urlscan.io logo urlscan.io
SecurityTrails logo

better.org Open in urlscan Pro
141.193.213.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.techsupport.org/
Effective URL: https://better.org/
Submission: On April 18 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 141.193.213.10, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is better.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 2nd 2022. Valid for: a year.
This is the only time better.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 12 141.193.213.10 209242 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
23 5
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.techsupport.org
12    141.193.213.10 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
better.org
4    2a02:26f0:3500:7::17d8:4dca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a02:26f0:3500:7::17d8:4dcb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
12 better.org
better.org
62 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 510
p.typekit.net — Cisco Umbrella Rank: 625
107 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 4
40 KB
3 gstatic.com
www.gstatic.com
309 KB
1 techsupport.org
www.techsupport.org
522 B
23 5
Domain Requested by
12 better.org 1 redirects better.org
4 www.google.com better.org
www.gstatic.com
www.google.com
4 use.typekit.net better.org
use.typekit.net
3 www.gstatic.com www.google.com
1 p.typekit.net use.typekit.net
1 www.techsupport.org 1 redirects
23 6
Subject Issuer Validity Valid
better.org
Cloudflare Inc ECC CA-3		 2022-03-02 -
2023-03-01		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-07 -
2023-04-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://better.org/
Frame ID: 22E5F27BB29EF24BC01391E9C7CB0468
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
Frame ID: 8BA5659FDF5D8BAF3A74B58B14763F85
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Better.org

Page URL History Show full URLs

  1. https://www.techsupport.org/ HTTP 301
    http://better.org/ HTTP 301
    https://better.org/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

23
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

517 kB
Transfer

1185 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.techsupport.org/ HTTP 301
    http://better.org/ HTTP 301
    https://better.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
better.org/
Redirect Chain
  • https://www.techsupport.org/
  • http://better.org/
  • https://better.org/
25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
fb0e0ac37b34ffb4e503a5c1e2f7aaa942c3a2bff16e3f2537e6e1f7361c2502

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=600, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
6fe029c43bd49b9b-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Apr 2022 20:31:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://better.org/wp-json/>; rel="https://api.w.org/" <https://better.org/wp-json/wp/v2/pages/86>; rel="alternate"; type="application/json" <https://better.org/>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BVYsZD37%2B2vhVMrlk1PcejUzyXzsnpe4ns9p2FtVwy6dBaZzHPhMmyvW9RsiaHdCRFN2h3FEhpm5oO0kud08s2n1uCRccJTKEk5o8Cw1bQx0Y1WBQtcYGpn%2Bf%2FA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
x-cache
HIT: 23
x-cache-group
normal
x-cacheable
SHORT
x-powered-by
WP Engine

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
6fe029c2794e9b2e-FRA
Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Mon, 18 Apr 2022 20:31:17 GMT
Location
https://better.org/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7DW0aHg6RgRsLwMt81dFB98A%2FbQhKiJNqlFZnNLYdy7UZWdhAv%2BCQDJvSTF%2FJagQAKvo8JQyTfI1JqXpE%2BYXBi%2BeO4Kq4aFc8YwQG9k37P4bQH2%2BzW35I1KJNc%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.min.css
better.org/wp-includes/css/dist/block-library/ 		81 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: better.org
URL: https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 17 Feb 2022 19:42:26 GMT
server
cloudflare
etag
W/"620ea522-145a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyBAmAeIOitu7X7bnyksOZb8tWNO4RgLOc5IONnKvOlIBZmAIg2tiiM7aouRkVekP8qW5qsdmMokpfp5dywxOhD16fCOhPowau8N3D0rTXo%2F%2BhrJt%2B6Wb9lD3NA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fe029c79ae89b9b-FRA
styles.css
better.org/wp-content/plugins/contact-form-7/includes/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
Requested by
Host: better.org
URL: https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Mar 2022 14:25:41 GMT
server
cloudflare
etag
W/"621f7e65-aab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aUZppAjHTv3Nxx85weBUC5MpiIizpiNTDwjlY5cboD5OWZEq8HqhYchsXCNruuPcUWC3yAwsaWT6XuCeP1CWJrdkw7O1gtsTePi96yz6EhMjPPryNZKo6MfOofs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fe029c79aeb9b9b-FRA
style.css
better.org/wp-content/themes/betterplace/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-content/themes/betterplace/style.css?ver=1.0.3
Requested by
Host: better.org
URL: https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
309d0d670ef5361211529d7c91c522c2aadf427da8489108b001679a1b16871c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23975
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 02 Mar 2022 18:37:47 GMT
server
cloudflare
etag
W/"621fb97b-55ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNmX%2B%2FmiSIJeBBPI2fx4HPX8tnsyB7Xfh3ipWrSs97cQZC38cowzaHpXSEa6rL%2Fmz9iOn5oc7Lcbzv7Rie51rkcAQv7mtTeJL6Cvosz633EcLbRcddwr1NCORFQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6fe029c79aec9b9b-FRA
wwa6ooa.css
use.typekit.net/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/wwa6ooa.css
Requested by
Host: better.org
URL: https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5da188f47b68cf58b91860ca95108f6ea9090368f6f5915c0ea4eec54c98c2c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 18 Apr 2022 20:31:17 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
812
Better-Logo-Digital.svg
better.org/wp-content/uploads/2021/05/ 		40 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://better.org/wp-content/uploads/2021/05/Better-Logo-Digital.svg
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa7cc7e2c2d849de8c47fdb89ecbeca01ed104c19cb0c014c2640e173eb5026

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 03:02:22 GMT
server
cloudflare
etag
W/"60da8d3e-a1c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=318ROjkvbmv%2Fxtv6U8Swu97u9F0On3%2Fk1TwGW8sZe9Ny3rFGb2nYK%2FYVovwQK0rIJPj0TkkBWC6jhMbls2jHunpriJBoFtCnJQHhSnFdw3pkoTg7HEePPMZ0DXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9ee68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
regenerator-runtime.min.js
better.org/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 16:35:13 GMT
server
cloudflare
etag
W/"61928c41-195e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSVtvNMawZsf46pWg4smQoXck%2B0Zrm%2B%2BA%2FcVynPv%2F%2BQbmbmJAa9mLAuTDZ1EjLQxpJMkmuZmzzeyl%2BJ8%2BEHHpk8S5wcINsJQhhvTMasy9RYxGdxqCQ1rxYyYA5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9e268f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-polyfill.min.js
better.org/wp-includes/js/dist/vendor/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
cloudflare
etag
W/"61925789-4b3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01%2FXLMpsVonveWR2jm1bZrrEJlu4K7q8nsKGLtEr9uPUaUkpYrMgUhlMDaAkLOV20d7IbfavjD8DaOILZedQwjIP80A8qkrKePt7Oh47MWwxwEeo0gAlNtScIac%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9e768f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
index.js
better.org/wp-content/plugins/contact-form-7/includes/js/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Mar 2022 14:25:41 GMT
server
cloudflare
etag
W/"621f7e65-25f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crgSpITRkNaB6qGJuIfrcRZVIu9pWmMcmFE6LXxJzFcpksYolJAWmlPUqkZcssHsejYCn2u4MzrAPe9IT6fk80aKOCGSpQyt%2Fy%2ByIgxZpO1YioMTNnB3ilfpLLk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9e968f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
navigation.js
better.org/wp-content/themes/betterplace/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-content/themes/betterplace/js/navigation.js?ver=1.0.3
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 29 Jun 2021 03:02:23 GMT
server
cloudflare
etag
W/"60da8d3f-ba0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vsozW9P9xdXKeIKPG%2FjFGJrgG57M128y1FluTHrefU4dSktpO3ek5tNy530vvmLomx%2Boanlvp2oKImdAT2k1aI%2Fo0QoHJoYBD1B2545NhI72qa9h2%2BN0wfXDbY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9eb68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
api.js
www.google.com/recaptcha/ 		884 B
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&ver=3.0
Requested by
Host: better.org
URL: https://better.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fc06a68b53cc52ea526059ad706d7b56e0ac7f0003d1db57124db470358edd84
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
585
x-xss-protection
1; mode=block
expires
Mon, 18 Apr 2022 20:31:17 GMT
index.js
better.org/wp-content/plugins/contact-form-7/modules/recaptcha/ 		999 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 02 Mar 2022 14:25:41 GMT
server
cloudflare
etag
W/"621f7e65-3e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGYRAIQN86mwIqAHCqsomNANAdkhAg3eXIKnz8R1cz%2BfXN9dcrxSwg4C1xACU%2B%2FkiK7T%2FJzuwxX3dVZklgVC5hhuAUoRYmZWrRdkkLQDp84ZS3fEnaINd%2BIPwYU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9ec68f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
wp-emoji-release.min.js
better.org/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://better.org/wp-includes/js/wp-emoji-release.min.js?ver=5.9.2
Requested by
Host: better.org
URL: https://better.org/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
141.193.213.10 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://better.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 22:15:12 GMT
server
cloudflare
etag
W/"60bfebf0-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqdRXcP1uTuk9BKgVuUQnSv8ZDOEUQMYgWw9Lfy5zEyA9NnnTFK8NNvzBLRGc6E468xODCJYR9sNNJHvA4hfCmpTy0oCn8hk7KiKdCvLpMmTKRs4yOKKdeHO33U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6fe029c7b9f068f2-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
p.css
p.typekit.net/ 		5 B
181 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=wwa6ooa&ht=tk&f=39516.39517.39518.39519.39520.39523&a=82889888&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wwa6ooa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dcb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
last-modified
Sat, 16 Oct 2021 08:18:43 GMT
server
nginx
etag
"616a8ae3-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
l
use.typekit.net/af/d7f1e9/00000000000000007735bb2a/30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d7f1e9/00000000000000007735bb2a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wwa6ooa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6a89dba092a219383296fc5d6017763b5a2821cc84bb17d814c2b517c01cdad0

Request headers

Referer
https://use.typekit.net/wwa6ooa.css
Origin
https://better.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
server
nginx
etag
"745ae44ca8ec3614bd21fdb40f1ed2d23d46ad2d"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35536
l
use.typekit.net/af/92a736/00000000000000007735bb14/30/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/92a736/00000000000000007735bb14/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wwa6ooa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e64f39e509fcb7ecfef9df42c42514e0f8b05e706108c0b97829449f970e3515

Request headers

Referer
https://use.typekit.net/wwa6ooa.css
Origin
https://better.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
server
nginx
etag
"12f199cc757e537295001d19518257ff45040b53"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
36524
l
use.typekit.net/af/5da8b8/00000000000000007735bb1e/30/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5da8b8/00000000000000007735bb1e/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/wwa6ooa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
35ace384734b49615cecc43a21ac6d04f4290f2c2788a973dd2987347c16b852

Request headers

Referer
https://use.typekit.net/wwa6ooa.css
Origin
https://better.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:17 GMT
server
nginx
etag
"ba262500e96b864c226ac23962800882b737ca60"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34964
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ 		362 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://better.org/
Origin
https://better.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 18:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Apr 2023 18:22:09 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8BA5 		41 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e94d0432f0eb98bb2bd60d25ca442bc6ad131030bf5036ce399c7114a7dff7d5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V+wfih1NooZ42y8hh9J2+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://better.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
21824
content-security-policy
script-src 'report-sample' 'nonce-V+wfih1NooZ42y8hh9J2+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Apr 2022 20:31:18 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
styles__ltr.css
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 8BA5 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 16:43:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24237
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Apr 2023 16:43:16 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/ Frame 8BA5 		362 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 18:22:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
145700
x-xss-protection
0
last-modified
Sun, 10 Apr 2022 22:01:45 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Apr 2023 18:22:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8BA5 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 18 Apr 2022 20:31:18 GMT
reload
www.google.com/recaptcha/api2/ Frame 8BA5 		31 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6pQzWaE1NP-gB4FrqRViKjM-/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
df50d4e5ebbdae88971cd1ae642f2b644b064f77e6a2f5cb8cae8d4b3de3b4b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdbhNoaAAAAAAUA4IgIxP1BMz6CXvnvj-63esRl&co=aHR0cHM6Ly9iZXR0ZXIub3JnOjQ0Mw..&hl=de&v=6pQzWaE1NP-gB4FrqRViKjM-&size=invisible&cb=mt4osa73kwvb
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 18 Apr 2022 20:31:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18112
x-xss-protection
1; mode=block
expires
Mon, 18 Apr 2022 20:31:18 GMT

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| _wpemojiSettings object| runtime object| regeneratorRuntime object| twemoji object| wp function| setImmediate function| clearImmediate object| wpcf7 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| recaptcha object| closure_lm_953295

1 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ALG5ZwyIeu5kvtOdgpO31Tt2XfbNiyZt5kwLN-0aSi-RqeaUeWM5YrGWuMbK0yPZtGCE9hr0bj5g7ucCA7dGc40

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

better.org
p.typekit.net
use.typekit.net
www.google.com
www.gstatic.com
www.techsupport.org
141.193.213.10
2a00:1450:4001:812::2003
2a00:1450:4001:829::2004
2a02:26f0:3500:7::17d8:4dca
2a02:26f0:3500:7::17d8:4dcb
2a06:98c1:3120::7
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
309d0d670ef5361211529d7c91c522c2aadf427da8489108b001679a1b16871c
35ace384734b49615cecc43a21ac6d04f4290f2c2788a973dd2987347c16b852
5da188f47b68cf58b91860ca95108f6ea9090368f6f5915c0ea4eec54c98c2c0
5fa7cc7e2c2d849de8c47fdb89ecbeca01ed104c19cb0c014c2640e173eb5026
60e1017c6585464aa240b13f4074ab5ea100dcbdb72615124ff575bcc891a542
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6a89dba092a219383296fc5d6017763b5a2821cc84bb17d814c2b517c01cdad0
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
b3b3cb90a7ed89725522255170cc8b7a4b98d4f457ba4ebe222101e978d4ba15
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df50d4e5ebbdae88971cd1ae642f2b644b064f77e6a2f5cb8cae8d4b3de3b4b2
e1492d5e8bde0eb89be6de49b447802fa96fb5b253b63a8c3900b85b0528e62b
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e64f39e509fcb7ecfef9df42c42514e0f8b05e706108c0b97829449f970e3515
e94d0432f0eb98bb2bd60d25ca442bc6ad131030bf5036ce399c7114a7dff7d5
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fb0e0ac37b34ffb4e503a5c1e2f7aaa942c3a2bff16e3f2537e6e1f7361c2502
fc06a68b53cc52ea526059ad706d7b56e0ac7f0003d1db57124db470358edd84