yenekainc.betterworld.org Open in urlscan Pro
34.204.216.125 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://yenekainc.betterworld.org/donate-an-item
Submission: On June 30 via manual (June 30th 2022, 6:21:42 pm UTC) from US — Scanned from DE

Summary HTTP 100 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 48 IPs in 4 countries across 32 domains to perform 100 HTTP transactions. The main IP is 34.204.216.125, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is yenekainc.betterworld.org.
TLS certificate: Issued by Amazon on June 7th 2022. Valid for: a year.

This is the only time yenekainc.betterworld.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	34.204.216.125 34.204.216.125	14618 (AMAZON-AES) (AMAZON-AES)
1	13.224.189.93 13.224.189.93	16509 (AMAZON-02) (AMAZON-02)
7	143.204.215.62 143.204.215.62	16509 (AMAZON-02) (AMAZON-02)
4	143.204.215.123 143.204.215.123	16509 (AMAZON-02) (AMAZON-02)
1	52.222.206.51 52.222.206.51	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
5	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	52.216.36.225 52.216.36.225	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c01::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.139.128.8 151.139.128.8	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:74b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.17.124 108.138.17.124	16509 (AMAZON-02) (AMAZON-02)
2	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
1	18.66.139.84 18.66.139.84	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:1ec:27::... 2620:1ec:27::cafe:2057	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.215.128.203 52.215.128.203	16509 (AMAZON-02) (AMAZON-02)
1	35.85.176.117 35.85.176.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
100	48

3 34.204.216.125 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-216-125.compute-1.amazonaws.com

yenekainc.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-93.fra2.r.cloudfront.net

cdn2.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.215.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-62.fra53.r.cloudfront.net

cdn0.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.215.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-123.fra53.r.cloudfront.net

cdn1.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.206.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-51.fra56.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fonticons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.36.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

betterworldcollective.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:22::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.8 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:74b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70a2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-124.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-84.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:27::cafe:2057 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.128.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-128-203.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.85.176.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-176-117.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	betterworld.org yenekainc.betterworld.org cdn2.betterworld.org cdn0.betterworld.org cdn1.betterworld.org	399 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	683 KB
10	google.com www.google.com — Cisco Umbrella Rank: 8 region1.analytics.google.com — Cisco Umbrella Rank: 5133	47 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 579 h.clarity.ms — Cisco Umbrella Rank: 5358 c.clarity.ms — Cisco Umbrella Rank: 1113	28 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 362 c.bing.com — Cisco Umbrella Rank: 182	13 KB
6	stripe.com js.stripe.com — Cisco Umbrella Rank: 1748 q.stripe.com — Cisco Umbrella Rank: 12728 m.stripe.com — Cisco Umbrella Rank: 1533	77 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4290 app.hubspot.com — Cisco Umbrella Rank: 5854 track.hubspot.com — Cisco Umbrella Rank: 2144	6 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 395 www.linkedin.com — Cisco Umbrella Rank: 485 px4.ads.linkedin.com — Cisco Umbrella Rank: 5675	3 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 627 script.hotjar.com — Cisco Umbrella Rank: 904 vars.hotjar.com — Cisco Umbrella Rank: 917 in.hotjar.com — Cisco Umbrella Rank: 1509	67 KB
3	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3680 feedback.hubapi.com — Cisco Umbrella Rank: 24213	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5448	672 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 119 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	197 KB
2	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6868	100 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1852	17 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	388 B
2	ubembed.com ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 10056	48 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	109 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	amazonaws.com betterworldcollective.s3.amazonaws.com	52 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2061	20 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 17516	10 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2069	16 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3409	3 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 4780	21 KB
1	fortawesome.com use.fortawesome.com — Cisco Umbrella Rank: 18568	27 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 780	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	39 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2291	1 KB
1	fonticons.com use.fonticons.com — Cisco Umbrella Rank: 69530	4 KB
1	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	3 KB
100	32

	Domain	Requested by
8	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	yenekainc.betterworld.org www.gstatic.com www.google.com
7	cdn0.betterworld.org	yenekainc.betterworld.org
5	bat.bing.com	yenekainc.betterworld.org bat.bing.com
4	cdn1.betterworld.org	yenekainc.betterworld.org
3	www.clarity.ms	bat.bing.com www.clarity.ms
3	api.hubspot.com	js.usemessages.com app.hubspot.com
3	www.google.de	yenekainc.betterworld.org
3	www.googletagmanager.com	yenekainc.betterworld.org www.googletagmanager.com
3	js.stripe.com	yenekainc.betterworld.org js.stripe.com
3	yenekainc.betterworld.org	yenekainc.betterworld.org cdn1.betterworld.org
2	feedback.hubapi.com	static.hsappstatic.net
2	static.hsappstatic.net	app.hubspot.com
2	c.clarity.ms	1 redirects
2	h.clarity.ms	www.clarity.ms
2	fonts.gstatic.com	www.google.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	q.stripe.com	yenekainc.betterworld.org
2	www.facebook.com	yenekainc.betterworld.org
2	px.ads.linkedin.com	2 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	yenekainc.betterworld.org connect.facebook.net
2	www.google-analytics.com	yenekainc.betterworld.org
2	betterworldcollective.s3.amazonaws.com	cdn2.betterworld.org
1	api.hubapi.com	js.hsadspixel.net
1	c.bing.com	1 redirects
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	m.stripe.com	m.stripe.network
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	assets.ubembed.com	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	use.fortawesome.com	use.fonticons.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	px4.ads.linkedin.com	yenekainc.betterworld.org
1	www.linkedin.com	1 redirects
1	script.hotjar.com	static.hotjar.com
1	www.googleadservices.com	www.googletagmanager.com
1	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	www.googletagmanager.com
1	snap.licdn.com	yenekainc.betterworld.org
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	js.hs-scripts.com	yenekainc.betterworld.org
1	use.fonticons.com	yenekainc.betterworld.org
1	d2wy8f7a9ursnm.cloudfront.net	yenekainc.betterworld.org
1	cdn2.betterworld.org	yenekainc.betterworld.org
100	52

This site contains links to these domains. Also see Links.

Domain
betterworld.org
www.facebook.com
twitter.com
api.whatsapp.com
support.betterworld.org

Subject Issuer	Validity	Valid
betterworld.org Amazon	`2022-06-07` - `2023-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
use.fonticons.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-05-20` - `2022-09-25`	4 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-25` - `2022-09-08`	4 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-11` - `2022-08-03`	4 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://yenekainc.betterworld.org/donate-an-item
Frame ID: C77AA11F1915E1F37C8CC944F7F0CA57
Requests: 73 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
Frame ID: 8B9AE127ACEB13C39DD6028E0796447F
Requests: 3 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: BCFC23B26912B4619BC6EFFB9FA97BAF
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: CD1B4793240C8A9C5F79489FF22C6019
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=qjyb4yeaeqk3
Frame ID: 79010600CA84941EBD0586279E472F2B
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=993hlohju8wr
Frame ID: BCCA220C2659B7BFF875438FC8536A42
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Frame ID: DF6F42FC15AA0C37DB14DB115C98D1E8
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 32F23C13F82140F6C65818AF9AD1BE1E
Requests: 4 HTTP requests in this frame

Frame: https://api.hubspot.com/cors-preflight-iframe/
Frame ID: AB0315ADAD61F5FC015A79CDC6DDFA70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate an auction or giveaway item to Ye N’Eka, Inc. | BetterWorld

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

100
Requests

98 %
HTTPS

56 %
IPv6

32
Domains

52
Subdomains

48
IPs

4
Countries

2055 kB
Transfer

5679 kB
Size

40
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://betterworld.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Didf
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Donate%20an%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.&url=http%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=http%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item?utm_source=whatsapp&utm_medium=social&utm_campaign=idf
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/
Title: Support

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://betterworld.org/request-password-reset
Title: Forgot your password?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1656613296432%26url%3Dhttps%253A%252F%252Fyenekainc.betterworld.org%252Fdonate-an-item%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true&e_ipv6=AQL_ee2_RkG4aQAAAYG12NweX4Z9lWzIe8oYGvK78ZD1B-Q_lOTGFRY_ZO6vjbcsNfurK-0dtF7p

Request Chain 92

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&RedC=c.clarity.ms&MXFR=09CB3C739F9167563A672DA09B916913 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&MUID=0E236BB5B50C6BF2138B7A66B4676A77

100 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request donate-an-item Show response
yenekainc.betterworld.org/ 17 KB
5 KB 479ms
228ms Document
text/html 34.204.216.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.216.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-216-125.compute-1.amazonaws.com

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips /

Resource Hash

c89528448b1ced80a57e214c88dc003c7201196c33ee3e490c5fea76f6f75738

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 30 Jun 2022 18:21:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding
x-frame-options: deny

GET
H/1.1 200
OK frontend.css
cdn2.betterworld.org/css/e4d5f0d/ 454 KB
156 KB 106ms
23ms Stylesheet
text/css 13.224.189.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-93.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 47696066df8962ecbf49085eeda42c40a8700d1afde00192f8f225a606fe8263

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 08:34:23 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 17:28:31 GMT
Server: AmazonS3
Age: 553634
ETag: "07ab901b6d5d2b0196768891087d8f75"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 159653
X-Amz-Cf-Id: JKwYgDKCUzFDJowkJwbqt6m2k94j0DW28vw2C0oNAT5lCiA5Lski_g==

GET
H/1.1 200
OK wordmark.svg
cdn0.betterworld.org/images/brand/ 34 KB
35 KB 93ms
22ms Image
image/svg+xml 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/brand/wordmark.svg
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 05:01:33 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:46 GMT
Server: AmazonS3
Age: 2035204
ETag: "b90d17a9c7961df823b9f953933a34d4"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 34884
X-Amz-Cf-Id: q7E2z-f8QhIEJa2frIV-rwqEz_I0GEI8l34eL3886RAsGQ8vfhU3SQ==

GET
H2 200 default-org-logo.png
yenekainc.betterworld.org/images/logos/ 886 B
1 KB 106ms
105ms Image
image/png 34.204.216.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yenekainc.betterworld.org/images/logos/default-org-logo.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.216.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-216-125.compute-1.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash: b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/donate-an-item
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
last-modified: Wed, 15 Jun 2022 17:28:24 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
etag: "376-5e17fd9291e00"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 886
expires: Sat, 30 Jul 2022 18:21:36 GMT

GET
H/1.1 200
OK bw-white-32.png
cdn0.betterworld.org/images/brand/ 684 B
1 KB 83ms
34ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/brand/bw-white-32.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d0533adc17d0985c012475cc0e29afb8c2e40eecdd5f26da3a09ac4dbd11fafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 12:25:34 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 17:28:33 GMT
Server: AmazonS3
Age: 194163
ETag: "a65857aece0e05860091f92d61eaf219"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 684
X-Amz-Cf-Id: 8Xwbk6MiW6yre3awY5MpLxEQdm2TaMyy50I1uJ_acXzaa0lPltnqHw==

GET
H/1.1 200
OK facebook.png
cdn0.betterworld.org/images/icons/social/tiles/ 466 B
971 B 23ms
21ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/icons/social/tiles/facebook.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 00:37:21 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 1964656
ETag: "aa576fca66ec02d2408fc2127fa71913"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 466
X-Amz-Cf-Id: oMn1sbQjMvqLU5EN46sDMRTsXQyDa6MuJZY3sFyaNnba2gRXPSVm_A==

GET
H/1.1 200
OK twitter.png
cdn0.betterworld.org/images/icons/social/tiles/ 775 B
1 KB 34ms
23ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/icons/social/tiles/twitter.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 30 May 2022 08:47:20 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 27 May 2022 21:09:07 GMT
Server: AmazonS3
Age: 2712857
ETag: "9413848f672dba3937857243d27399ca"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 775
X-Amz-Cf-Id: ddNJdVhsDw5Ft2t6FUr15Oe-xPgsvnmGRw_BtRIYQ8lEyL_pIvHm8g==

GET
H/1.1 200
OK whatsapp.png
cdn0.betterworld.org/images/icons/social/tiles/ 1 KB
2 KB 38ms
21ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/icons/social/tiles/whatsapp.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 15:20:49 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 2170848
ETag: "5abb67522bc243d7c42e833d3cd8cc76"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1341
X-Amz-Cf-Id: 2fri3k3aWo4aBLRmrkCuSOUUasQZnuovVAMkva7ZUxfoWDPMfNPUcA==

GET
H/1.1 200
OK email.png
cdn0.betterworld.org/images/icons/social/tiles/ 2 KB
2 KB 48ms
21ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/icons/social/tiles/email.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 00:35:13 GMT
Via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 2396784
ETag: "9c324ec5e8ace818bcc74b7f8303004d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 2000
X-Amz-Cf-Id: 383CvFyjUpnTIpQR55KxbjyD0PomjQrE39JCZFbzh8sKUmcvphhIIw==

GET
H/1.1 200
OK bw-white-64.png
cdn0.betterworld.org/images/brand/ 1 KB
2 KB 52ms
22ms Image
image/png 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0.betterworld.org/images/brand/bw-white-64.png
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 18 May 2022 13:13:45 GMT
Via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 20:32:32 GMT
Server: AmazonS3
Age: 3733672
ETag: "fabc01ec04aadbdf899735f9c36e2021"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 1280
X-Amz-Cf-Id: j9Z13BwwaVWrBsu6l96KAIUbxUWvO8HH43goPyqsU76KHKt76ZYSUw==

GET
H/1.1 200
OK jquery.min.gz.js Show response
cdn1.betterworld.org/js/0/jquery/2.0.3/ 82 KB
29 KB 82ms
21ms Script
application/x-javascript 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.betterworld.org/js/0/jquery/2.0.3/jquery.min.gz.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 06 Jun 2022 01:15:03 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2015 18:18:38 GMT
Server: AmazonS3
Age: 2135194
ETag: "2dddd0d496fe5c68ba77b0bca5cbeeb9"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 ab39b007ab81966ada6e7fb1536bf376.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 29148
X-Amz-Cf-Id: 7e9JZSFtqgruSRHUXmzjj0bLXo9TWT88O4CEIsJKLJBX-qy04FiOww==

GET
H/1.1 200
OK bootstrap.min.gz.js Show response
cdn1.betterworld.org/js/0/bootstrap/3.2.0/ 31 KB
9 KB 81ms
20ms Script
application/x-javascript 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.betterworld.org/js/0/bootstrap/3.2.0/bootstrap.min.gz.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:30:17 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2015 18:22:58 GMT
Server: AmazonS3
Age: 6961880
ETag: "f251f95e02359d8a7763c422d08a5377"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 8532
X-Amz-Cf-Id: YyoDepg46CjNtbhm3JRGPD1ZT-kZGkHVVGSokCu_RvJSaDnyEnlHWg==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 71ms
19ms Script
application/javascript 52.222.206.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.206.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-206-51.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 29 Jun 2022 21:59:25 GMT
Content-Encoding: gzip
Age: 73332
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA56-P3
Accept-Ranges: bytes
X-Amz-Cf-Id: 6sM-7jUj_EINsOXsc2suIA6FrJiDIO4aN1SPs2j1Z9nM4PcMt5b9jw==

GET
H2 200 13854182.js Show response
use.fonticons.com/ 10 KB
4 KB 489ms
424ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fonticons.com/13854182.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 17:18:17 GMT
etag: "0bfb2071b9c8f025ec6da9fb2ef974c7"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1656613296.cds207.fr8.hn,1656613296.cds165.fr8.sc,1656613296.cds165.fr8.pr
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 3989

GET
H2 200 / Show response
js.stripe.com/v3/ 315 KB
74 KB 142ms
19ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

75573c1c77142ff8a75adfc367d1e14a8a4b29c32424dd7617f76579999e8e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 60
x-cache: HIT
content-length: 75740
etag: "0fcaa6092ad7a0fcd5785a4014f0d461"
x-request-id: b064d96c-a2e7-48a5-9d7a-d4257ee373c5
x-served-by: cache-hhn4046-HHN
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 22:30:02 GMT
server: Fastly
date: Thu, 30 Jun 2022 18:21:36 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 78ms
32ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
H2 200 7187435.js Show response
js.hs-scripts.com/ 2 KB
1 KB 488ms
445ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7187435.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11f796702b5653845e1dc7d0088667da63a5adf0207d8f64ca9ac21c3c2e0424

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: fbcbb15b-5495-4aab-a96c-618348320b1c
last-modified: Thu, 30 Jun 2022 16:46:03 GMT
server: cloudflare
x-trace: 2B859761F69A0D3561B8E977173A0AEDB291FAB9BF000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7238ec2d5d6d9b31-FRA
expires: Thu, 30 Jun 2022 18:22:36 GMT

GET
H/1.1 200
OK a5f2c5fda8f5f580403ef1345128c086.js Show response
cdn1.betterworld.org/js/e4d5f0d/ 337 KB
99 KB 81ms
22ms Script
application/javascript 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.betterworld.org/js/e4d5f0d/a5f2c5fda8f5f580403ef1345128c086.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384d5912b1974f290d6692722e2bb42556ee968853dccd73bd5d03ef4999deaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 17:29:20 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 15 Jun 2022 17:27:39 GMT
Server: AmazonS3
Age: 1299137
ETag: "9c69149a457f5450d4bcbf45608301ac"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 85dc19f43b2a0bd8840fdf8baf07d762.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
Content-Length: 100697
X-Amz-Cf-Id: 9iN7EcOshUyeHFSdE9y90koiJr53UATy73sbZtTiONgIs2iWRhPV3Q==

GET
H/1.1 200
OK bb48d1f7d9551c10147417598c5fe4ac.js Show response
cdn1.betterworld.org/js/e4d5f0d/ 1 KB
1 KB 514ms
453ms Script
application/javascript 143.204.215.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.betterworld.org/js/e4d5f0d/bb48d1f7d9551c10147417598c5fe4ac.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-123.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92f7cb717cbb20bf513cd465f7513f9dd85a46a83e49f17dfcb625c681e83d34

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:21:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jun 2022 17:27:39 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "2e63a1c825a31d1d79ec8f4c533d01bb"
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Via: 1.1 8b5bc0831e6dab612582614c3009efa6.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 702
X-Amz-Cf-Id: 5hVGKVfx4MEL65sGfBnngI8p1Xhp_LXJbROGFkQTKDXdcSaQo1Lh2w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 196 KB
69 KB 87ms
40ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7345c8279b9a39db16e8e79dff3d8a9b5f4b449fce41d180fec48c7205eca27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70617
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
H/1.1 200
OK verb-light.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 27 KB
28 KB 549ms
193ms Font
font/woff2 52.216.36.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-light.woff2
Requested by: Host: cdn2.betterworld.org
URL: https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.36.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f

Request headers

Referer: https://cdn2.betterworld.org/
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:21:37 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:50 GMT
Server: AmazonS3
x-amz-request-id: 207HKAQTQNP6KJ9Y
ETag: "1182fcf93f71ae6d6427c67b61a18865"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 27960
x-amz-id-2: lL3XreTdcSRYQNk1DkgpAEHvnrRZdTVlVn9EUaqC+b47BzQJM88V4aYbSEnpmG+2luZ0dElt3Gc=

GET
H/1.1 200
OK verb-semibold.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 24 KB
25 KB 551ms
193ms Font
font/woff2 52.216.36.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-semibold.woff2
Requested by: Host: cdn2.betterworld.org
URL: https://cdn2.betterworld.org/css/e4d5f0d/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.36.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597

Request headers

Referer: https://cdn2.betterworld.org/
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:21:37 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:11 GMT
Server: AmazonS3
x-amz-request-id: 207HRNXT5G51Q29B
ETag: "30c9ed1daa069984ec816e2e481afb16"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 24584
x-amz-id-2: +s9aF0RpL2qXeOZI+XLdMdQuIm2D2cV/hVcrh+cbtz7bSSzeOypvYbu5UzE7utpH4f3qNiu0CZQ=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5128
date: Thu, 30 Jun 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 30 Jun 2022 18:56:08 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 99 KB
39 KB 94ms
33ms Script
application/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-T4QPHS7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3af82cfe2bb032dbb1cb3314060205e50f6e17def8422801427f3e7d51861f69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39324
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
70 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e8744bd4e3429d16f75208c81969c0591d49a20474830eb6066ac4f32129b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71806
x-xss-protection: 0
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 58ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 25939
x-xss-protection: 0
pragma: public
x-fb-debug: nz6oPqlAZ4Tr7SP1jM0LI40pJqxp9B7pKk+qDWYHc6gW/Y9+wDetXTzY3UTRnPxcJCwctXLNp/k/dBwRHcjyoQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 30 Jun 2022 18:21:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2888537.js Show response
static.hotjar.com/c/ 4 KB
2 KB 79ms
20ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

aee4f6816bc31b0a811a050fad2fe5431d63426e4a17b4eaa8225b57cae9bd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:20:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=900; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/f9369b197f25ececa05785f68571a418
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: z_ItV9oZg4qazpn_fxLB9MTfxJwpPwyYs18N7UUaFpVqMjlPRydyCw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 156 KB
58 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658085178

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8322a3d29f3a9a55ed10dd121096fc5d021e0144123c4413f8c7f84a0d0acd9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59044
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 97ms
20ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 30 Jun 2022 18:21:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=77438
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 105ms
44ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 89A7326967CF40F5872C105094CFCF59 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:36Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Thu, 30 Jun 2022 18:21:35 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 / Show response
ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/ 480 B
709 B 199ms
131ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fde59922d2fd5a7bf17be29e2f0d7e3e23910d4440adc40657df6fe8eb16d9e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/2617e7e791c425aeb97efbd51bde8407-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: none
x-amz-apigw-id: UjFzmHDjjoEFpGw=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
449 B 80ms
26ms XHR
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43911805-1&cid=1734763269.1656613296&jid=527666912&gjid=1429485711&_gid=1856631621.1656613296&_u=IGBAgEABQAAAAE~&z=510128040

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yenekainc.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 30 Jun 2022 18:21:36 GMT
content-type: text/plain
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
20ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=234046216&t=pageview&_s=1&dl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&ul=en-us&de=UTF-8&dt=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABQ~&jid=527666912&gjid=1429485711&cid=1734763269.1656613296&tid=UA-43911805-1&_gid=1856631621.1656613296&z=500705170

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 04:03:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 51477
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 83ms
32ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658085178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 18:21:36 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
354 B 96ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GS2WP6TV7Y&gtm=2oe6t0&_p=234046216&_z=ccd.v9B&_gaz=1&cid=1734763269.1656613296&ul=en-us&sr=1600x1200&_s=1&sid=1656613296&sct=1&seg=0&dl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&dt=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 27ms
27ms Ping
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GS2WP6TV7Y&cid=1734763269.1656613296&gtm=2oe6t0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 91ms
43ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GS2WP6TV7Y&cid=1734763269.1656613296&gtm=2oe6t0&aip=1&z=1188523750

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 763472054393761 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 104ms
81ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/763472054393761?v=2.9.64&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3b1393fd2d1acec63586c1351c620a1a46e74c93cb8ce620c1cd34d5473bc3ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: v4ypOU1Iod7WulZI3Fkgzb+AN6EHfM3FB5x8TaIePCLKq4V/hChyzr3ETwrW/LJgWm/UH3uzPQ8/+gjhS0uXRQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 30 Jun 2022 18:21:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1656613296514
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.808591b6f22469c04dca.js Show response
script.hotjar.com/ 243 KB
63 KB 82ms
24ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.808591b6f22469c04dca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 14:49:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12749
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=900; includeSubDomains
content-length: 64129
access-control-allow-origin: *
last-modified: Thu, 30 Jun 2022 14:48:22 GMT
etag: "bad13d85a356bdf283d8d6c9dac34800"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bb3ac1595bb014e3b09608a0358d33da.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: lPPh97N02iscLIszYuEFESDElHzQr-r5z5fO6rNJumkEFTDV0gBpsg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1656613296432%26url%3Dhttps%253A%252F%252Fyenekainc.betterworld....
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true&e_ipv6=AQL_ee2_RkG4aQAAAYG12NweX4Z9lWzIe8oYGv...

0
263 B

462ms
195ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true&e_ipv6=AQL_ee2_RkG4aQAAAYG12NweX4Z9lWzIe8oYGvK78ZD1B-Q_lOTGFRY_ZO6vjbcsNfurK-0dtF7p
Requested by: Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 99AEA064024C447C8B83153044969A64 Ref B: FRAEDGE1213 Ref C: 2022-06-30T18:21:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXirlci5X8xqDPg8TES/A==
x-li-fabric: prod-lor1

Redirect headers

date: Thu, 30 Jun 2022 18:21:36 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: FE2F12A720204862954A1CC0DF671321 Ref B: VIEEDGE2105 Ref C: 2022-06-30T18:21:37Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1656613296432&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&liSync=true&e_ipv6=AQL_ee2_RkG4aQAAAYG12NweX4Z9lWzIe8oYGvK78ZD1B-Q_lOTGFRY_ZO6vjbcsNfurK-0dtF7p
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXirlcbqbEi4iRCv59Afw==

GET
H2 200 56384066.js Show response
bat.bing.com/p/action/ 219 B
493 B 365ms
365ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384066.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

dded384242e4090c76ad8a8afb117bfd1727bc92e690c9852013b80814115c28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91DA07156C654BD9B261D020E7CAAB22 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:36Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 30 Jun 2022 18:21:36 GMT
content-length: 301

GET
H2 200 137001031.js Show response
bat.bing.com/p/action/ 220 B
433 B 445ms
445ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137001031.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

dd805b1fdc5a32a09fdb1712170164efbda79aac17d24eb443373fb4f54cd737

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 24DE4BD716C34C04A7F25BDD72566F10 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:36Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Thu, 30 Jun 2022 18:21:36 GMT
content-length: 301

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 97ms
52ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=1734763269.1656613296&jid=527666912&_u=IGBAgEABQAAAAE~&z=885345791

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 61ms
45ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=1734763269.1656613296&jid=527666912&_u=IGBAgEABQAAAAE~&z=885345791

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/ 2 KB
2 KB 95ms
32ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/?random=1656613296476&cv=9&fst=1656613296476&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&tiba=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7eb8fec7de66fd638aa565446590e08140d1ad4b66487305d5ef1a5468007a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1096
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 61ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=PageView&dl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&rl=&if=false&ts=1656613296598&sw=1600&sh=1200&v=2.9.64&r=stable&ec=0&o=30&fbp=fb.1.1656613296597.2078394893&it=1656613296421&coo=false&exp=p1&rqm=GET

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 30 Jun 2022 18:21:36 GMT

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Referer
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/13854182/publications/115659/ 42 KB
27 KB 458ms
406ms Stylesheet
text/css 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/13854182/publications/115659/woff2.css
Requested by: Host: use.fonticons.com
URL: https://use.fonticons.com/13854182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 17:18:17 GMT
etag: "d318f50ab6db8e3094db9a3f99338920"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1656613296.cds236.fr8.hn,1656613296.cds230.fr8.sc,1656613297.cds230.fr8.pr
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27423

GET
H3 200 /
www.google.com/pagead/1p-user-list/658085178/ 42 B
64 B 32ms
32ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658085178/?random=1656613296476&cv=9&fst=1656612000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&tiba=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=3676028914&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/658085178/ 42 B
64 B 72ms
32ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658085178/?random=1656613296476&cv=9&fst=1656612000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa6t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&tiba=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=3676028914&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yenekainc.betterworld.org/
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 17:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 17:52:18 GMT

GET
H2 200 m-outer-6262077c14f753400d607dc30e70f1af.html Show response
js.stripe.com/v3/ Frame 8B9A 240 B
548 B 27ms
27ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 847926
cache-control: max-age=31536000
content-encoding: br
content-length: 139
content-security-policy: default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:21:36 GMT
etag: "6262077c14f753400d607dc30e70f1af"
last-modified: Fri, 10 Jun 2022 18:43:47 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 415102
x-content-type-options: nosniff
x-request-id: 089b8cce-1b87-4bf5-80e0-f26474755e7c
x-served-by: cache-hhn4046-HHN

GET
H2 204 0
bat.bing.com/action/ 0
121 B 104ms
103ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384066&Ver=2&mid=2ce3d71e-4679-463f-b9ad-477f13777110&sid=7a46d800f8a111eca38a35501cf58ff8&vid=7a46bd30f8a111ec9c5c411ac366c624&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka,%20Inc.%20%7C%20BetterWorld&p=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&r=&lt=1084&evt=pageLoad&msclkid=N&sv=1&rn=269900

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EDB6F9EE59244E658B4FE4ABDBE2AE09 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:36Z
date: Thu, 30 Jun 2022 18:21:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 42ms
42ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137001031&Ver=2&mid=d2037cd1-6f6d-47d5-98b2-3c3a24bf9abf&sid=7a46d800f8a111eca38a35501cf58ff8&vid=7a46bd30f8a111ec9c5c411ac366c624&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka,%20Inc.%20%7C%20BetterWorld&p=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&r=&lt=1084&evt=pageLoad&msclkid=N&sv=1&rn=312637

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 31C1BF48A78C4182B9192CAF701DACB4 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:36Z
date: Thu, 30 Jun 2022 18:21:35 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 88ms
36ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
via: 1.1 9349b115ae66d16aae68deb9bb5eebc2.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 135
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10317/bundles/project.js&cfRay=7238e8e23b7d924f-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 28 Jun 2022 08:24:15 UTC
server: cloudflare
etag: W/"ec888afa280a584d80fa2e4a6e695475"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MC1MujafCIKhor0u_m.Zxaddp4B8ErnC
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7238ec307f5fbb65-FRA
x-amz-cf-id: tRB2YJWfpuAi3YaimQWRna0792e6YCUaYiryqu47Bo_eU2PEUyT2Lg==
x-hs-target-asset: conversations-embed/static-1.10317/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 88ms
44ms Script
application/javascript 2606:4700::6811:74b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:74b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
via: 1.1 ea3bfccd683c652cb849f6ec1b5606a4.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 107
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.287/bundles/pixels-release.js&cfRay=7238e9904a2d7a3a-FRA
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 30 Jun 2022 02:09:15 UTC
server: cloudflare
etag: W/"1b16fc147ec853ab9d82a3c0efe75b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dONne1FcPXm8F7qFk63xAz5e_hNw5LhN
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7238ec307d246931-FRA
x-amz-cf-id: PCE_NwnG0_PwK3b3IuM44iWm6WF3aShpw6e6GFzqednDbaCncFxgdQ==
x-hs-target-asset: adsscriptloaderstatic/static-1.287/bundles/pixels-release.js

GET
H2 200 7187435.js Show response
js.hs-banner.com/ 59 KB
16 KB 450ms
407ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7187435.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: FAFGAD1JST45BTNH
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 3eDQ5EgpugYjBg0HgWBmy9QlcciVbLjURQg9vHrODzQK3tY4eKkBUkpOUp1D6QvycORpd2JhWYs=
timing-allow-origin: *
last-modified: Fri, 03 Jun 2022 14:15:35 GMT
server: cloudflare
etag: W/"49f925a07c505ba01f1f8180c44e0d6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: HPt8KUZgkGtrFDaLP2QypS._hCgwdOY_
access-control-allow-origin: https://betterworld.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 7238ec307b8b5ca4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Thu, 30 Jun 2022 18:26:37 GMT

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 28 KB
10 KB 93ms
39ms Script
application/javascript 2606:4700::6811:70a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76

Request headers

Referer: https://yenekainc.betterworld.org/
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
via: 1.1 0501dadffc52b06a0cf6aadc57586acc.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 44
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js&cfRay=7238eb1c2a5e9b39-IAD
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 03:24:27 UTC
server: cloudflare
etag: W/"19b25ddc87359648ff4cdc439eebaba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: F9QmPMFhhfHpkU3M8pfRSsRzzlgUp21d
access-control-allow-origin: *
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 7238ec307e4c5b44-FRA
x-amz-cf-id: r4twHV0MehwFI7YHFT_AanP8B7hyoSAlpNdPKvO2x8ynskz8i-LnoA==
x-hs-target-asset: feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js

GET
H2 200 7187435.js Show response
js.hs-analytics.net/analytics/1656613200000/ 62 KB
20 KB 211ms
168ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1656613200000/7187435.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 207Y0B77WN0AX6N0
x-amz-server-side-encryption: AES256
cf-ray: 7238ec307ca96987-FRA
x-amz-id-2: w3mfoiaHeveCYpTrpyQcNdRoC6EyFtiJZLVED3UUmfCeU3rNfTxe9uaagKE6GG9lL7RUUGYPyHo=
last-modified: Tue, 14 Jun 2022 15:42:52 GMT
server: cloudflare
etag: W/"902cb3d6c08caa88250ea1dfc2805ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Thu, 30 Jun 2022 18:26:36 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 78ms
21ms Script
application/javascript 108.138.17.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-124.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 3166563
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 57ba1933a852bdb178dbe4a1e2e3a5fa.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: FOiyL1diLommjrEiVHbrKILojJG6CuEPyrwrQ2qsxdMiMFi-sFyFtg==

POST
H2 200 csp-report
q.stripe.com/ Frame 8B9A 0
570 B 573ms
185ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8B9A 1 KB
826 B 19ms
19ms Script
application/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-6262077c14f753400d607dc30e70f1af.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 54
x-cache: HIT
content-length: 670
etag: "77711798ecf99b8bb8207cf88a10d73c"
x-request-id: 65e3c7f6-0379-4176-90a9-d6f8ba747762
x-served-by: cache-hhn4046-HHN
access-control-allow-origin: *
last-modified: Fri, 10 Jun 2022 18:43:57 GMT
server: Fastly
date: Thu, 30 Jun 2022 18:21:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 65

GET
H2 200 box-63c3a81830bf549dafe40b369003f751.html Show response
vars.hotjar.com/ Frame BCFC 2 KB
1 KB 70ms
21ms Document
text/html 18.66.139.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.84 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-84.fra60.r.cloudfront.net

Software

Resource Hash

f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=900; includeSubDomains

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 13909
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 14:29:47 GMT
etag: "e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified: Thu, 30 Jun 2022 11:47:19 GMT
strict-transport-security: max-age=900; includeSubDomains
vary: Accept-Encoding
via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
x-amz-cf-id: s1zsie5GN1raFFzFG_Hjd5WuinfDOYiRbkEMTJ1SGZMf-37AWkF8Yg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 inner.html Show response
m.stripe.network/ Frame CD1B 930 B
1 KB 37ms
19ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-1de4e7d28801c4ac0e66bebcee7d3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 177
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:21:36 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 217
x-content-type-options: nosniff
x-request-id: 158a938e-f1b8-44b9-a51a-b0a5dc724d53
x-served-by: cache-hhn4046-HHN
x-timer: S1656613297.731655,VS0,VE0

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 7901 43 KB
22 KB 42ms
42ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=qjyb4yeaeqk3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

deca253d5693087dcc7eeb346b8f24f7c2671148a5c2d687b277d9d441066539

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-54MATDhUQlMXiZ9FIhTi2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22845
content-security-policy: script-src 'report-sample' 'nonce-54MATDhUQlMXiZ9FIhTi2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 18:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame BCCA 42 KB
22 KB 51ms
50ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=993hlohju8wr

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f96136dc9bb5e7f54c7d806ca3888c38fd468a816ac10fd9a9716d75325766e1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1ut7Afdgsm4GbC9HUa5pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22553
content-security-policy: script-src 'report-sample' 'nonce-1ut7Afdgsm4GbC9HUa5pxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 18:21:36 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 csp-report
q.stripe.com/ Frame CD1B 0
345 B 450ms
184ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame CD1B 86 KB
16 KB 22ms
21ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 273
x-cache: HIT
content-length: 16031
x-request-id: 8fab607d-1935-41ea-ad41-637b74d46dc3
x-served-by: cache-hhn4046-HHN
server: Fastly
x-timer: S1656613297.837191,VS0,VE0
date: Thu, 30 Jun 2022 18:21:36 GMT
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 303

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 282 B
1 KB 160ms
136ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7187435&conversations-embed=static-1.10317&mobile=false&messagesUtk=f22b565f5da44e3b98db7e4c0bbe5eaf&traceId=f22b565f5da44e3b98db7e4c0bbe5eaf

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b29394bbba503059151761d44ab1c11a60803a3f8e936eeb398c327e5422350a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://yenekainc.betterworld.org/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://yenekainc.betterworld.org/donate-an-item

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2d39ea02-e43e-4d19-9075-10db79ea6edb
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 224
server: cloudflare
x-trace: 2B09ACE133AE66B792E45D1EAF327B41805EBB1891000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6wFrbDajFa98j%2FPARgdh9D%2B1ST835emBMPJRechkIUN5pJ4saenTtYw%2Bi%2FXMYCrDOZAAPQJULABpcmZVLmf745km5pfZDLv6aEQdTanIlo1qicaz1%2F1REKskov8YgVokjyTLfaeE%2F6CPb7DEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 7238ec32cb835b86-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 198ms
158ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://yenekainc.betterworld.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://yenekainc.betterworld.org
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7238ec319d985b4a-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 30 Jun 2022 18:21:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqrTb%2Fzcf%2FN7iTQUWEkk%2Bkh59%2FMfBLlYRqrvFNuS0M%2F3jnPcONEUjlWrTPeuVCynOH1fsIuhxxkfc8mhntb9nPdKSfR4JkHOtqkZVorYmGyugK806Knb93KQT355J23dst8g%2FRfjHnCNNCd37w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 351e1b2c-317e-438b-bbf0-91211b1b81fd
x-trace: 2B35CDC8926D8D4AE492C628D13734A1902BC6E461000000000000000000

GET
H2 200 56384066 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 229ms
111ms Script
application/x-javascript 2620:1ec:27::cafe:2057
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56384066
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56384066.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2057 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 8f6752212958a690c384a6724b9ea9c7357c59f1bafc0c689be37c7110e76e87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
x-powered-by: ASP.NET
x-azure-ref: 0sOm9YgAAAABvLWaflG1cTbGjGZons/2yRFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
content-length: 1542
expires: -1

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 7901 51 KB
24 KB 76ms
34ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=qjyb4yeaeqk3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 18:08:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 7901 366 KB
145 KB 94ms
53ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 17:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 17:52:18 GMT

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2888537/ 147 B
323 B 135ms
46ms XHR
application/json 52.215.128.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2888537/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.808591b6f22469c04dca.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.128.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-128-203.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23

Request headers

Referer: https://yenekainc.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame BCCA 51 KB
24 KB 53ms
29ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=993hlohju8wr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 18:08:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame BCCA 366 KB
145 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 17:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 17:52:18 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame CD1B 156 B
523 B 774ms
187ms XHR
application/json 35.85.176.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.176.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-176-117.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

a6def636dd68d237ebe836ade16930c2fe7ef2df1ddf79041c10936cfada412a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 137001031 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 111ms
111ms Script
application/x-javascript 2620:1ec:27::cafe:2057
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137001031
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137001031.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2057 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 4732baa6dd8da0dd1381e9186e1608d28032d8dd1ae542a9c36c7cea4f7ccbd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
x-powered-by: ASP.NET
x-azure-ref: 0sOm9YgAAAABsW1DPYk7kTKL5/7H1g3t1RFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
content-length: 1543
expires: -1

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 7901 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 170509
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 05 Jul 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7901 15 KB
16 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 177296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Jun 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7901 15 KB
15 KB 72ms
24ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 207180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Jun 2023 08:48:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame BCCA 102 B
132 B 30ms
29ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=993hlohju8wr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 30 Jun 2022 18:21:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 7901 102 B
132 B 37ms
37ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly95ZW5la2FpbmMuYmV0dGVyd29ybGQub3JnOjQ0Mw..&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=qjyb4yeaeqk3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Thu, 30 Jun 2022 18:21:37 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8

Request headers

Referer
Origin: https://yenekainc.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 42ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=Microdata&dl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&rl=&if=false&ts=1656613297153&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item%22%2C%22og%3Aimage%22%3A%22%2Fimages%2Flogos%2Fdefault-org-logo.png%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22BetterWorld%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.64&r=stable&ec=1&o=30&fbp=fb.1.1656613296597.2078394893&it=1656613296421&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: yenekainc.betterworld.org
URL: https://yenekainc.betterworld.org/donate-an-item

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 30 Jun 2022 18:21:37 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame DF6F 7 KB
1 KB 36ms
36ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6713824d406702826984b57f06c2942d6ecda32bc56d81ce1996d758f9e88df4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HFsXqBbLOc4tFrRM9JD3mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-HFsXqBbLOc4tFrRM9JD3mw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 30 Jun 2022 18:21:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.34/ 53 KB
23 KB 109ms
109ms Script
application/javascript 2620:1ec:27::cafe:2057
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56384066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2057 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:36 GMT
content-encoding: br
etag: "1d88bc3d8d26054"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0sem9YgAAAACnL8ccReEZS6l9rKJrdsZwRFVTMzBFREdFMDYxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
content-length: 23150
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame DF6F 51 KB
24 KB 19ms
19ms Stylesheet
text/css 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 18:08:50 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame DF6F 366 KB
145 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 17:52:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 30 Jun 2023 17:52:18 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
183 B 444ms
215ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://yenekainc.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://yenekainc.betterworld.org
date: Thu, 30 Jun 2022 18:21:37 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 utils.js Show response
yenekainc.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/ 239 KB
55 KB 220ms
220ms Script
application/javascript 34.204.216.125
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://yenekainc.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/utils.js
Requested by: Host: cdn1.betterworld.org
URL: https://cdn1.betterworld.org/js/e4d5f0d/a5f2c5fda8f5f580403ef1345128c086.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.204.216.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-204-216-125.compute-1.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash: acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/donate-an-item
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: gzip
last-modified: Wed, 15 Jun 2022 17:28:24 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
etag: "3bdc0-5e17fd9291e00-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 55767
expires: Sat, 30 Jul 2022 18:21:37 GMT

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame 32F2 2 KB
2 KB 90ms
48ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://yenekainc.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11773
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 7238ec374a4d92c5-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html&cfRay=7238ec374a4d92c5&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fyenekainc.betterworld.org%2F&cfenv=prod&pdt=2022-06-30&csp=ro
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:21:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 01 Jul 2022 18:21:37 GMT
last-modified: Mon, 13 Jun 2022 15:03:35 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=7238ec374a4d92c5&resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-id: 08GbFyYKXyA-lC7eLDTGmuUUvgzjcgRwsiyg6Dq6RnbmMrC9dgtD_Q==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-version-id: KoJec5y2hHfKzlvl3QlZcjljSpOheOBf
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.10889/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
967 B 200ms
159ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=7187435&pu=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&t=Donate+an+auction+or+giveaway+item+to+Ye+N%E2%80%99Eka%2C+Inc.+%7C+BetterWorld&cts=1656613297757&vi=6f79e43f56ebe6fed43c315bc41f5cdc&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: ccb0ae06-10c4-430f-bc42-f81f8e736783
cf-ray: 7238ec375c909b2d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q18%2BaHc9TxgpdkMH4niuh1t%2F1SJo0f4M7sCfQzKXgojA9DpzVn7VYWm5BgLTmpisDPk3EASplxStZw%2FNKlP9kRQkKLyH%2FGlkzyjX%2FLwuIsbqdrn8P21ERsyPk1eZl3k%2FxyxbiYXDQSXEOQyqOv%2FM"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&RedC=c.clarity.ms&MXFR=09CB3C739F9167563A672DA09B916913
https://c.clarity.ms/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&MUID=0E236BB5B50C6BF2138B7A66B4676A77

42 B
368 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&MUID=0E236BB5B50C6BF2138B7A66B4676A77
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:37 GMT
last-modified: Fri, 20 May 2022 21:53:17 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "17a28a3946cd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FB7B40A7956947AA9C67561285A4FA75 Ref B: FRAEDGE1520 Ref C: 2022-06-30T18:21:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=511DACE4D97342AEB04F2400E6D711A8&MUID=0E236BB5B50C6BF2138B7A66B4676A77
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
914 B 192ms
146ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7187435

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9c3ad8e6-0851-4538-96b9-54a457ef5cad
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B2A27E0E1D3E4AAA211B67F85876BB4EEF40E564E000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5dhNyyrC7BYkGE7MUGmQLVWz3AtiyR4yDZLHl7OxpHx4gCxTwJVBlFd5Pnbdm9Yo53AH1amq%2FBZkKot9SdBxrI6xTlI3YVWsUKJ2x4IGatd0hxQYoXw5ewW8bzuVBV5iJw8ssg1RH3wlxX5"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://yenekainc.betterworld.org
access-control-allow-credentials: false
cf-ray: 7238ec37596bbbb3-FRA
access-control-allow-headers: *

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.273/ Frame 32F2 289 KB
93 KB 75ms
32ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.273/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
via: 1.1 32e4d419823b7f8df8417a8b18c9602c.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1757725
x-amz-server-side-encryption: AES256
cf-ray: 7238ec37efad9159-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 20:12:51 GMT
server: cloudflare
etag: W/"7f1f4cf071fe807a6e3cb1c0e9606132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB07jgYneVaaOKUi3KEn7WQBmyOzRmCd%2FZrJVaeTksTRab9l25dXR80IGXeUb%2FMlYUR0MnlStQ7YzgiIsG2kJxB6C44eWmXcPGqy9W%2Bvw3r7nwBNbO7syf7wqgT3ImuGFHVLvIwzCB52zCjr7jUQ22oxaFg%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KzPlPnaGfC2KvqH_C2ydD6oOPrLTHXIr
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: JFRpgcTG4DkM5ZT_g7tBpDgw8gZExPNQIprzDQ9gTpbx3nuGd0KhWw==
expires: Fri, 30 Jun 2023 18:21:37 GMT

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/ Frame 32F2 15 KB
7 KB 75ms
33ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 30 Jun 2022 18:21:37 GMT
via: 1.1 03ffca0f67e3596b9a0c92342fe91598.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1479405
x-amz-server-side-encryption: AES256
cf-ray: 7238ec37efae9159-FRA
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 15:03:34 GMT
server: cloudflare
etag: W/"f3eb42ea6bd5f051aac5bd3b724f5cfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mujUCGDz%2Fq3VGEkbpsmQTg5NPO7m8umTRXQBHuL8ismzfBf3Oo9d%2FSbeH53vX5VNpQzSpMSI7yXwOOFTO5RxmLMCdEo5xBJlwTAWcnNTb4aQWw1El2fuNo9SOVVLrRf8j8XwUrHPd4qqZm7Wly0GUhraieQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: psS_L0aIxxJeWsOWmK5GyO04WEHx2efv
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: tYdNq5lDe_Rol-O6xoMzlBfbX9EO8tIR4wtVT5IjPQOwQs-cx8Te2Q==
expires: Fri, 30 Jun 2023 18:21:37 GMT

GET
H3 200 / Show response
api.hubspot.com/cors-preflight-iframe/ Frame AB03 171 B
1 KB 63ms
40ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cors-preflight-iframe/

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 790765
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 7238ec3878839be2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 30 Jun 2022 18:21:38 GMT
etag: W/"e0a6d24f4774b193114cde59bad7a9b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 30 Jun 2023 18:21:38 GMT
last-modified: Tue, 24 May 2022 02:41:18 UTC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwLaFzihpNmSiztglXFhjuT8iCyt5DfG0ch3FjNYcK7iVEV3aqP%2FA8bm3yKYTfc6iSVNuhSl6jerTjHbQ%2FgJgZ0WE5X1p19NQqF2fSClVSX2VKxvupsVN6eNYw4auSoxJzYiRkHzgtXohWspfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: 2QxYMh8ROKAur_1BN93gAXy798e_qEc9HVPhOMpDFrqbZwtB0e5ozA==
x-amz-cf-pop: IAD89-P1
x-amz-meta-ao: {}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: kgyGmBJa1ShZkqHRsjocf1kdkyXvzb6q
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-hs-target-asset: cors-preflight-iframe/static-1.78/html/iframe.html

GET
H3 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame 32F2 36 B
893 B 191ms
167ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=7187435&utk=6f79e43f56ebe6fed43c315bc41f5cdc&bundleVersion=1.10889&currentUrl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&pageUrl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-HS-Referer: https://yenekainc.betterworld.org/donate-an-item

Response headers

x-origin-hublet: na1
date: Thu, 30 Jun 2022 18:21:38 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 5542d0da-6182-41c2-ab73-9011107a5cc1
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
server: cloudflare
x-trace: 2B8DBE27136E8873C0087C673F9AFC5D7071B7FC84000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XT8mqV85KBZSpPyTQmis7PpuIDWr5PbxAgjk%2FokQC8%2F8IEAqLbD9iqwpfsKB3KOqLQNYZjoADULdbMuUxMLf2atLGn8vWKbqLwZFseY0xP25Sni%2BXyr9%2FOnT57c6pscGX%2Bg0wTyrI%2BiaKdDnPHSSisw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 7238ec396e749b31-FRA
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 142ms
133ms Preflight
text/plain 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7238ec386b38bbb3-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Thu, 30 Jun 2022 18:21:38 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kNfaP2jnBaIYn3ocd3BMQVmNfFlmyn%2BnYkmPW9WsLuRa7QcUgSjLzbVPCK%2B9ppnKu1UvjEEa5OLI%2FXOIj2akA5YDHWcNMAi9wYXzHZZG3PP2xLC%2F8o7jDapfJ2%2B7TtxcBao1d6IAzW96qvRHD4I0T2E%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: e61269f1-0377-4f5c-bfac-009188a4c746
x-trace: 2BD1F783CCB6C5075514CAC47C986A0D7058B84C28000000000000000000

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 105ms
105ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus-c/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://yenekainc.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://yenekainc.betterworld.org
date: Thu, 30 Jun 2022 18:21:38 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 65ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GS2WP6TV7Y&gtm=2oe6t0&_p=234046216&_z=ccd.v9B&cid=1734763269.1656613296&ul=en-us&sr=1600x1200&_s=2&sid=1656613296&sct=1&seg=0&dl=https%3A%2F%2Fyenekainc.betterworld.org%2Fdonate-an-item&dt=Donate%20an%20auction%20or%20giveaway%20item%20to%20Ye%20N%E2%80%99Eka%2C%20Inc.%20%7C%20BetterWorld&en=scroll&epn.percent_scrolled=90&_et=16
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://yenekainc.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 30 Jun 2022 18:21:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://yenekainc.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betterworld.org/	1969-12-31 23:59:59	Name: BWSESSID Value: PZgW%2C2rPRK3QdXQuWqNnrrINvbStHsciuyfGs28ZgZl09oszCMh2mcB5Z0bYahtXqxbqwK2rx5pajmxR3HCo3R5zuBH7EznDx7dKsqO2GNIx5-zX7R0WxpjZQq3jy3XE
.betterworld.org/	1970-01-20 06:19:49	Name: _gcl_au Value: 1.1.2102232105.1656613296
.betterworld.org/	1970-01-20 04:11:39	Name: _gid Value: GA1.2.1856631621.1656613296
.betterworld.org/	1970-01-20 04:10:13	Name: _gat Value: 1
.betterworld.org/	1970-01-20 21:41:25	Name: _ga_GS2WP6TV7Y Value: GS1.1.1656613296.1.0.1656613296.60
.betterworld.org/	1970-01-20 21:41:25	Name: _ga Value: GA1.1.1734763269.1656613296
.bing.com/	1970-01-20 13:31:49	Name: MUID Value: 0E236BB5B50C6BF2138B7A66B4676A77
.doubleclick.net/	1970-01-20 04:10:14	Name: test_cookie Value: CheckForPermission
.betterworld.org/	1970-01-20 06:19:49	Name: _fbp Value: fb.1.1656613296597.2078394893
.betterworld.org/	1970-01-20 04:11:39	Name: _uetsid Value: 7a46d800f8a111eca38a35501cf58ff8
.betterworld.org/	1970-01-20 13:31:49	Name: _uetvid Value: 7a46bd30f8a111ec9c5c411ac366c624
.linkedin.com/	1970-01-20 04:53:25	Name: UserMatchHistory Value: AQJfOrtUq0kcJQAAAYG12NoT2HIAbDVPaAX9yymUxbW1AQFAE85Zx7XiBQwLOXkl3QFf6ttxxVoggA
.linkedin.com/	1970-01-20 04:53:25	Name: AnalyticsSyncHistory Value: AQKx9oigEM8AbAAAAYG12NoTo5ubHtY4zQrgVjX3ry_RmD8e8yG4O9-RO1oeKnvR6xbGDCv5VOsc2Mqvpt1xag
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:42:07	Name: bcookie Value: "v=2&87e933b9-b15c-4306-8ef8-de6a85641a04"
.linkedin.com/	1970-01-20 04:11:39	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2327:u=1:x=1:i=1656613296:t=1656699696:v=2:sig=AQHcRgfgq3LIbJqXqzQDKMXX1aAbLtOs"
.betterworld.org/	1970-01-20 12:55:49	Name: _hjSessionUser_2888537 Value: eyJpZCI6ImNhNTMzYTZiLTJlODQtNTMyOS05OGQ2LWFhMTlhYTkzN2RmNiIsImNyZWF0ZWQiOjE2NTY2MTMyOTY1NzgsImV4aXN0aW5nIjpmYWxzZX0=
.betterworld.org/	1970-01-20 04:10:15	Name: _hjFirstSeen Value: 1
yenekainc.betterworld.org/	1970-01-20 04:10:13	Name: _hjIncludedInSessionSample Value: 0
.betterworld.org/	1970-01-20 04:10:15	Name: _hjSession_2888537 Value: eyJpZCI6IjJkZTUyZGEwLTY2OTItNGFlNi04NzM0LTI0NTgzOWFiMTA4NyIsImNyZWF0ZWQiOjE2NTY2MTMyOTY4NTEsImluU2FtcGxlIjpmYWxzZX0=
yenekainc.betterworld.org/	1970-01-20 04:10:13	Name: _hjIncludedInPageviewSample Value: 1
.betterworld.org/	1970-01-20 04:10:15	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 21:42:07	Name: bscookie Value: "v=1&202206301821369d9a7adb-9052-4a7e-8949-0eb3f5398cd6AQGm9EN8XorBhIzdaHr3WSYWrebd6BA7"
.linkedin.com/	1970-01-20 21:40:55	Name: li_gc Value: MTswOzE2NTY2MTMyOTY7MjswMjEDU+L7yC9gjIEgGlmABn6/TeTwNeJDYGLbkzSj1mEiDA==
www.clarity.ms/	1970-01-20 12:55:49	Name: CLID Value: 9c75326313cb4c98be043b86b628a679.20220630.20230630
.betterworld.org/	1970-01-20 12:55:49	Name: _clck Value: z8aknm\|1\|f2r\|0
m.stripe.com/	1970-01-20 21:41:25	Name: m Value: 68c5c3d6-13c7-40e5-a547-b5c7b640726c38c962
.yenekainc.betterworld.org/	1970-01-20 12:55:49	Name: __stripe_mid Value: 63abbccd-2a76-412e-83a9-18d29ff91bcd1ec7dc
.yenekainc.betterworld.org/	1970-01-20 04:10:15	Name: __stripe_sid Value: 0b66316c-ea5f-416a-b423-cdda4a59443c093331
.betterworld.org/	1970-01-20 08:29:25	Name: __hstc Value: 224497285.6f79e43f56ebe6fed43c315bc41f5cdc.1656613297752.1656613297752.1656613297752.1
.betterworld.org/	1970-01-20 08:29:25	Name: hubspotutk Value: 6f79e43f56ebe6fed43c315bc41f5cdc
.betterworld.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.betterworld.org/	1970-01-20 04:10:15	Name: __hssc Value: 224497285.1.1656613297753
.betterworld.org/	1970-01-20 04:11:39	Name: _clsk Value: 19i1zoa\|1656613297853\|1\|1\|h.clarity.ms/collect
.hubspot.com/	1970-01-20 04:10:15	Name: __cf_bm Value: jcjeqV7oGuMuGhxJ0yxF2VnSXm81kocs_6EY0tiNSIM-1656613297-0-ARXgGgv23Wo5AIfILeRwSQTB9Ro3CoRb+ttjBiLboQ/o5Xcr2+mmLk/THt/84A/fuYGCiK77OP4VBFfp11RjVmg=
.c.bing.com/	1970-01-20 13:31:49	Name: SRM_B Value: 0E236BB5B50C6BF2138B7A66B4676A77
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:31:49	Name: MUID Value: 0E236BB5B50C6BF2138B7A66B4676A77
.c.clarity.ms/	1970-01-20 04:10:13	Name: ANONCHK Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
assets.ubembed.com
bat.bing.com
betterworldcollective.s3.amazonaws.com
c.bing.com
c.clarity.ms
cdn0.betterworld.org
cdn1.betterworld.org
cdn2.betterworld.org
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
feedback.hubapi.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.clarity.ms
in.hotjar.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspotfeedback.com
js.stripe.com
js.usemessages.com
m.stripe.com
m.stripe.network
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
use.fonticons.com
use.fortawesome.com
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
yenekainc.betterworld.org
108.138.17.124
13.107.42.14
13.224.189.93
143.204.215.123
143.204.215.62
151.101.64.176
151.101.65.131
151.139.128.11
151.139.128.8
172.217.18.2
18.66.139.84
18.66.97.49
20.234.93.27
2001:4860:4802:34::36
2606:4700:4400::6812:21ab
2606:4700::6811:47b0
2606:4700::6811:70a2
2606:4700::6811:74b0
2606:4700::6811:9d2
2606:4700::6811:cbcc
2606:4700::6811:cccc
2606:4700::6811:d5cc
2606:4700::6811:eccc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:22::14
2620:1ec:27::cafe:2057
2620:1ec:c11::200
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c01::9a
2a02:26f0:3500:16::215:14a3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.204.216.125
35.85.176.117
52.215.128.203
52.216.36.225
52.222.206.51
52.222.236.122
52.224.31.34
54.186.23.98
003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e
098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08
09b1eb79661c24d863b56180424505e555e15fd18df6d72fc5718fa21f319bf5
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f796702b5653845e1dc7d0088667da63a5adf0207d8f64ca9ac21c3c2e0424
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8
2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7
29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225
2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
384d5912b1974f290d6692722e2bb42556ee968853dccd73bd5d03ef4999deaf
3af82cfe2bb032dbb1cb3314060205e50f6e17def8422801427f3e7d51861f69
3b1393fd2d1acec63586c1351c620a1a46e74c93cb8ce620c1cd34d5473bc3ab
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4
4732baa6dd8da0dd1381e9186e1608d28032d8dd1ae542a9c36c7cea4f7ccbd1
47696066df8962ecbf49085eeda42c40a8700d1afde00192f8f225a606fe8263
52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1
54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581
5f1e63391856d3352aed3ba6ed5906f1bf38a37330e26da15bd74844a241e80d
62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747
6713824d406702826984b57f06c2942d6ecda32bc56d81ce1996d758f9e88df4
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
7345c8279b9a39db16e8e79dff3d8a9b5f4b449fce41d180fec48c7205eca27d
75573c1c77142ff8a75adfc367d1e14a8a4b29c32424dd7617f76579999e8e83
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1
7eb8fec7de66fd638aa565446590e08140d1ad4b66487305d5ef1a5468007a91
8322a3d29f3a9a55ed10dd121096fc5d021e0144123c4413f8c7f84a0d0acd9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8f6752212958a690c384a6724b9ea9c7357c59f1bafc0c689be37c7110e76e87
90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62
925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f
92f7cb717cbb20bf513cd465f7513f9dd85a46a83e49f17dfcb625c681e83d34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6def636dd68d237ebe836ade16930c2fe7ef2df1ddf79041c10936cfada412a
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2
aee4f6816bc31b0a811a050fad2fe5431d63426e4a17b4eaa8225b57cae9bd1f
afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d
b29394bbba503059151761d44ab1c11a60803a3f8e936eeb398c327e5422350a
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b3fd49e41a0dea8b7c5aaceda51cacc752a63dcd3e7cb89d416e716a3f62b567
c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571
c89528448b1ced80a57e214c88dc003c7201196c33ee3e490c5fea76f6f75738
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e
d0533adc17d0985c012475cc0e29afb8c2e40eecdd5f26da3a09ac4dbd11fafd
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d2e4914ae962acd061798de5379f9e74b461e90543002cf3f284d6a29dcd5f23
d40ff7d5ced4bb683114a6624a40e61d3142c78a175401b9bfbd37531bc8fa4b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dd805b1fdc5a32a09fdb1712170164efbda79aac17d24eb443373fb4f54cd737
dded384242e4090c76ad8a8afb117bfd1727bc92e690c9852013b80814115c28
deca253d5693087dcc7eeb346b8f24f7c2671148a5c2d687b277d9d441066539
e0e8744bd4e3429d16f75208c81969c0591d49a20474830eb6066ac4f32129b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f8bdb531d36caf4bb43071d1be58a2d1b153d3a403f4b8f4e6a919dd46213f47
f96136dc9bb5e7f54c7d806ca3888c38fd468a816ac10fd9a9716d75325766e1
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
fde59922d2fd5a7bf17be29e2f0d7e3e23910d4440adc40657df6fe8eb16d9e1

yenekainc.betterworld.org Open in urlscan Pro 34.204.216.125 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

100 Requests

98 %HTTPS

56 %IPv6

32 Domains

52 Subdomains

48 IPs

4 Countries

2055 kBTransfer

5679 kBSize

40 Cookies

8 Outgoing links

Redirected requests

100 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

yenekainc.betterworld.org Open in urlscan Pro
34.204.216.125 Public Scan

Screenshot
Live screenshot

Full Image

100
Requests

98 %
HTTPS

56 %
IPv6

32
Domains

52
Subdomains

48
IPs

4
Countries

2055 kB
Transfer

5679 kB
Size

40
Cookies

100 HTTP transactions
2 data transactions