URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Submission: On June 18 via api from IE — Scanned from DE

Summary

This website contacted 41 IPs in 4 countries across 31 domains to perform 88 HTTP transactions. The main IP is 52.7.11.94, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is twocarcrash.betterworld.org.
TLS certificate: Issued by Amazon on June 7th 2022. Valid for: a year.
This is the only time twocarcrash.betterworld.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 52.7.11.94 14618 (AMAZON-AES)
1 108.157.4.82 16509 (AMAZON-02)
12 13.32.121.14 16509 (AMAZON-02)
1 52.222.206.102 16509 (AMAZON-02)
1 151.139.128.11 20446 (STACKPATH...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.217.80.140 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 108.157.4.118 16509 (AMAZON-02)
1 2a02:26f0:f7:... 20940 (AKAMAI-ASN1)
1 6 2620:1ec:c11:... 8068 (MICROSOFT...)
1 151.101.65.131 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.66 15169 (GOOGLE)
3 3 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 8068 (MICROSOFT...)
1 52.222.236.74 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
3 2620:1ec:27::... 8075 (MICROSOFT...)
1 151.139.128.8 20446 (STACKPATH...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 108.157.4.69 16509 (AMAZON-02)
1 18.66.139.84 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.19 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.184.204.244 8075 (MICROSOFT...)
1 2 20.234.93.27 8075 (MICROSOFT...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
88 41
Apex Domain
Subdomains
Transfer
16 betterworld.org
twocarcrash.betterworld.org
cdn2.betterworld.org
cdn0.betterworld.org — Cisco Umbrella Rank: 871876
cdn1.betterworld.org
440 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
683 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 9
46 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 595
n.clarity.ms — Cisco Umbrella Rank: 5740
c.clarity.ms — Cisco Umbrella Rank: 1161
28 KB
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 389
c.bing.com — Cisco Umbrella Rank: 229
13 KB
5 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 4847
app.hubspot.com — Cisco Umbrella Rank: 6586
track.hubspot.com — Cisco Umbrella Rank: 2521
6 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
www.linkedin.com — Cisco Umbrella Rank: 527
px4.ads.linkedin.com — Cisco Umbrella Rank: 5965
3 KB
3 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 4059
feedback.hubapi.com — Cisco Umbrella Rank: 29054
2 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 677
script.hotjar.com — Cisco Umbrella Rank: 992
vars.hotjar.com — Cisco Umbrella Rank: 1037
67 KB
2 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 7833
100 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 91
500 B
2 google.de
www.google.de — Cisco Umbrella Rank: 5111
565 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
2 KB
2 ubembed.com
ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
assets.ubembed.com — Cisco Umbrella Rank: 11171
48 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 158
109 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
2 amazonaws.com
betterworldcollective.s3.amazonaws.com
52 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
125 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2428
258 B
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2412
16 KB
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3802
3 KB
1 hubspotfeedback.com
js.hubspotfeedback.com — Cisco Umbrella Rank: 20446
10 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2406
20 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5441
21 KB
1 fortawesome.com
use.fortawesome.com — Cisco Umbrella Rank: 21689
27 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 133
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 953
3 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1423
38 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2665
1 KB
1 fonticons.com
use.fonticons.com — Cisco Umbrella Rank: 89766
4 KB
1 cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
3 KB
88 31
Domain Requested by
8 www.gstatic.com www.google.com
www.gstatic.com
8 www.google.com twocarcrash.betterworld.org
www.gstatic.com
www.google.com
8 cdn0.betterworld.org twocarcrash.betterworld.org
5 bat.bing.com twocarcrash.betterworld.org
bat.bing.com
4 cdn1.betterworld.org twocarcrash.betterworld.org
3 api.hubspot.com js.usemessages.com
app.hubspot.com
3 www.clarity.ms bat.bing.com
www.clarity.ms
3 twocarcrash.betterworld.org twocarcrash.betterworld.org
cdn1.betterworld.org
2 feedback.hubapi.com static.hsappstatic.net
2 static.hsappstatic.net app.hubspot.com
2 c.clarity.ms 1 redirects
2 n.clarity.ms www.clarity.ms
2 fonts.gstatic.com www.google.com
2 www.facebook.com twocarcrash.betterworld.org
2 www.google.de twocarcrash.betterworld.org
2 px.ads.linkedin.com 2 redirects
2 connect.facebook.net twocarcrash.betterworld.org
connect.facebook.net
2 www.google-analytics.com twocarcrash.betterworld.org
2 betterworldcollective.s3.amazonaws.com cdn2.betterworld.org
2 www.googletagmanager.com twocarcrash.betterworld.org
www.googletagmanager.com
1 api.hubapi.com js.hsadspixel.net
1 track.hubspot.com
1 app.hubspot.com js.hubspotfeedback.com
1 c.bing.com 1 redirects
1 vc.hotjar.io script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 assets.ubembed.com ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hsadspixel.net js.hs-scripts.com
1 js.hubspotfeedback.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 use.fortawesome.com use.fonticons.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com twocarcrash.betterworld.org
1 www.linkedin.com 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com www.googletagmanager.com
1 snap.licdn.com twocarcrash.betterworld.org
1 static.hotjar.com www.googletagmanager.com
1 www.googleoptimize.com www.googletagmanager.com
1 js.hs-scripts.com twocarcrash.betterworld.org
1 use.fonticons.com twocarcrash.betterworld.org
1 d2wy8f7a9ursnm.cloudfront.net twocarcrash.betterworld.org
1 cdn2.betterworld.org twocarcrash.betterworld.org
88 47
Subject Issuer Validity Valid
betterworld.org
Amazon
2022-06-07 -
2023-07-06
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
use.fonticons.com
DigiCert TLS RSA SHA256 2020 CA1
2021-12-01 -
2023-01-01
a year crt.sh
www.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.s3.amazonaws.com
Amazon
2021-12-15 -
2022-12-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-03-27 -
2022-06-25
3 months crt.sh
*.hotjar.com
Amazon
2021-11-25 -
2022-12-23
a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2022-01-04 -
2023-02-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
www.google.de
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.google.de
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
assets.ubembed.com
Amazon
2022-02-04 -
2023-03-05
a year crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2022-03-08 -
2023-03-07
a year crt.sh
*.hotjar.io
Amazon
2021-08-17 -
2022-09-15
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2022-05-07 -
2023-05-07
a year crt.sh
hsappstatic.net
Cloudflare Inc ECC CA-3
2022-05-10 -
2023-05-10
a year crt.sh

This page contains 7 frames:

Primary Page: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Frame ID: 1E29047C13239FA6C974D52CAEAFFB7E
Requests: 68 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Frame ID: 79AAC668E7C4785C9A23159725AD9862
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: DE008AB547E26B99150CB3A3F6639847
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
Frame ID: 3630E5EA5A5F1DEF86FC1764A7861F9E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Frame ID: CB2258836068FF3CAAA1767128AFDFF3
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 536AFD7D42EB54A1C8E93B34F7A8D76C
Requests: 4 HTTP requests in this frame

Frame: https://api.hubspot.com/cors-preflight-iframe/
Frame ID: 596867D9B28969D0785D1E9AABAF3CD1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Astrobleme Limited CD! giveaway supporting Two in a Car Crash | BetterWorld

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

88
Requests

98 %
HTTPS

59 %
IPv6

31
Domains

47
Subdomains

41
IPs

4
Countries

1928 kB
Transfer

5121 kB
Size

36
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1655524824492%26url%3Dhttps%253A%252F%252Ftwocarcrash.betterworld.org%252Fgiveaways%252Fastrobleme-limited-cd%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQIpm8islCKVygAAAYF0-BeFXGNF7m1onbfYHZ0L_zl_L9Z2JnG0bZ_kca1YSsUuGAnn1_DNfkoRxV8AW9IiFcI7VLJ7yQ
Request Chain 79
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&RedC=c.clarity.ms&MXFR=3331A4C2E3E36C3C23D5B505E7E3622A HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&MUID=196F2270719461260FFA33B770FF60B0

88 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request astrobleme-limited-cd
twocarcrash.betterworld.org/giveaways/
26 KB
8 KB
Document
General
Full URL
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.11.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-11-94.compute-1.amazonaws.com
Software
Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash
aede3017059a6726452e66de4608bb7eb4e43061cbcff7292155cb0c38ae7941
Security Headers
Name Value
X-Frame-Options deny

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate, no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 18 Jun 2022 04:00:24 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
Apache/2.4.53 () OpenSSL/1.0.2k-fips
vary
Accept-Encoding
x-frame-options
deny
frontend.css
cdn2.betterworld.org/css/e4d5f0d/
454 KB
156 KB
Stylesheet
General
Full URL
https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-82.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47696066df8962ecbf49085eeda42c40a8700d1afde00192f8f225a606fe8263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 17:29:19 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 15 Jun 2022 17:28:31 GMT
Server
AmazonS3
Age
210666
ETag
"07ab901b6d5d2b0196768891087d8f75"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
DUS51-P2
Accept-Ranges
bytes
Content-Length
159653
X-Amz-Cf-Id
O7DZgk1P-VV9vIwmj4tUVqQ36-IA7RqLWYe3QmXUsn5KaeHJ1zavTA==
wordmark.svg
cdn0.betterworld.org/images/brand/
34 KB
35 KB
Image
General
Full URL
https://cdn0.betterworld.org/images/brand/wordmark.svg
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 27 May 2022 03:39:39 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 26 May 2022 19:52:58 GMT
Server
AmazonS3
Age
1902046
ETag
"b90d17a9c7961df823b9f953933a34d4"
X-Cache
Hit from cloudfront
Content-Type
image/svg+xml
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
34884
X-Amz-Cf-Id
YJQz26ZvG6t_W3Fou3pNgrE8HSkmHSEuYUp8LYiqPXMLwvE5P0wN3w==
default-org-logo.png
twocarcrash.betterworld.org/images/logos/
886 B
1 KB
Image
General
Full URL
https://twocarcrash.betterworld.org/images/logos/default-org-logo.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.11.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-11-94.compute-1.amazonaws.com
Software
Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash
b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
last-modified
Wed, 15 Jun 2022 17:28:24 GMT
server
Apache/2.4.53 () OpenSSL/1.0.2k-fips
etag
"376-5e17fd9291e00"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
886
expires
Mon, 18 Jul 2022 04:00:24 GMT
facebook.png
cdn0.betterworld.org/images/icons/social/tiles/
466 B
971 B
Image
General
Full URL
https://cdn0.betterworld.org/images/icons/social/tiles/facebook.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 04 Jun 2022 15:00:54 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 01 Jun 2022 12:48:49 GMT
Server
AmazonS3
Age
1169971
ETag
"aa576fca66ec02d2408fc2127fa71913"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
466
X-Amz-Cf-Id
WlFql6FtI8ve-iQ2Yp5WKcs94UXlGl9WzPFqUpHWsDTe_a-JBbKFEg==
twitter.png
cdn0.betterworld.org/images/icons/social/tiles/
775 B
1 KB
Image
General
Full URL
https://cdn0.betterworld.org/images/icons/social/tiles/twitter.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 30 May 2022 08:47:20 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Fri, 27 May 2022 21:09:07 GMT
Server
AmazonS3
Age
1624384
ETag
"9413848f672dba3937857243d27399ca"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
775
X-Amz-Cf-Id
Omsu5xsVs_B0c2CpQVC7fI97K0WH0ALjPbofJInFp8PA6SsTkdq7Cw==
whatsapp.png
cdn0.betterworld.org/images/icons/social/tiles/
1 KB
2 KB
Image
General
Full URL
https://cdn0.betterworld.org/images/icons/social/tiles/whatsapp.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 15:20:49 GMT
Via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 01 Jun 2022 12:48:49 GMT
Server
AmazonS3
Age
1082376
ETag
"5abb67522bc243d7c42e833d3cd8cc76"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
1341
X-Amz-Cf-Id
kRiftj07jPRUTjGAKxzBjKy_GTdIaSW3f4hauxEK_zDdu5hYWunOxg==
email.png
cdn0.betterworld.org/images/icons/social/tiles/
2 KB
2 KB
Image
General
Full URL
https://cdn0.betterworld.org/images/icons/social/tiles/email.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Fri, 03 Jun 2022 00:35:13 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 01 Jun 2022 12:48:49 GMT
Server
AmazonS3
Age
1308312
ETag
"9c324ec5e8ace818bcc74b7f8303004d"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
2000
X-Amz-Cf-Id
jzTsZchf3MWHcHQo64e8nRL-RsXTA_WfKAYtsm3AYRf96NlbFGZ2Sg==
268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg
cdn0.betterworld.org/user/images/raffle/
28 KB
28 KB
Image
General
Full URL
https://cdn0.betterworld.org/user/images/raffle/268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
843615456abd5526b3efc939b0fbd04e2706ba305722de92ec8ca5142919964e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:00:25 GMT
Via
1.1 11a78ce92a548aac13fb6ee545aff014.cloudfront.net (CloudFront)
Last-Modified
Sat, 18 Jun 2022 02:52:30 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P1
ETag
"d5fa78b65779ec04b60aa410427f535b"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28403
X-Amz-Cf-Id
s3e5ZELbOHUQhWZaBrfOBGIHuZtqa_-2H-NuvX0_0p4JnQzdLBltVw==
268830-62ad3ded2df45-ba59785f67469d3e873a-145.jpg
cdn0.betterworld.org/user/images/raffle/
4 KB
5 KB
Image
General
Full URL
https://cdn0.betterworld.org/user/images/raffle/268830-62ad3ded2df45-ba59785f67469d3e873a-145.jpg
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d8675bd0fd6577642437e6a0b5d825137f0e8a9e333cf53124ec88282bb1e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:00:25 GMT
Via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront)
Last-Modified
Sat, 18 Jun 2022 02:52:31 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P1
ETag
"ef1838e762a1c90940c8fb32992eb81c"
X-Cache
Miss from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4284
X-Amz-Cf-Id
ZVqhRZzxVwaFi03CcMQvScDJxC9PsuXzI3cvym-JY5gwRK3hXe5DIA==
bw-white-64.png
cdn0.betterworld.org/images/brand/
1 KB
2 KB
Image
General
Full URL
https://cdn0.betterworld.org/images/brand/bw-white-64.png
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 18 May 2022 13:13:45 GMT
Via
1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 17 May 2022 20:32:32 GMT
Server
AmazonS3
Age
2645200
ETag
"fabc01ec04aadbdf899735f9c36e2021"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
1280
X-Amz-Cf-Id
AMW2_bnFL3Vruf16smnRDuGhj6sFiV3anOOY2-bpajaDUQAfTiNKDg==
jquery.min.gz.js
cdn1.betterworld.org/js/0/jquery/2.0.3/
82 KB
29 KB
Script
General
Full URL
https://cdn1.betterworld.org/js/0/jquery/2.0.3/jquery.min.gz.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 19 May 2022 07:10:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 02 Aug 2015 18:18:38 GMT
Server
AmazonS3
Age
2580592
ETag
"2dddd0d496fe5c68ba77b0bca5cbeeb9"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront)
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
29148
X-Amz-Cf-Id
GhYk2K5uFpndZRhOsKMTRE4iltnCPLWnH95fPNWjWfoVIdkxJZYaCg==
bootstrap.min.gz.js
cdn1.betterworld.org/js/0/bootstrap/3.2.0/
31 KB
9 KB
Script
General
Full URL
https://cdn1.betterworld.org/js/0/bootstrap/3.2.0/bootstrap.min.gz.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Mon, 11 Apr 2022 04:30:17 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 02 Aug 2015 18:22:58 GMT
Server
AmazonS3
Age
5873408
ETag
"f251f95e02359d8a7763c422d08a5377"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
8532
X-Amz-Cf-Id
LUJggImBKHUf9yuSMZyUdaSHq6wC861RJus2Ywo_f9ENnGmv5etHuw==
bugsnag-2.min.js
d2wy8f7a9ursnm.cloudfront.net/
6 KB
3 KB
Script
General
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.206.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-206-102.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 23:48:28 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 10 Aug 2016 00:30:49 GMT
Server
AmazonS3
Age
447117
ETag
"6103bb5e4ec6141e19e1100caafc780c"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
Cache-Control
public, max-age=604800
X-Amz-Cf-Pop
FRA56-P3
Accept-Ranges
bytes
Content-Length
2962
X-Amz-Cf-Id
eAr82Pn1A_242HR5b6aUtSwkXlEmNsYRoSc_vB5In4cYynYF94iw1A==
13854182.js
use.fonticons.com/
10 KB
4 KB
Script
General
Full URL
https://use.fonticons.com/13854182.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 17:18:17 GMT
etag
"0bfb2071b9c8f025ec6da9fb2ef974c7"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1655524824.cds001.lo4.hn,1655524824.cds268.lo4.sc,1655524824.cds268.lo4.pr
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=60, private, must-revalidate
accept-ranges
bytes
content-length
3989
api.js
www.google.com/recaptcha/
884 B
995 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
582
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 04:00:24 GMT
7187435.js
js.hs-scripts.com/
2 KB
1 KB
Script
General
Full URL
https://js.hs-scripts.com/7187435.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37deec7ab88a543fdcb643c2e562a8cb633e7c78a35bcd8a8a9962535edd43ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
EXPIRED
x-hubspot-correlation-id
de40a867-2194-4ad5-bf0f-a686ae91a03e
last-modified
Sat, 18 Jun 2022 03:38:08 GMT
server
cloudflare
x-trace
2BC1FC8D6557A6DC80B58FD5DF88A793B265722637000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://twocarcrash.betterworld.org
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
71d11e28396d01f0-ZRH
expires
Sat, 18 Jun 2022 04:01:24 GMT
a5f2c5fda8f5f580403ef1345128c086.js
cdn1.betterworld.org/js/e4d5f0d/
337 KB
99 KB
Script
General
Full URL
https://cdn1.betterworld.org/js/e4d5f0d/a5f2c5fda8f5f580403ef1345128c086.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
384d5912b1974f290d6692722e2bb42556ee968853dccd73bd5d03ef4999deaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 17:29:20 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 15 Jun 2022 17:27:39 GMT
Server
AmazonS3
Age
210665
ETag
"9c69149a457f5450d4bcbf45608301ac"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
100697
X-Amz-Cf-Id
VH9dcnj68LF_IJ4PWVg0xylq3vS8wa8Dltgxd9BtLdQ5yEeySdSUkg==
2039559a54094dc4ea3acacb2350366c.js
cdn1.betterworld.org/js/e4d5f0d/
22 KB
8 KB
Script
General
Full URL
https://cdn1.betterworld.org/js/e4d5f0d/2039559a54094dc4ea3acacb2350366c.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-14.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc64a5199c14793bcc5f48281ebe83483b6cb42748b9b6e90b0abb16831b1aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Wed, 15 Jun 2022 17:36:15 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 15 Jun 2022 17:27:38 GMT
Server
AmazonS3
Age
210250
ETag
"566fdace8eec9cb33f3a8bd5c4148c0f"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
Cache-Control
max-age=94608000, public
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
7146
X-Amz-Cf-Id
9V1oB0OQnOaRUWPHp7bDDzwo9-SpeAUISFcszWoOZ48AKE7dsO55UA==
gtm.js
www.googletagmanager.com/
191 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8ada49adc52e807d4bed7f52225353ffa163e43c2fb692af71b74faa6114f005
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69427
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 04:00:24 GMT
verb-light.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/
27 KB
28 KB
Font
General
Full URL
https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-light.woff2
Requested by
Host: cdn2.betterworld.org
URL: https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.80.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f

Request headers

Referer
https://cdn2.betterworld.org/
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:00:25 GMT
Last-Modified
Fri, 30 Oct 2020 00:34:50 GMT
Server
AmazonS3
x-amz-request-id
SAPR9002ANG6TAK4
ETag
"1182fcf93f71ae6d6427c67b61a18865"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=94608000, public
Accept-Ranges
bytes
Content-Length
27960
x-amz-id-2
WSPa7ORoNG3pxpRXFO2LmtwgT/FiKFyaZNBKbtWP/S12ig70JzpwK2nO7QJPU2VHB3tbtnVWnyE=
verb-semibold.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/
24 KB
25 KB
Font
General
Full URL
https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-semibold.woff2
Requested by
Host: cdn2.betterworld.org
URL: https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.80.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597

Request headers

Referer
https://cdn2.betterworld.org/
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 04:00:25 GMT
Last-Modified
Fri, 30 Oct 2020 00:34:11 GMT
Server
AmazonS3
x-amz-request-id
SAPJSZJ3828E1V3C
ETag
"30c9ed1daa069984ec816e2e481afb16"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, HEAD
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Cache-Control
max-age=94608000, public
Accept-Ranges
bytes
Content-Length
24584
x-amz-id-2
dlB1cruBh45E9PtyFVefmnTy7/AHmsCrc07RDJyxRwurFrdkChVBrZbq+umWpjPwEXYXUdw9oxk=
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3335
date
Sat, 18 Jun 2022 03:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 18 Jun 2022 05:04:49 GMT
optimize.js
www.googleoptimize.com/
97 KB
38 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-T4QPHS7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4768ee487c1ad9dda08214bc87020b42b5150074f7c831e437d165daef083118
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38746
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 04:00:24 GMT
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
vdh/mk0FRd80MILJ0+UG9QQnFQzmKgzSNIU5wmwT3noS25XfoPIbfhRZVQtPXYfyCJthNlWo6aEl656vvAQhiQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 18 Jun 2022 04:00:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-2888537.js
static.hotjar.com/c/
4 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2888537.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-118.dus51.r.cloudfront.net
Software
/
Resource Hash
1adca5c086d26d5cfcf239c5c28778c1a9c65aa174ae482c71c11d252bb16eba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
DUS51-P2
etag
W/65d706f05e28abfb1403394d8a89abc0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
epgKfPYYIwEXI68Zqb8CKXWHkx-8rBLHmBWd_G8FLYtxdE-oxX87xg==
via
1.1 672ccfdef8d96b8bfc26646386cb4488.cloudfront.net (CloudFront)
js
www.googletagmanager.com/gtag/
154 KB
57 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-658085178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
406b8e3e0899404b0abf6655875bb32901477fa51375498b92f85048d2cd91ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58285
x-xss-protection
0
last-modified
Sat, 18 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Jun 2022 04:00:24 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f7::5c7b:e024 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
662
Date
Sat, 18 Jun 2022 04:00:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
0
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=75142
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
bat.js
bat.bing.com/
38 KB
12 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 18:22:08 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EA30F803EBD144388A4AF4E087A269BB Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:24Z
etag
"0c8eafcad81d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Sat, 18 Jun 2022 04:00:23 GMT
accept-ranges
bytes
content-length
11360
/
ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
489 B
764 B
Script
General
Full URL
https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f785182c37dd118034ac5891bff03d3fec6ec60d63d8d6609cebafe35a86ec0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
x-backend-region
eu_west_1
age
0
etag
W/2617e7e791c425aeb97efbd51bde8407-v0.179.2
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA56-C1
accept-ranges
none
x-amz-apigw-id
T5kZ3H4pDoEFacQ=
collect
stats.g.doubleclick.net/j/
4 B
450 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43911805-1&cid=975520532.1655524824&jid=782185628&gjid=1825221096&_gid=1447782290.1655524824&_u=IGBAgEABQAAAAE~&z=756760542
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://twocarcrash.betterworld.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 18 Jun 2022 04:00:24 GMT
content-type
text/plain
access-control-allow-origin
https://twocarcrash.betterworld.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=908750260&t=pageview&_s=1&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&ul=en-us&de=UTF-8&dt=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABQ~&jid=782185628&gjid=1825221096&cid=975520532.1655524824&tid=UA-43911805-1&_gid=1447782290.1655524824&z=392272308
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 00:25:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
763472054393761
connect.facebook.net/signals/config/
288 KB
83 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/763472054393761?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6d9958ada554a859765b3d8821e4cf5b91bf63a669c46d3f1f5fe4e78319892b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
RKKFGVRlY3di8bPrJsfI/fouHZfb3qLBye7NDLhPT4Ihor23ltKEY4q/4+EfVvMymoy/PzL8N2+Xh2JbXtmH+A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 18 Jun 2022 04:00:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1655524824580
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
39 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658085178
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15000
x-xss-protection
0
server
cafe
etag
6069194915506431635
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 18 Jun 2022 04:00:24 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1655524824492%26url%3Dhttps%253A%252F%252Ftwocarcrash.betterworl...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQIpm8islCKVygAAA...
0
265 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQIpm8islCKVygAAAYF0-BeFXGNF7m1onbfYHZ0L_zl_L9Z2JnG0bZ_kca1YSsUuGAnn1_DNfkoRxV8AW9IiFcI7VLJ7yQ
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 534C105A1C364474A4C7083EB03D75B4 Ref B: FRAEDGE1319 Ref C: 2022-06-18T04:00:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhsOkewGFG8F1qLkqwbA==
x-li-fabric
prod-ltx1

Redirect headers

date
Sat, 18 Jun 2022 04:00:24 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 5C530AAF8363470A804095A094B70055 Ref B: FRAEDGE1519 Ref C: 2022-06-18T04:00:24Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1655524824492&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&liSync=true&e_ipv6=AQIpm8islCKVygAAAYF0-BeFXGNF7m1onbfYHZ0L_zl_L9Z2JnG0bZ_kca1YSsUuGAnn1_DNfkoRxV8AW9IiFcI7VLJ7yQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhsOkbt/PXeu/NEMpZng==
modules.b871a939666125f20d79.js
script.hotjar.com/
243 KB
63 KB
Script
General
Full URL
https://script.hotjar.com/modules.b871a939666125f20d79.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-74.fra56.r.cloudfront.net
Software
/
Resource Hash
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 08:52:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
760098
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
64109
access-control-allow-origin
*
last-modified
Thu, 09 Jun 2022 08:51:29 GMT
etag
"a7a5f230aae7accf37f785c6590c07fa"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P4
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
sxjOKI7Wp8Hcu4evmBbT48sHz3ZtDnX5488cO9QjkCokm2Wf2hzPrA==
56384066.js
bat.bing.com/p/action/
219 B
476 B
Script
General
Full URL
https://bat.bing.com/p/action/56384066.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
dded384242e4090c76ad8a8afb117bfd1727bc92e690c9852013b80814115c28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 861BD378DFF04368A21A0705F7BB80FC Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:24Z
date
Sat, 18 Jun 2022 04:00:24 GMT
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
content-length
301
137001031.js
bat.bing.com/p/action/
220 B
459 B
Script
General
Full URL
https://bat.bing.com/p/action/137001031.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
dd805b1fdc5a32a09fdb1712170164efbda79aac17d24eb443373fb4f54cd737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E78EC02F6C0740ACA6E3E4429E84B2B9 Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:24Z
x-powered-by
ARR/3.0
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private,max-age=60
date
Sat, 18 Jun 2022 04:00:24 GMT
content-length
301
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=975520532.1655524824&jid=782185628&_u=IGBAgEABQAAAAE~&z=1817623386
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=975520532.1655524824&jid=782185628&_u=IGBAgEABQAAAAE~&z=1817623386
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/
2 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/?random=1655524824560&cv=9&fst=1655524824560&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e3efa85ba4c0d925f44af731f0eb1d15c21780bf540ac624935bb3a84fcd0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1099
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
409 B
Image
General
Full URL
https://www.facebook.com/tr/?id=763472054393761&ev=PageView&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&rl=&if=false&ts=1655524824610&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1655524824609.1124849411&it=1655524824464&coo=false&exp=p1&rqm=GET
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sat, 18 Jun 2022 04:00:24 GMT
/
www.google.com/pagead/1p-user-list/658085178/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/658085178/?random=1655524824560&cv=9&fst=1655524800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=4093178668&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/658085178/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/658085178/?random=1655524824560&cv=9&fst=1655524800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&tiba=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=4093178668&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
56384066
www.clarity.ms/tag/uet/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/56384066
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/56384066.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2db61c9ef30492bb87583c0e0630c10abb7271f6d0ea74f20f155d3b82d7215f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
x-powered-by
ASP.NET
x-azure-ref
02E2tYgAAAABF8u4V989kR5EtZupDow4cVExWMzBFREdFMDIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
content-length
1641
expires
-1
137001031
www.clarity.ms/tag/uet/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/uet/137001031
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137001031.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5e015878de60f31378b1f41c6a57c6d4e5caa0ee71fbde6754ba807599651686

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
x-powered-by
ASP.NET
x-azure-ref
02E2tYgAAAACK8l3pwowGT6yfcfS26c+OVExWMzBFREdFMDIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length
1544
expires
-1
truncated
/
220 B
220 B
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Referer
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
application/font-woff2
woff2.css
use.fortawesome.com/kits/13854182/publications/115659/
42 KB
27 KB
Stylesheet
General
Full URL
https://use.fortawesome.com/kits/13854182/publications/115659/woff2.css
Requested by
Host: use.fonticons.com
URL: https://use.fonticons.com/13854182.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 17:18:17 GMT
etag
"d318f50ab6db8e3094db9a3f99338920"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1655524824.cds211.lo4.hn,1655524824.cds282.lo4.sc,1655524825.cds282.lo4.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
27423
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://twocarcrash.betterworld.org/
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:56:49 GMT
0
bat.bing.com/action/
0
175 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=56384066&Ver=2&mid=020e56c0-4f04-4ed9-8e56-7310d189a5f8&sid=2e7d3ae0eebb11ec89dae712a2377c3f&vid=2e7d3e90eebb11ecb8b1773c7d5827cd&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&p=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&r=&lt=1010&evt=pageLoad&msclkid=N&sv=1&rn=127520
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 497A0058CE374CDABAA580D66AA7EE25 Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:24Z
date
Sat, 18 Jun 2022 04:00:24 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
120 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=137001031&Ver=2&mid=8048f322-9c76-4143-8399-1bc37d24f787&sid=2e7d3ae0eebb11ec89dae712a2377c3f&vid=2e7d3e90eebb11ecb8b1773c7d5827cd&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld&p=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&r=&lt=1010&evt=pageLoad&msclkid=N&sv=1&rn=720316
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 807EAF563E6E49518DD3330DE35F7AE5 Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:24Z
date
Sat, 18 Jun 2022 04:00:24 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversations-embed.js
js.usemessages.com/
72 KB
21 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:edcc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
via
1.1 76cd2de9f0213e8c76093c6b346e8118.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
13
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10231/bundles/project.js&cfRay=71d11dd6facecc36-ZRH
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 13 Jun 2022 04:26:28 UTC
server
cloudflare
etag
W/"d0b8bb93285841cdfb13313435e2d467"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
vc1SRxdlKcOgNfVcksJ2KUyWlsnYWj5h
cache-control
max-age=600
x-hs-cache-status
EXPIRED
x-amz-cf-pop
IAD89-P1
cf-ray
71d11e2b4a1e0221-ZRH
x-amz-cf-id
y6mvUQOyZIgxuxpP7mMavqP788yPLrusXt9HV-fRabS0L9s_hGHuNA==
x-hs-target-asset
conversations-embed/static-1.10231/bundles/project.js
7187435.js
js.hs-analytics.net/analytics/1655524800000/
62 KB
20 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1655524800000/7187435.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
cf-cache-status
MISS
x-amz-request-id
SAPR2SR8P64M5T37
x-amz-server-side-encryption
AES256
cf-ray
71d11e2b3a12020d-ZRH
x-amz-id-2
7oQkEphxhBEtmkJL0poEHQ8X2c3CHIBK2tU634WBApTPs1o6hid9NHyFIJZPhTaWd4TTkZ/xFEw=
last-modified
Tue, 14 Jun 2022 15:42:52 GMT
server
cloudflare
etag
W/"902cb3d6c08caa88250ea1dfc2805ed5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
max-age=300, public
access-control-allow-credentials
false
content-type
text/javascript
expires
Sat, 18 Jun 2022 04:05:24 GMT
feedbackweb-new.js
js.hubspotfeedback.com/
28 KB
10 KB
Script
General
Full URL
https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:71a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76

Request headers

Referer
https://twocarcrash.betterworld.org/
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
via
1.1 5e1f849553b1d58615d0d8f7c044078e.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
MISS
x-amz-cf-pop
IAD89-P1
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js&cfRay=71d11e2b49e00211-ZRH
x-cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
content-encoding
br
cf-ray
71d11e2b49e00211-ZRH
last-modified
Mon, 13 Jun 2022 03:24:27 UTC
server
cloudflare
etag
W/"19b25ddc87359648ff4cdc439eebaba5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
F9QmPMFhhfHpkU3M8pfRSsRzzlgUp21d
access-control-allow-origin
*
cache-control
max-age=600
x-hs-cache-status
MISS
content-type
application/javascript; charset=utf-8
x-amz-cf-id
jh48t7rbNyKYiqXd40HNRHeDikm6k_s_Yarz6jtoV1gkD6YvIV4hHQ==
x-hs-target-asset
feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js
fb.js
js.hsadspixel.net/
5 KB
3 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
via
1.1 5630c5d6ce3870273aaf2ed5fe6c2f14.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
486
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.280/bundles/pixels-release.js&cfRay=71d112482a76cc4e-ZRH
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
last-modified
Mon, 23 May 2022 07:52:59 UTC
server
cloudflare
etag
W/"b2851680cfd5ddf0808f77f92bc6969d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
LETuWsZMnftQGCDTSmAdJHQ8_upu6cZ6
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-P1
cf-ray
71d11e2b4e0d0208-ZRH
x-amz-cf-id
Jd_HhRFDYyjkjGNZh2j7YqGm5px9klfC4bOAwrsY4HBm2nw6JGUOPA==
x-hs-target-asset
adsscriptloaderstatic/static-1.280/bundles/pixels-release.js
7187435.js
js.hs-banner.com/
59 KB
16 KB
Script
General
Full URL
https://js.hs-banner.com/7187435.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
BQVT5KKJZZ0ZR1KN
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
8eexrAzmHAjEIlxwsiQbQAFCsCQ6RiQ5GnN3H3A10NxMQceOJjdqSlxE8DOfw64zRQaLfmkjHHU=
timing-allow-origin
*
last-modified
Fri, 03 Jun 2022 14:15:35 GMT
server
cloudflare
etag
W/"49f925a07c505ba01f1f8180c44e0d6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
HPt8KUZgkGtrFDaLP2QypS._hCgwdOY_
access-control-allow-origin
https://claudiacampazzo.betterworld.org
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-ray
71d11e2b491901f8-ZRH
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Sat, 18 Jun 2022 04:05:25 GMT
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/
174 KB
48 KB
Script
General
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by
Host: ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-69.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 17:08:16 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 16:31:05 GMT
server
AmazonS3
age
6346329
etag
W/"359008fe01078c59c66e034866170bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
ggPI9uujqQqlHUIETXDYbOnfeDdA11dQnsjsjp7tLZyg3YBBNh1AbA==
anchor
www.google.com/recaptcha/api2/ Frame 79AA
42 KB
21 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
25733947c6acd0b172903313e2e44583a623b4edd18769906331e1560768b089
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mL-4w1eNDm7Tf3NzfQXMaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21957
content-security-policy
script-src 'report-sample' 'nonce-mL-4w1eNDm7Tf3NzfQXMaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:00:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame DE00
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-139-84.fra60.r.cloudfront.net
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Request headers

Referer
https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1542378
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 31 May 2022 07:34:06 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Tue, 31 May 2022 07:33:23 GMT
vary
Accept-Encoding
via
1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-cf-id
x4lajGb2EnZIAbRWz2DULVqc2x31jI2Ld5UoVKKNDe8EkOmDD_MT5A==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
public
api.hubspot.com/livechat-public/v1/message/
301 B
1 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7187435&conversations-embed=static-1.10231&mobile=false&messagesUtk=80a348aed580476caf3ec68f7d24440c&traceId=80a348aed580476caf3ec68f7d24440c
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b4d7a1824603d78412c0989f551743312fdee030e6c13a99bccc98f471924c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Referer
https://twocarcrash.betterworld.org/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
7c874006-6ccc-4abf-9fdb-d5c92cc7f683
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
236
server
cloudflare
x-trace
2B20E5259B22D37F4B69540BEC0CAECA860C57BA6F000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7on6uYq7z30XNw8JqhGYPa0Tq7gMENlANJG1zfgEclYWnTPKsvu8t3fwHuzN7WRuoG%2B4FAwViuDFsGc7nhDgB%2Bu3oFjiO4PUm4A3CTvff85OF5Tu8cS3Ch%2Foxr3Okn08KnslaGYckdypuyGGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twocarcrash.betterworld.org
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
71d11e2cd981cc4e-ZRH
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
public
api.hubspot.com/livechat-public/v1/message/ Frame
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7187435&conversations-embed=static-1.10231&mobile=false&messagesUtk=80a348aed580476caf3ec68f7d24440c&traceId=80a348aed580476caf3ec68f7d24440c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://twocarcrash.betterworld.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://twocarcrash.betterworld.org
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71d11e2bfa8e2325-ZRH
content-length
18
content-type
text/plain; charset=utf-8
date
Sat, 18 Jun 2022 04:00:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dvE2sri%2BgdzU%2BpmKkuPZONeAjkze3bdWriCLDmiLD%2BxxMpByVKi9jFpvw7cCSoUx0xqrng7QD6inXSYbIJEMjqUVXZXkW1Cu6E5aBfpiUZnyq5XEWf5QFifgSb50Z9KUemzDuHnr%2B7nDUt1JFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hubspot-correlation-id
20be4434-afd9-4311-8a26-9ead1e8eb77d
x-trace
2BF26B004FB507CFDE3A09BD58246BA7ED0A359050000000000000000000
anchor
www.google.com/recaptcha/api2/ Frame 3630
43 KB
23 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ad3041435779aa8a6fdc8c828a212e091cd603aa41a9e47e41ffb027ab2f272a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-VQRwSU1XsqmO57TzVv3G7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
23028
content-security-policy
script-src 'report-sample' 'nonce-VQRwSU1XsqmO57TzVv3G7Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:00:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 79AA
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 79AA
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:56:49 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 3630
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 3630
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21815
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:56:49 GMT
2888537
vc.hotjar.io/sessions/
0
258 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/2888537?s=0.25&r=0.13650764076895627
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b871a939666125f20d79.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-19.fra56.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
xCMnz3jSmpQDgYfRZUk_Eg9VD2qiSADnyZUirpd8pwEynprXbtgn8g==
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 79AA
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 18:59:48 GMT
x-content-type-options
nosniff
age
291637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 21 Jun 2022 18:59:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79AA
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:06:41 GMT
x-content-type-options
nosniff
age
298424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 14 Jun 2023 17:06:41 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 79AA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 08:48:37 GMT
x-content-type-options
nosniff
age
328308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 08:48:37 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 3630
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=6pkabw2wph2e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 04:00:25 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 79AA
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly90d29jYXJjcmFzaC5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=c4oykt3q9bi6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
1; mode=block
expires
Sat, 18 Jun 2022 04:00:25 GMT
clarity.js
www.clarity.ms/eus2-f/s/0.6.34/
53 KB
23 KB
Script
General
Full URL
https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/137001031
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1834 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:24 GMT
content-encoding
br
etag
"1d880d11ff3a854"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
02U2tYgAAAADPIyZEdUsCTpI1d3uxYK2oVExWMzBFREdFMDIwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=763472054393761&ev=Microdata&dl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&rl=&if=false&ts=1655524825155&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%20%7C%20BetterWorld%22%2C%22meta%3Adescription%22%3A%22One%20original%2C%20hand%20made%2C%20ONE%20OF%20A%20KIND%20limited%20edition%20Astrobleme%20CD!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Astrobleme%20Limited%20CD!%20giveaway%20supporting%20Two%20in%20a%20Car%20Crash%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fcdn0.betterworld.org%2Fuser%2Fimages%2Fraffle%2F268830-62ad3ded2df45-ba59785f67469d3e873a-620.jpg%22%2C%22og%3Adescription%22%3A%22One%20original%2C%20hand%20made%2C%20ONE%20OF%20A%20KIND%20limited%20edition%20Astrobleme%20CD!%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22BetterWorld%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1655524824609.1124849411&it=1655524824464&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Requested by
Host: twocarcrash.betterworld.org
URL: https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sat, 18 Jun 2022 04:00:25 GMT
bframe
www.google.com/recaptcha/api2/ Frame CB22
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e92316988b75ae32f7cfa4a228cd299ed9f2323dfd711062ea22f1033d311467
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y2fAXBiY2ImVYLAcKzz7nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1113
content-security-policy
script-src 'report-sample' 'nonce-y2fAXBiY2ImVYLAcKzz7nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 04:00:25 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame CB22
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 12:52:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 12:52:34 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame CB22
366 KB
145 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 21:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21816
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148046
x-xss-protection
0
last-modified
Mon, 13 Jun 2022 04:02:51 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Jun 2023 21:56:49 GMT
truncated
/
23 KB
23 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8

Request headers

Referer
Origin
https://twocarcrash.betterworld.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
application/font-woff2;charset=utf-8
collect
n.clarity.ms/
0
183 B
XHR
General
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://twocarcrash.betterworld.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://twocarcrash.betterworld.org
date
Sat, 18 Jun 2022 04:00:25 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2
utils.js
twocarcrash.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/
239 KB
55 KB
Script
General
Full URL
https://twocarcrash.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/utils.js
Requested by
Host: cdn1.betterworld.org
URL: https://cdn1.betterworld.org/js/e4d5f0d/a5f2c5fda8f5f580403ef1345128c086.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.11.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-11-94.compute-1.amazonaws.com
Software
Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 17:28:24 GMT
server
Apache/2.4.53 () OpenSSL/1.0.2k-fips
etag
"3bdc0-5e17fd9291e00-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
55767
expires
Mon, 18 Jul 2022 04:00:25 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&RedC=c.clarity.ms&MXFR=3331A4C2E3E36C3C23D5B505E7E3622A
  • https://c.clarity.ms/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&MUID=196F2270719461260FFA33B770FF60B0
42 B
367 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&MUID=196F2270719461260FFA33B770FF60B0
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:25 GMT
last-modified
Fri, 20 May 2022 21:53:17 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"17a28a3946cd81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 18 Jun 2022 04:00:25 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 09416905633647C99BC9B8929EDAD64A Ref B: FRAEDGE1416 Ref C: 2022-06-18T04:00:25Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=9E3342CC42EF4B79ACE4E1D934767DE8&MUID=196F2270719461260FFA33B770FF60B0
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
feedback-web-fetcher
app.hubspot.com/ Frame 536A
2 KB
2 KB
Document
General
Full URL
https://app.hubspot.com/feedback-web-fetcher
Requested by
Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://twocarcrash.betterworld.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45313
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
HIT
cf-ray
71d11e30bfc60229-ZRH
content-encoding
br
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html&cfRay=71d11e30bfc60229&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Ftwocarcrash.betterworld.org%2F&cfenv=prod&pdt=2022-06-18&csp=ro
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 04:00:25 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 19 Jun 2022 04:00:25 GMT
last-modified
Mon, 13 Jun 2022 15:03:35 GMT
nel
{"report_to":"nel","max_age":86400}
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=71d11e30bfc60229&resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-id
rXDHgjn5mO5NIk6jpDmrwzjJvRGHa47xA0YpxYyGvxh2HBhiu8a2GA==
x-amz-cf-pop
FRA56-P2
x-amz-replication-status
PENDING
x-amz-server-side-encryption
AES256
x-amz-version-id
KoJec5y2hHfKzlvl3QlZcjljSpOheOBf
x-cache
Hit from cloudfront
x-hs-target-asset
feedback-web-renderer-ui/static-1.10889/html/fetcher.html
x-hs-worker-debug-mode
false
__ptq.gif
track.hubspot.com/
45 B
742 B
Image
General
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2153072566&v=1.1&a=7187435&pu=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&t=Astrobleme+Limited+CD!+giveaway+supporting+Two+in+a+Car+Crash+%7C+BetterWorld&cts=1655524825571&vi=b0d0e540e853f4f6e154f2586d8e97c1&nc=true&ce=false&cc=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
c0c5078a-2528-461f-84ea-218f7afd9076
cf-ray
71d11e309fba0229-ZRH
p3p
CP="NOI CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kk5TjHGGpSCsE1WzfHEsH9YRVccltbwjm4ron%2BHxQiy4C3Hj7xwJccmnVBAJGnBO8bNM6aWOf5SsQ8KBwuj1%2FmW%2FBIyX0Pm6xlXR6CXqNLu47G5tER3TQM28u8IDFJeiAweXUXeif2TU70YedvMb"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
x-robots-tag
none
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/
74 B
929 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7187435
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://twocarcrash.betterworld.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
abb413f4-5918-4487-82a8-c3c610705225
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2BE9678630E8680B7413F075B846F966B4FFBCE9C4000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2aWSrAwHHEdJBvF%2FcU%2FpG3xZPMdpjdYW6W4Kf7uaFfcCsydP88%2FZ5ExUJFZyLhnmBtPMxHcWs1YjA%2B8fDKMiZTFdLst523xqljhaKanEFApkdar05ys%2FSHD5oNRSVvssCOKjhQ2Y0XYtBkn"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://twocarcrash.betterworld.org
access-control-allow-credentials
false
cf-ray
71d11e309fb90229-ZRH
access-control-allow-headers
*
bundle.production.js
static.hsappstatic.net/hubspot-dlb/static-1.273/ Frame 536A
289 KB
93 KB
Script
General
Full URL
https://static.hsappstatic.net/hubspot-dlb/static-1.273/bundle.production.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
668510
x-amz-server-side-encryption
AES256
cf-ray
71d11e315ea201df-ZRH
x-cache
Hit from cloudfront
access-control-max-age
3000
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 09 Jun 2022 20:12:51 GMT
server
cloudflare
etag
W/"7f1f4cf071fe807a6e3cb1c0e9606132"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Krj6NNKH7bb%2FJYMGDYv0mWbzKJKcl4K1VzDb9dvSb7C9C3STX03uhhmerwYiYwyb53U0MFu0CiNgeVhin4r%2FixkMBnnjGKgHAa%2FbWb40%2BYY5F5x%2BxwwS%2BVz2JSbDJrAO6QACS1bbcYDlZx9qa2Spf6YrYiw%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
KzPlPnaGfC2KvqH_C2ydD6oOPrLTHXIr
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
L8DLv3ttouqVoZZLgz1kRnKmAbjCjm-RJ03HLmyXdycUF-oO7BVmAg==
expires
Sun, 18 Jun 2023 04:00:25 GMT
fetcher.js
static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/ Frame 536A
15 KB
7 KB
Script
General
Full URL
https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Origin
https://app.hubspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 04:00:25 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
390917
x-amz-server-side-encryption
AES256
cf-ray
71d11e315ea501df-ZRH
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 13 Jun 2022 15:03:34 GMT
server
cloudflare
etag
W/"f3eb42ea6bd5f051aac5bd3b724f5cfe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTZwSVSogL87UFXXrzLg5WXEd7V5R3S%2Bgs5KCXbrHGkGbX%2F5EgNQFj0yfzO56Seyfyf08qMoO9S0I2mfedk%2BTCBLzooZF6yI7FD47kKOZWl12a1V5AVqMtzKMu%2FAKYzVwjiIS0JdtbdO3QsC2K0uNs8LgGk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
psS_L0aIxxJeWsOWmK5GyO04WEHx2efv
access-control-allow-origin
https://app.hubspot.com
cache-control
public, max-age=31536000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P2
content-type
application/javascript
x-amz-cf-id
PdbfcjZJCsC33I4SyZlG7pt1KouWS-LRBx-G0_MFXBwvfaGNEEUWbQ==
expires
Sun, 18 Jun 2023 04:00:25 GMT
/
api.hubspot.com/cors-preflight-iframe/ Frame 5968
171 B
1 KB
Document
General
Full URL
https://api.hubspot.com/cors-preflight-iframe/
Requested by
Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
age
2121493
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=31536000
cf-cache-status
HIT
cf-ray
71d11e31b89c23c7-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Jun 2022 04:00:25 GMT
etag
W/"e0a6d24f4774b193114cde59bad7a9b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 18 Jun 2023 04:00:25 GMT
last-modified
Tue, 24 May 2022 02:41:18 UTC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ASVJB5SGfyrGG%2B6ust95uL5nYrlv1mFf5kjsslqIyzy%2F9iTUxfspUTK97eerS4zRmVg%2Fft52FrpdwkKtgKqnn6cwcVanePsYNvK6s4ftjofTyqBM4tHL1b4pY3uAE0tMHnYxxleUWfd8yACZxg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 3d65275b81abaf880be10de6f2c71e9a.cloudfront.net (CloudFront)
x-amz-cf-id
IYsA7_XhOzfzjU1K-AKp6U8ckE058_vkXKtInB-MDXMfivkXATHejg==
x-amz-cf-pop
IAD89-P1
x-amz-meta-ao
{}
x-amz-replication-status
PENDING
x-amz-server-side-encryption
AES256
x-amz-version-id
kgyGmBJa1ShZkqHRsjocf1kdkyXvzb6q
x-cache
Hit from cloudfront
x-hs-cache-status
HIT
x-hs-target-asset
cors-preflight-iframe/static-1.78/html/iframe.html
web-config
feedback.hubapi.com/feedback/public/v1/ Frame 536A
72 B
923 B
XHR
General
Full URL
https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=7187435&utk=b0d0e540e853f4f6e154f2586d8e97c1&bundleVersion=1.10889&currentUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&pageUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd
Requested by
Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab1f896b0add2c8f71ec72495bfe28cc879bd59eb293aee3f3a6a4501064021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://app.hubspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
X-HS-Referer
https://twocarcrash.betterworld.org/giveaways/astrobleme-limited-cd

Response headers

x-origin-hublet
na1
date
Sat, 18 Jun 2022 04:00:26 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
0223141e-04d0-4d44-9dc6-a29fcfddb32c
access-control-allow-methods
GET, POST, OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
x-trace
2B614F011844770CADC94499B89C884AF6DE591844000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qea5uecDia7otuHIEyp322vIL6l0Bhn%2FpMqibDseY%2BCnLMpSoQd9mqjBs1twTdLDEM%2FZY9DbOkYHrnZEtAJ4aruot7JHTeSh8HMuDJ3jY9%2F0xpS9oLs20Y8N7uBc9O6CHiNvAnoWdyw4lAjVAmlsBxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://app.hubspot.com
access-control-expose-headers
X-Origin-Hublet
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
cf-ray
71d11e348f940221-ZRH
access-control-allow-headers
Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
web-config
feedback.hubapi.com/feedback/public/v1/ Frame
0
0
Preflight
General
Full URL
https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=7187435&utk=b0d0e540e853f4f6e154f2586d8e97c1&bundleVersion=1.10889&currentUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd&pageUrl=https%3A%2F%2Ftwocarcrash.betterworld.org%2Fgiveaways%2Fastrobleme-limited-cd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hs-referer
Access-Control-Request-Method
GET
Origin
https://app.hubspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://app.hubspot.com
access-control-expose-headers
X-Origin-Hublet
access-control-max-age
180
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
71d11e31b8610229-ZRH
content-length
18
content-type
text/plain; charset=utf-8
date
Sat, 18 Jun 2022 04:00:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzBjMRbqInZaoRqb7uHiqUGRKqy4vJvS34wEmffXNkj4kNU4nSh4hjtqCJOOJgfICq4NER5PjGA%2FKlGkRyBPCTqzgM4%2FZtqALjaRFAJbCUOUQiZnN7NHlRg%2BFizmBmIKumrUexHljDTvFw1ZTJQTlHM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-hubspot-correlation-id
424ccef2-37eb-4a54-9b05-0dcbfc114935
x-trace
2BC34D48091519E0C2346C061464AB312B80F22CB1000000000000000000
collect
n.clarity.ms/
0
48 B
XHR
General
Full URL
https://n.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-f/s/0.6.34/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.184.204.244 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://twocarcrash.betterworld.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
https://twocarcrash.betterworld.org
date
Sat, 18 Jun 2022 04:00:26 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| cjfb object| dataLayer object| config function| $ function| jQuery object| Bugsnag string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data function| fbq function| _fbq function| hj object| _hjSettings string| _linkedin_partner_id object| _linkedin_data_partner_ids object| uetq object| gaplugins object| gaGlobal object| gaData function| gtag object| google_optimize function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| ueto_8add1b8398 object| ueto_9816f60886 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| FortAwesomeConfig string| woffCSSFilename string| cssFilename string| cssUrl object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| MarvinImage object| MarvinAbstractImagePlugin function| Crop function| Scale function| MarvinAttributes function| marvinLoadPluginMethods object| Marvin object| BWC function| moment object| toastr function| Hammer object| isMobile object| Validator object| ParsleyConfig object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator function| FormSerializer function| form2object function| form2json object| bootbox function| Big function| ClipboardJS object| intlTelInputGlobals function| intlTelInput function| rot13 function| Cleave undefined| EasyZoom object| ua object| _hsp object| recaptcha object| closure_lm_528413 boolean| PIXELS_RAN object| _hsq boolean| hubspot_live_messages_running object| HubSpotConversations object| ube function| clarity object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded object| hsFeedback object| onHsFeedbackReady boolean| hsFeedbackLoaded boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| _hspb_ran object| intlTelInputUtils

36 Cookies

Domain/Path Name / Value
.betterworld.org/ Name: BWSESSID
Value: 8ez7lZruSmQfhW0Jy2a64XaBGo5C-k2PXf463l%2CB2-Q-NI7eEwA5oq7K7LRd8r14YPJIvaEW5ynM0mCdt9FyvVjQDUcVz4x6CH1LqyucIqfaUn7coVtAKXqWJoPOC41u
.betterworld.org/ Name: _gcl_au
Value: 1.1.1620738006.1655524824
.betterworld.org/ Name: _ga
Value: GA1.2.975520532.1655524824
.betterworld.org/ Name: _gid
Value: GA1.2.1447782290.1655524824
.betterworld.org/ Name: _gat
Value: 1
.bing.com/ Name: MUID
Value: 196F2270719461260FFA33B770FF60B0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.betterworld.org/ Name: _fbp
Value: fb.1.1655524824609.1124849411
.facebook.com/ Name: fr
Value: 0xPoVgX41yrwx7yJD..BirU3Y...1.0.BirU3Y.
.linkedin.com/ Name: UserMatchHistory
Value: AQKiYFC3L1h3xAAAAYF0-BYNKCb-kVF-pdN0egz_7_RvfhEtKe13hCdB-uuC_drF0LgM60lVDz-7Mg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK89gC7slxbOQAAAYF0-BYNlyKYSETUsnzD1qxlAif8mYDW2YlvHWdWwL6GgPUiJyFLae1X10AUU2iQobpkYw
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&07df78a5-2236-42ab-8fc2-13480fd3b403"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2369:u=1:x=1:i=1655524824:t=1655611224:v=2:sig=AQEouFEanL_H3knwYCaD18Mtlwl8ZMW5"
.betterworld.org/ Name: _uetsid
Value: 2e7d3ae0eebb11ec89dae712a2377c3f
.betterworld.org/ Name: _uetvid
Value: 2e7d3e90eebb11ecb8b1773c7d5827cd
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022061804002417ebae7f-e88e-425b-85b0-a917e5e6aff6AQFG8b4ybh7vEOJ3jemjcYGQHCf7WK8C"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTU1MjQ4MjQ7MjswMjEcS2YKRhCWn98NXJcMr4j2qZVbMIinfKQHMLKN2S5sxg==
.betterworld.org/ Name: _hjSessionUser_2888537
Value: eyJpZCI6IjExZDIxNjBmLWI1MmQtNWM0ZC1iMGYyLTA4Njc2ODczYWY0YyIsImNyZWF0ZWQiOjE2NTU1MjQ4MjQ1NTEsImV4aXN0aW5nIjpmYWxzZX0=
.betterworld.org/ Name: _hjFirstSeen
Value: 1
twocarcrash.betterworld.org/ Name: _hjIncludedInSessionSample
Value: 0
.betterworld.org/ Name: _hjSession_2888537
Value: eyJpZCI6ImNkOWI4MDExLWI1ZjYtNGQ5NS05OWFjLTc2M2Y1NzY5YWU0OCIsImNyZWF0ZWQiOjE2NTU1MjQ4MjQ5NTUsImluU2FtcGxlIjpmYWxzZX0=
.betterworld.org/ Name: _hjAbsoluteSessionInProgress
Value: 1
www.clarity.ms/ Name: CLID
Value: 2dd5c0053c794ed5a1f03b323973c786.20220618.20230618
.betterworld.org/ Name: _clck
Value: 2d0td8|1|f2f|0
.betterworld.org/ Name: __hstc
Value: 224497285.b0d0e540e853f4f6e154f2586d8e97c1.1655524825569.1655524825569.1655524825569.1
.betterworld.org/ Name: hubspotutk
Value: b0d0e540e853f4f6e154f2586d8e97c1
.betterworld.org/ Name: __hssrc
Value: 1
.betterworld.org/ Name: __hssc
Value: 224497285.1.1655524825569
.c.bing.com/ Name: SRM_B
Value: 196F2270719461260FFA33B770FF60B0
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 196F2270719461260FFA33B770FF60B0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.hubspot.com/ Name: __cf_bm
Value: fW0FPdWOAA8NZsHvGmBxyvpYboADbYUE4eVB4D6mfro-1655524825-0-AesnzocHPtxeBE9yUbQ0NRtqo5x0gvIcIYRyT18HTGqpY6f8yJaOV9r9e/mizWoJVlFv/7iEEXxanLBtdK3lIDo=
.betterworld.org/ Name: _clsk
Value: 1ca18op|1655524825919|1|1|n.clarity.ms/collect

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
assets.ubembed.com
bat.bing.com
betterworldcollective.s3.amazonaws.com
c.bing.com
c.clarity.ms
cdn0.betterworld.org
cdn1.betterworld.org
cdn2.betterworld.org
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
feedback.hubapi.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspotfeedback.com
js.usemessages.com
n.clarity.ms
px.ads.linkedin.com
px4.ads.linkedin.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
twocarcrash.betterworld.org
use.fonticons.com
use.fortawesome.com
vars.hotjar.com
vc.hotjar.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.157.4.118
108.157.4.69
108.157.4.82
13.107.42.14
13.32.121.14
142.250.185.66
151.101.65.131
151.139.128.11
151.139.128.8
18.66.112.19
18.66.139.84
20.234.93.27
2606:4700:4400::ac40:9a55
2606:4700::6811:44b0
2606:4700::6811:71a2
2606:4700::6811:71b0
2606:4700::6811:9d2
2606:4700::6811:c9cc
2606:4700::6811:d6cc
2606:4700::6811:edcc
2606:4700::6813:9a53
2620:1ec:21::14
2620:1ec:27::cafe:1834
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2008
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9c
2a02:26f0:f7::5c7b:e024
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
52.184.204.244
52.217.80.140
52.222.206.102
52.222.236.74
52.7.11.94
003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a
01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e
0e3efa85ba4c0d925f44af731f0eb1d15c21780bf540ac624935bb3a84fcd0fa
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1adca5c086d26d5cfcf239c5c28778c1a9c65aa174ae482c71c11d252bb16eba
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
25733947c6acd0b172903313e2e44583a623b4edd18769906331e1560768b089
259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8
2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7
29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225
2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7
2db61c9ef30492bb87583c0e0630c10abb7271f6d0ea74f20f155d3b82d7215f
33272713d84ffdaab3a61030b3c4cecca56a0f00485bd02767a96e61bc45452d
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
37deec7ab88a543fdcb643c2e562a8cb633e7c78a35bcd8a8a9962535edd43ef
384d5912b1974f290d6692722e2bb42556ee968853dccd73bd5d03ef4999deaf
3ab1f896b0add2c8f71ec72495bfe28cc879bd59eb293aee3f3a6a4501064021
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
406b8e3e0899404b0abf6655875bb32901477fa51375498b92f85048d2cd91ad
44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4
4768ee487c1ad9dda08214bc87020b42b5150074f7c831e437d165daef083118
47696066df8962ecbf49085eeda42c40a8700d1afde00192f8f225a606fe8263
52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1
54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581
5e015878de60f31378b1f41c6a57c6d4e5caa0ee71fbde6754ba807599651686
6b4d7a1824603d78412c0989f551743312fdee030e6c13a99bccc98f471924c1
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
6d9958ada554a859765b3d8821e4cf5b91bf63a669c46d3f1f5fe4e78319892b
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1
7f77149b1beed108b3d3ad88b9170a8a27e1c6eedb0ed30c698492b4586372d3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843615456abd5526b3efc939b0fbd04e2706ba305722de92ec8ca5142919964e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ada49adc52e807d4bed7f52225353ffa163e43c2fb692af71b74faa6114f005
90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62
925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f
98d8675bd0fd6577642437e6a0b5d825137f0e8a9e333cf53124ec88282bb1e8
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4e00320cfc724fde175314d7d9970ced29cc4967ec09288cc6291716e13209c
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2
ad3041435779aa8a6fdc8c828a212e091cd603aa41a9e47e41ffb027ab2f272a
aede3017059a6726452e66de4608bb7eb4e43061cbcff7292155cb0c38ae7941
afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567
bc64a5199c14793bcc5f48281ebe83483b6cb42748b9b6e90b0abb16831b1aaa
c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd805b1fdc5a32a09fdb1712170164efbda79aac17d24eb443373fb4f54cd737
dded384242e4090c76ad8a8afb117bfd1727bc92e690c9852013b80814115c28
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5827fd8bddccf8f9ca7d06936e0bd6596f9ec6aca0652086c5d593a72d84435
e92316988b75ae32f7cfa4a228cd299ed9f2323dfd711062ea22f1033d311467
eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f785182c37dd118034ac5891bff03d3fec6ec60d63d8d6609cebafe35a86ec0c
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c