace: 2B936E33B2B6889478E307A69D768FD8239B80C001000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://twocarcrash.betterworld.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYgpQswAQ9%2F%2F9Wt60HQjtrt01kgIHmH%2Fh7vpTQKxG5jImyB5mkiFk1xKppjzml%2FMtur7tIBEIwPEuAXxMc5oYj3Epnphb79hxo48Y6pPX1hTmUehlP3PlaJlTRlwIj2i88lJ2SkeTlIznHUVAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 780136816bbb9bcb-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 265ms
149ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://twocarcrash.betterworld.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://twocarcrash.betterworld.org
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 780136805cdebb97-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 27 Dec 2022 10:01:05 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNnpcW5x9bECmdRRsPYALoSDaqN22RvjIP18jEJzFnBFfkBlV9Ht9EDhL3yx14B9CVZNcUk%2FF7D7gcSck4QxzGMCjWfFVhIdB5uznUlN%2FAgXrdqkfFIxCFZpm4Wv9Xoob%2B4PspBYYRaY2Q6PCg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 167bb0a7-7dd9-4200-a768-fdf2778c0ad5
x-trace: 2B5E9405B482C2ADB6BF603FDC139060155D015CDD000000000000000000

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3146785/domain/twocarcrash.betterworld.org/ 36 B
369 B 170ms
165ms XHR
application/json 2600:9000:223d:5000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3146785/domain/twocarcrash.betterworld.org/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://twocarcrash.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: gzip
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: p9pxI4J9tzqdQ7BuMUh0JM95SbkktHp1-I3CLSfFVvLCGUo55RShww==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1672135265288%26url%3Dhttps%253A%252F%252Ftwocarcrash.betterworl...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQKGK342uckEDQAAA...

0
265 B

243ms
184ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQKGK342uckEDQAAAYVTB061qzGimVDTqYLHw0-yUwzkP6HKZ25HqTqdeYmQDgURr6qYWQcp
Requested by: Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 37C8DD4B366246AFA63D7B1FB3194602 Ref B: FRAEDGE1118 Ref C: 2022-12-27T10:01:06Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwzFSPAIzZ6Pn/tFkkKg==

Redirect headers

date: Tue, 27 Dec 2022 10:01:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: E5EA7B9A5E2446F8BECD3B337C8A181B Ref B: FRAEDGE1907 Ref C: 2022-12-27T10:01:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1672135265288&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQKGK342uckEDQAAAYVTB061qzGimVDTqYLHw0-yUwzkP6HKZ25HqTqdeYmQDgURr6qYWQcp
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXwzFSLUOxsVSghbnbfAQ==

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3146785/domain/twocarcrash.betterworld.org/ Frame 0
0 224ms
171ms Preflight 2600:9000:223d:5000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3146785/domain/twocarcrash.betterworld.org/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:5000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://twocarcrash.betterworld.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Tue, 27 Dec 2022 10:01:05 GMT
via: 1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-id: z8PCLt4sVONKYb3Cz8MNNtfCIGQgOUKVkI-1-lXZQfjBGx1vwMnksw==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront

GET
H2 200 modules.352fddba5b21bbfc3a08.js Show response
script.hotjar.com/ 264 KB
68 KB 93ms
14ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 08:07:05 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9987fa8ab620895e83d1d8f10c40f6d2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 438840
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68894
last-modified: Thu, 22 Dec 2022 08:06:23 GMT
etag: "3256c76707175033b83ffe82f89b32ec"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: J1jvIoI3E7yOVHG1Yn0KZNE18WDb6Xt-CJ3WpggD_oHMztNJLcUykw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 162ms
61ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43911805-1&cid=1946369911.1672135265&jid=1857421642&_u=IGBAgEABQAAAAEAAI~&z=532290914

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 232ms
92ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-43911805-1&cid=1946369911.1672135265&jid=1857421642&_u=IGBAgEABQAAAAEAAI~&z=532290914

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/ 2 KB
2 KB 176ms
52ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/?random=1672135265340&cv=11&fst=1672135265340&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&auid=734347710.1672135265&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658085178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d083f42e62e2cc921b96494ead8648138ac9329b7beffd4f2b163832dc6bf7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-5e66f98b4ee957db209dc6f63e3d59dd.html Show response
vars.hotjar.com/ Frame B4C0 2 KB
1 KB 61ms
8ms Document
text/html 18.66.147.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-62.fra60.r.cloudfront.net

Software

Resource Hash

cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2926259
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Nov 2022 13:10:06 GMT
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-cf-id: ngDFXundu9b6-vqvggYtGSTLMF2Haaq2_HbAmsig2MBNlEQEsqhHfA==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
856 B 193ms
127ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7187435

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 71b295e4-a872-48f9-ad35-77f98bc5c422
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BAAC1DE2FE2EA9A4FD91883ACC5B62A3771CDFAB1000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://twocarcrash.betterworld.org
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QKqeYPtSeagdMb7PONFFg8xwb3xKIt1ZHqHbQ%2FNDrb%2F%2FudqbZVfcyDLP%2F%2Bjb25MFuUpVJyRI9aU4xToTHjkPr8gevNGv4TGO8XkZshoHn%2BaxmIYz9LJcbkt2aFktlWe%2Bs3MQ8lYMCzf2L6M"}],"group":"cf-nel","max_age":604800}
access-control-max-age: 180
access-control-allow-credentials: false
cf-ray: 780136814dbf9250-FRA
access-control-allow-headers: *

POST
H2 204 collect
region1.analytics.google.com/g/ 0
355 B 134ms
40ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GS2WP6TV7Y&gtm=2oebu0&_p=744571759&_gaz=1&cid=1946369911.1672135265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672135265&sct=1&seg=0&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&dt=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twocarcrash.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 74ms
36ms Ping
text/plain 2a00:1450:400c:c03::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GS2WP6TV7Y&cid=1946369911.1672135265&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c03::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twocarcrash.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 85ms
83ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GS2WP6TV7Y&cid=1946369911.1672135265&gtm=2oebu0&aip=1&z=540620069

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame EB96 42 KB
22 KB 64ms
61ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=n9bptglo69h4

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e5bf242130885c72841451f9b1cf9ee8a140f0a7fb2ae2ecf6d069729e8b949

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-w3IRfyyQpbZ3M_U9BCD1ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22376
content-security-policy: script-src 'report-sample' 'nonce-w3IRfyyQpbZ3M_U9BCD1ug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 10:01:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 0ADB 43 KB
23 KB 82ms
70ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=r8380qols2iq

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c99c2c926cebd699bb413cd25007a74a9d51a0425dac8c614138eb5813730d4b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-b7mDwhdtg3Tv1LPKnlaNDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 23212
content-security-policy: script-src 'report-sample' 'nonce-b7mDwhdtg3Tv1LPKnlaNDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 10:01:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 56384066.js Show response
bat.bing.com/p/action/ 0
118 B 104ms
101ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384066.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Dec 2022 10:01:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EF305D2BF925430C8C709C5F7FA625CC Ref B: FRAEDGE1815 Ref C: 2022-12-27T10:01:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
175 B 34ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384066&Ver=2&mid=d70e7e1e-acf1-47f5-965a-4ff4d499ded1&sid=60c236f085cd11ed8796f16d30f99d88&vid=60c25e2085cd11ed80887b32b13f6844&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&p=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&r=&lt=1280&evt=pageLoad&sv=1&rn=191349

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Dec 2022 10:01:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D661B693281B4F5AAC7CEB72279D4D43 Ref B: FRAEDGE1815 Ref C: 2022-12-27T10:01:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 137001031.js Show response
bat.bing.com/p/action/ 0
118 B 117ms
112ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137001031.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 27 Dec 2022 10:01:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91ECE23DBD5C4C45A0BC61A7BE50B134 Ref B: FRAEDGE1815 Ref C: 2022-12-27T10:01:05Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
120 B 42ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137001031&Ver=2&mid=595f99b5-8578-4d87-b95d-91f74ef20a5d&sid=60c236f085cd11ed8796f16d30f99d88&vid=60c25e2085cd11ed80887b32b13f6844&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&p=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&r=&lt=1280&evt=pageLoad&sv=1&rn=597828

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 27 Dec 2022 10:01:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E5765E98263241E19EA9F6EFFD2A6605 Ref B: FRAEDGE1815 Ref C: 2022-12-27T10:01:05Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 763472054393761 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 102ms
76ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/763472054393761?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3a584411c3ffab07710bc60d0333b2a9090f6acd53eeb3a28fbd4b498711f1f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 27 Dec 2022 10:01:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: HGdT6lOTY8E+kXBU6Y8/25YQ6aT8B+ng8VMOzR/JSK3Zh8qeL4wCMelQnjuPq6BoBBeb8+1w/Iw0nCK0orjElw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame EB96 52 KB
24 KB 122ms
36ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=n9bptglo69h4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 16:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 16:18:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame EB96 407 KB
163 KB 180ms
95ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 09:47:43 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0ADB 52 KB
24 KB 128ms
55ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=r8380qols2iq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 16:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 16:18:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame 0ADB 407 KB
163 KB 107ms
35ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 09:47:43 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 73ms
11ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 18688532
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: yRiBfc9sQR5j2qjMear1XDgMqPHhKgWGV7_YD_oJXqSiHglzQfdZ1A==

GET
H3 200 /
www.google.com/pagead/1p-user-list/658085178/ 42 B
64 B 63ms
58ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658085178/?random=1672135265340&cv=11&fst=1672135200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445316949&rmt_tld=0&ipr=y

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/658085178/ 42 B
64 B 220ms
105ms Image
image/gif 2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658085178/?random=1672135265340&cv=11&fst=1672135200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1445316949&rmt_tld=1&ipr=y

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2888537/ 148 B
322 B 112ms
34ms XHR
application/json 52.49.37.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2888537/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.352fddba5b21bbfc3a08.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-246.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5

Request headers

Referer: https://twocarcrash.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 27 Dec 2022 10:01:05 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 45ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=PageView&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&rl=&if=false&ts=1672135265885&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672135265884.2015561271&it=1672135265667&coo=false&exp=b2&rqm=GET

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Dec 2022 10:01:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame EB96 2 KB
2 KB 37ms
36ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 22 Dec 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 397257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Dec 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB96 15 KB
16 KB 207ms
29ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 24 Dec 2022 12:17:50 GMT
x-content-type-options: nosniff
age: 250996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 24 Dec 2023 12:17:50 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EB96 15 KB
15 KB 217ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 41987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame EB96 102 B
134 B 80ms
79ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=invisible&cb=n9bptglo69h4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 27 Dec 2022 10:01:06 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 0ADB 102 B
134 B 83ms
56ms Other
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&size=normal&cb=r8380qols2iq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Tue, 27 Dec 2022 10:01:06 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame AC4F 7 KB
1 KB 53ms
52ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0479e6c18cdc493fbe61159ce309e5e4ee70383d9a6b9185ec3ea28fcc9403ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cVH6Xql2AQFh9pMpoF8Wqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1116
content-security-policy: script-src 'report-sample' 'nonce-cVH6Xql2AQFh9pMpoF8Wqg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Dec 2022 10:01:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.facebook.com/tr/ 0
17 B 19ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=Microdata&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&rl=&if=false&ts=1672135266389&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld%22%2C%22meta%3Adescription%22%3A%22One%20original%2C%20hand%20made%2C%20ONE%20OF%20A%20KIND%20limited%20edition%20Astrobleme%20CD!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd33u8rw00328s3.cloudfront.net%2Fuser%2Fimages%2Fraffle%2F268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg%22%2C%22og%3Adescription%22%3A%22One%20original%2C%20hand%20made%2C%20ONE%20OF%20A%20KIND%20limited%20edition%20Astrobleme%20CD!%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22BetterWorld%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672135265884.2015561271&it=1672135265667&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Dec 2022 10:01:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame AC4F 52 KB
24 KB 36ms
35ms Stylesheet
text/css 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 23 Dec 2022 16:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322944
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Dec 2023 16:18:42 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/ Frame AC4F 407 KB
163 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=5qcenVbrhOy8zihcc2aHOWD4&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 09:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 166478
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Dec 2023 09:47:43 GMT

GET
H2 200 utils.js Show response
twocarcrash.betterworld.org/js/thirdparty/intl-tel-input/17.0.18/ 251 KB
57 KB 231ms
231ms Script
application/javascript 44.195.237.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://twocarcrash.betterworld.org/js/thirdparty/intl-tel-input/17.0.18/utils.js
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/js/bf801e0/7a0d2d82e9611e0733b6e1a14a68d098.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.195.237.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-195-237-61.compute-1.amazonaws.com
Software: Apache/2.4.54 () OpenSSL/1.0.2k-fips /
Resource Hash: d9cf1d29697518ffb44262d600404f74a8c62fcb921ce64862250253a28a5f3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:06 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 21:44:30 GMT
server: Apache/2.4.54 () OpenSSL/1.0.2k-fips
etag: "3eb9c-5efa8687b2b80-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57788
expires: Thu, 26 Jan 2023 10:01:06 GMT

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame 0C29 2 KB
2 KB 75ms
58ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7de8d62b8bba334fd16146381a60811e1160241ea61e0ba2240c09864e86493

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11282
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 78013687f98291ea-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.12900/html/fetcher.html&cfRay=78013687f98291ea&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Ftwocarcrash.betterworld.org%2F&cfenv=prod&pdt=2022-12-27&csp=ro
content-type: text/html; charset=utf-8
date: Tue, 27 Dec 2022 10:01:06 GMT
expires: Wed, 28 Dec 2022 10:01:06 GMT
last-modified: Tue, 22 Nov 2022 06:20:47 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
reporting-endpoints: default="https://exceptions.hubspot.com/csp/reports?cfRay=78013687f98291ea&resource=feedback-web-renderer-ui/static-1.12900/html/fetcher.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-id: inj-wdYOVUhZbc0MUAq34cGTzx3L-eYvK7k_rxnaOp_3AfU4BYUvng==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: PGNy0eqFnKKeVhso_67EPatemHhMh7Wm
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.12900/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
901 B 187ms
156ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3792703849&v=1.1&a=7187435&pu=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&t=Astrobleme+Limited+CD!+giveaway+supporting+Two+in+a+Car+Crash+%7C+BetterWorld&cts=1672135266532&vi=f2ea369ab9129eea7c66860375e15a3f&nc=true&u=224497285.f2ea369ab9129eea7c66860375e15a3f.1672135266529.1672135266529.1672135266529.1&b=224497285.1.1672135266529&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: cf86fa38-4935-486d-8b9d-2b5f7d6a7000
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8N2%2B4vbbWama6VfUXmAvlHruQqZwGSUJwOAFzJXnuUkcOTXupOIQEW6i29l9njFX%2B6C3tLHtLXq3TUImpp9jNWMuszyhsU%2FXUl7%2Fb3X9rxl%2BAsuiyhl6YY5bsSfO2ABhO6X%2BH60S1hqYajxZtosd"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 780136881a7590ef-FRA
x-robots-tag: none

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.12900/bundles/ Frame 0C29 16 KB
7 KB 70ms
35ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.12900/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47248aec836bb822e8cea0c9b9e04baec6a40e513d068c56181c24f06342c682

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 27 Dec 2022 10:01:06 GMT
x-amz-version-id: Zl0aC32xEw9ZB33FPu_nKhyZiF1su08r
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
age: 606803
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 22 Nov 2022 06:20:47 GMT
server: cloudflare
etag: W/"d03a04401a72b74ef6c2adfa00b24429"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1nS4xkDck3nmeRXulgiiodHmedmaAr7eEchTgyy7b%2BoVSOxYub7%2Fwtofri97nWkiBjeBRtpeNE%2BDGS2d%2BsEIVEUbvzNWPKSmtKYgS%2BlNRKPNUKMgbX6wjOXZ%2B%2Bo3%2B60iZMj4uXzlG6phDbX6NErt6p5UGk%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
cache-control: public, max-age=31536000
cf-ray: 780136889aa29205-FRA
x-amz-cf-id: 6O2ZMO3pM2sKVwWZRj53RMo086q3dE5c-IcGVqZ08A7mPrnp3EU8Jg==
expires: Wed, 27 Dec 2023 10:01:06 GMT

GET
H3 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame 0C29 36 B
824 B 143ms
132ms XHR
application/json 2606:4700::6811:c8cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=7187435&utk=f2ea369ab9129eea7c66860375e15a3f&bundleVersion=1.12900&currentUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&pageUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.12900/bundles/fetcher.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-HS-Referer: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Response headers

x-origin-hublet: na1
date: Tue, 27 Dec 2022 10:01:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c8db6330-71a2-412f-b0c0-e23ea02b4a25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
server: cloudflare
x-trace: 2B81BDB3183358DE192D588A1A895B5D777FE6B013000000000000000000
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dcZMOm%2BshqNYZGYTqftbxDO3CD57uky38s6DfsMC4uhhwFH6VpTo0BJBaH4Q%2FXtgmizBqSEkRqjfwlH1UIzEtVyHSck7Nye2ceP8uwvUu5gi0ew5a6Cah5L6FrJIoP40zx%2FSH0%2Fyumgnvdz%2FQmxYe8I%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
cf-ray: 78013689cd2e5c98-FRA
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 139ms
130ms Preflight
text/plain 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 78013688ef569250-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Tue, 27 Dec 2022 10:01:06 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=anIbtKX4OUgCOF2FYl4xoEosYI9ZNhqHmstqr%2BrxzhOXjnKqPI2xHlvy%2BOQw9MQU2j6iUeAgEmEuZglvtwIvv9g2DsMjrfc6Aroc1xvNw3bTEzf2d8FjeJWqyOBL1VPT94yn72XX8DiQeRPKCPV47SU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: f3aa92de-e6e9-480d-9fbd-a8dfbb0d333e
x-trace: 2B49A103211D682D09AAF1187DA0255046108BCD7F000000000000000000

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 104ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GS2WP6TV7Y&gtm=2oebu0&_p=744571759&cid=1946369911.1672135265&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672135265&sct=1&seg=0&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&dt=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&en=scroll&epn.percent_scrolled=90&_et=119
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://twocarcrash.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Dec 2022 10:01:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://twocarcrash.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betterworld.org/	1969-12-31 23:59:59	Name: BWSESSID Value: Osf7DUb7i9GmQCUlfoOu4TdSOIAuvbG6J1NMdIXV19u6a2FE2GSc3R5Rpgq2DW%2CPPgqW7zcuhAG1mUUhtFeyn-67CpMozEa7ibBumF%2Ce6DFceU3M4YPRJ4TSpNNRje8F
.betterworld.org/	1970-01-20 10:38:31	Name: _gcl_au Value: 1.1.734347710.1672135265
.betterworld.org/	1970-01-20 08:30:21	Name: _gid Value: GA1.2.1873724205.1672135265
.betterworld.org/	1970-01-20 08:28:55	Name: _gat Value: 1
.bing.com/	1970-01-20 17:50:31	Name: MUID Value: 27646DCCE92E6DFF2BBA7F4BE82E6C33
.betterworld.org/	1970-01-20 18:04:55	Name: _ga_GS2WP6TV7Y Value: GS1.1.1672135265.1.0.1672135265.60.0.0
.betterworld.org/	1970-01-20 18:04:55	Name: _ga Value: GA1.1.1946369911.1672135265
.linkedin.com/	1970-01-20 09:12:07	Name: UserMatchHistory Value: AQLKBOmUkqRYYQAAAYVTB0yx-L0gW2pNq0T61VoGYOglgi4kRrU1oCVL1dgf-6zrupFrB0Xv3uFcSw
.linkedin.com/	1970-01-20 09:12:07	Name: AnalyticsSyncHistory Value: AQIEvN1WqzsNiQAAAYVTB0yxjGlatQnqFTDug7zwOpXLMWLWsOK--6Rvf_-ryCz_qlw9s66sq0NJep8MegXLXg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:14:31	Name: bcookie Value: "v=2&cf8b6068-9cea-4e65-8ccd-331ccbf82b78"
.linkedin.com/	1970-01-20 08:30:21	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2456:u=1:x=1:i=1672135265:t=1672221665:v=2:sig=AQG_LDXrZmefBTEVk4PS6Ctd8KwKvV0V"
.doubleclick.net/	1970-01-20 08:28:56	Name: test_cookie Value: CheckForPermission
.betterworld.org/	1970-01-20 08:30:21	Name: _uetsid Value: 60c236f085cd11ed8796f16d30f99d88
.betterworld.org/	1970-01-20 17:50:31	Name: _uetvid Value: 60c25e2085cd11ed80887b32b13f6844
twocarcrash.betterworld.org/	1970-01-20 08:30:21	Name: ln_or Value: eyIzMTQ2Nzg1IjoiZCJ9
.betterworld.org/	1970-01-20 17:14:31	Name: _hjSessionUser_2888537 Value: eyJpZCI6IjVhMWI3NmJkLWJmZjctNThhZC05ODdiLTUzZTQ5YjY3YjFiNiIsImNyZWF0ZWQiOjE2NzIxMzUyNjU3NDQsImV4aXN0aW5nIjpmYWxzZX0=
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:14:31	Name: bscookie Value: "v=1&20221227100105c788d2ff-85b6-418d-8e7a-12ec0b61bf7cAQGW7wx7NN6CBL690dv7-2H3coniJRND"
.linkedin.com/	1970-01-20 12:48:07	Name: li_gc Value: MTswOzE2NzIxMzUyNjU7MjswMjEgKPPdoGjWfMObmWKj4OgSwkrobQUmh5G6/V7ZDSVjZQ==
.betterworld.org/	1970-01-20 08:28:57	Name: _hjFirstSeen Value: 1
twocarcrash.betterworld.org/	1970-01-20 08:28:55	Name: _hjIncludedInSessionSample Value: 0
.betterworld.org/	1970-01-20 08:28:57	Name: _hjSession_2888537 Value: eyJpZCI6ImE5Y2M4NGZiLTRhODQtNGQzYy04NjViLThhMDM0MzMzZTgzZCIsImNyZWF0ZWQiOjE2NzIxMzUyNjU4NTYsImluU2FtcGxlIjpmYWxzZX0=
twocarcrash.betterworld.org/	1970-01-20 08:28:55	Name: _hjIncludedInPageviewSample Value: 1
.betterworld.org/	1970-01-20 08:28:57	Name: _hjAbsoluteSessionInProgress Value: 0
.betterworld.org/	1970-01-20 10:38:31	Name: _fbp Value: fb.1.1672135265884.2015561271
.betterworld.org/	1970-01-20 12:48:07	Name: __hstc Value: 224497285.f2ea369ab9129eea7c66860375e15a3f.1672135266529.1672135266529.1672135266529.1
.betterworld.org/	1970-01-20 12:48:07	Name: hubspotutk Value: f2ea369ab9129eea7c66860375e15a3f
.betterworld.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.betterworld.org/	1970-01-20 08:28:57	Name: __hssc Value: 224497285.1.1672135266529
.hubspot.com/	1970-01-20 08:28:57	Name: __cf_bm Value: k.8WeE6TbBGeK0WjM0hsUEdMaERPvtjXWFNnfL8WgUw-1672135266-0-AZ3nTZ1JRQ6ryi7LjU84N00RWbW2SQ+0XWlQEjaQSnKBVpiEyn+fUWlQLwJBnHS+TUpYk0auB4AR/wTfAI7hXSg=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
assets.ubembed.com
bat.bing.com
betterworldcollective.s3.amazonaws.com
cdn.linkedin.oribi.io
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
d33u8rw00328s3.cloudfront.net
feedback.hubapi.com
fonts.gstatic.com
googleads.g.doubleclick.net
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspotfeedback.com
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
twocarcrash.betterworld.org
use.fortawesome.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.138.17.27
13.107.42.14
143.204.89.104
151.101.193.131
151.139.128.8
18.66.147.62
18.66.97.53
2001:4860:4802:34::36
2600:9000:223d:5000:2:53b2:240:93a1
2606:4700:4400::6812:21ab
2606:4700::6811:44b0
2606:4700::6811:73a2
2606:4700::6811:74b0
2606:4700::6811:7d2
2606:4700::6811:c8cc
2606:4700::6811:cbcc
2606:4700::6811:d2cc
2606:4700::6811:eccc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:800::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c03::9b
2a00:1450:400d:804::2003
2a02:26f0:3500:16::215:149b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
44.195.237.61
52.216.144.83
52.222.206.102
52.222.236.122
52.49.37.246
01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e
0479e6c18cdc493fbe61159ce309e5e4ee70383d9a6b9185ec3ea28fcc9403ae
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d5f8168bc410e3932fef2e777fae3e1eaec870ad3b2c70343c0b06e8004c83e
21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597
2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7
29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225
2c7eb0e9c6cdf07bc2fc2ad61236b17c81ede5b1ab120655d21dabb6e717f7ef
33286336448a69b53a7621b07e3e92fe0b39953797885481198c2929bd1e343a
334a6d48dbf977a8fbbfc672583baf269d13c3debeaa377e8c5a9cf292391ae0
3ba7a35f73cdc5e1764fddb79c56154c29618895d1ee9b1229701cc14d654176
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e5bf242130885c72841451f9b1cf9ee8a140f0a7fb2ae2ecf6d069729e8b949
3e6ef4f3484f029b4d1a989163d6bb29899184f008431adb932c43ff3543368a
44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4
47248aec836bb822e8cea0c9b9e04baec6a40e513d068c56181c24f06342c682
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5758670f814194545f26ae0334196329134083352ad9d0d21323e6857b2a2b50
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581
5e6d1ab74f8737e494eafd2331e4e0ff2b00caa90149da9a649fc2ef59254c14
60d186c27a2935eec71f314acbf580acd6c294352e0e27d9fe22b8ae60630340
67f239c69ed9835cafcd57316ac75c9baee6036723b04f1725958fd6fa4cd687
6854f4c75a55fe15be364f9b3b46d53bd2283ce6e519fc54b81e9eb6b6ad84b3
6a0264c41f41b045a8c048892c4fbfc0a59e8b285f91096f92041f3d01ca642d
6b4d7a1824603d78412c0989f551743312fdee030e6c13a99bccc98f471924c1
6c8b822ba2fa788a754e0a94055060c9c897dfb29538d92e04fd3f83d407bcb7
6d288c4e67d671a437d403944ee7a1d5e134d5f79b56d3fb2462c4cbc12121a4
7647724bcc7afde27000c02ce20b80535467b8f60f1330013a1ee3b575479a81
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1
7f8a5022df3199d1c0cfdc94abc6b80b1227adfbd5b36ebce0507a9e8a6df4e5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843615456abd5526b3efc939b0fbd04e2706ba305722de92ec8ca5142919964e
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
923f82635a75547c368b300c684da5f5f36164446310142d67c520c18d1b8f3d
925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f
9320f1e18bb511b63cbe99151324d16ca4c5884f9ba7748d68f37fd3a9504b55
98d8675bd0fd6577642437e6a0b5d825137f0e8a9e333cf53124ec88282bb1e8
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
9f0056ae81783764d9c0ccc7c77454c9003411c2b3313758de0347f5146f3bd8
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bf69244ea925c8d1dfc27ce793afc17ddd396595a9937fd115fe3ffb541a97d8
c99c2c926cebd699bb413cd25007a74a9d51a0425dac8c614138eb5813730d4b
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
d083f42e62e2cc921b96494ead8648138ac9329b7beffd4f2b163832dc6bf7f1
d7de8d62b8bba334fd16146381a60811e1160241ea61e0ba2240c09864e86493
d9cf1d29697518ffb44262d600404f74a8c62fcb921ce64862250253a28a5f3b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e0a958cd91fe95b388ce16f851311fb9d20dd819899bfb5a7ad3d1a1182acdde
e360cf8a79b07af341b4390511afaecde372e2649e3d48526cb2d61cbbe2fc6f
e386550f38a283d3da865fb999d10c6d0d402a91e857c34698a78a6116f280f6
e3a584411c3ffab07710bc60d0333b2a9090f6acd53eeb3a28fbd4b498711f1f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f003e95216927682f0670dca3117b6e66a2dc57f2efa375c3a46181dd71c0819
f100138cf28abcaac287d3bb245b80679c7ba9305591ed01b1055af5e7084f20
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

twocarcrash.betterworld.org Open in urlscan Pro 44.195.237.61 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

86 Requests

99 %HTTPS

69 %IPv6

28 Domains

41 Subdomains

39 IPs

4 Countries

2044 kBTransfer

5462 kBSize

31 Cookies

28 Outgoing links

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

twocarcrash.betterworld.org Open in urlscan Pro
44.195.237.61 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

99 %
HTTPS

69 %
IPv6

28
Domains

41
Subdomains

39
IPs

4
Countries

2044 kB
Transfer

5462 kB
Size

31
Cookies

86 HTTP transactions
2 data transactions