art4ukraine.betterworld.org Open in urlscan Pro
3.216.159.37 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Submission: On July 15 via manual (July 15th 2022, 10:20:27 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 31 domains to perform 96 HTTP transactions. The main IP is 3.216.159.37, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is art4ukraine.betterworld.org.
TLS certificate: Issued by Amazon on June 7th 2022. Valid for: a year.

This is the only time art4ukraine.betterworld.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	3.216.159.37 3.216.159.37	14618 (AMAZON-AES) (AMAZON-AES)
17	13.32.121.38 13.32.121.38	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.38 13.225.84.38	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d5cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	52.216.110.19 52.216.110.19	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
1	151.139.128.8 151.139.128.8	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:72a2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:70b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 6	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.131 151.101.1.131	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.139.117 18.66.139.117	16509 (AMAZON-02) (AMAZON-02)
1	18.65.39.90 18.65.39.90	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:27::... 2620:1ec:27::cafe:1501	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
3	20.75.32.255 20.75.32.255	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:7d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
96	43

2 3.216.159.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-159-37.compute-1.amazonaws.com

art4ukraine.betterworld.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 13.32.121.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-38.fra60.r.cloudfront.net

d33u8rw00328s3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-38.fra2.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fonticons.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.110.19 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

betterworldcollective.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.8 (United States)

ASN20446 (STACKPATH-CDN, US)

use.fortawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72a2 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hubspotfeedback.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eccc (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9a55 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:70b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.131 (United States)

ASN54113 (FASTLY, US)

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.139.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-117.fra60.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-90.ams1.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:27::cafe:1501 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.75.32.255 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:7d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

feedback.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cloudfront.net d33u8rw00328s3.cloudfront.net d2wy8f7a9ursnm.cloudfront.net	514 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	683 KB
9	google.com www.google.com — Cisco Umbrella Rank: 17 region1.analytics.google.com — Cisco Umbrella Rank: 5187	47 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 600 b.clarity.ms — Cisco Umbrella Rank: 5893 c.clarity.ms — Cisco Umbrella Rank: 1163	27 KB
6	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 398 c.bing.com — Cisco Umbrella Rank: 235	14 KB
5	hubspot.com api.hubspot.com — Cisco Umbrella Rank: 4892 app.hubspot.com — Cisco Umbrella Rank: 6548 track.hubspot.com — Cisco Umbrella Rank: 2570	6 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 485 www.linkedin.com — Cisco Umbrella Rank: 534 px4.ads.linkedin.com — Cisco Umbrella Rank: 5743	3 KB
3	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 4120 feedback.hubapi.com — Cisco Umbrella Rank: 27355	2 KB
3	google.de www.google.de — Cisco Umbrella Rank: 4915	672 B
3	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 138 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 698 script.hotjar.com — Cisco Umbrella Rank: 1004 vars.hotjar.com — Cisco Umbrella Rank: 1019	67 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 101	201 KB
2	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 7801	100 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	499 B
2	ubembed.com ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 11352	48 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 164	110 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 69	20 KB
2	amazonaws.com betterworldcollective.s3.amazonaws.com	52 KB
2	betterworld.org art4ukraine.betterworld.org	70 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2514	258 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 134	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1437	40 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3882	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2477	20 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2480	16 KB
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5502	21 KB
1	hubspotfeedback.com js.hubspotfeedback.com — Cisco Umbrella Rank: 19401	10 KB
1	fortawesome.com use.fortawesome.com — Cisco Umbrella Rank: 20695	27 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2768	1 KB
1	fonticons.com use.fonticons.com — Cisco Umbrella Rank: 80236	4 KB
96	31

	Domain	Requested by
17	d33u8rw00328s3.cloudfront.net	art4ukraine.betterworld.org
8	www.gstatic.com	www.google.com www.gstatic.com
8	www.google.com	art4ukraine.betterworld.org www.gstatic.com www.google.com
5	bat.bing.com	art4ukraine.betterworld.org bat.bing.com
3	b.clarity.ms	www.clarity.ms
3	www.clarity.ms	bat.bing.com www.clarity.ms
3	api.hubspot.com	js.usemessages.com app.hubspot.com
3	www.google.de	art4ukraine.betterworld.org
3	www.googletagmanager.com	art4ukraine.betterworld.org www.googletagmanager.com
2	feedback.hubapi.com	static.hsappstatic.net
2	static.hsappstatic.net	app.hubspot.com
2	c.clarity.ms	1 redirects
2	fonts.gstatic.com	www.google.com
2	www.facebook.com	art4ukraine.betterworld.org
2	px.ads.linkedin.com	2 redirects
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	art4ukraine.betterworld.org connect.facebook.net
2	www.google-analytics.com	art4ukraine.betterworld.org
2	betterworldcollective.s3.amazonaws.com	d33u8rw00328s3.cloudfront.net
2	art4ukraine.betterworld.org	d33u8rw00328s3.cloudfront.net
1	api.hubapi.com	js.hsadspixel.net
1	c.bing.com	1 redirects
1	track.hubspot.com
1	app.hubspot.com	js.hubspotfeedback.com
1	vc.hotjar.io	script.hotjar.com
1	assets.ubembed.com	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
1	vars.hotjar.com	static.hotjar.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	art4ukraine.betterworld.org
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com	www.googletagmanager.com
1	snap.licdn.com	art4ukraine.betterworld.org
1	static.hotjar.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.usemessages.com	js.hs-scripts.com
1	js.hubspotfeedback.com	js.hs-scripts.com
1	use.fortawesome.com	use.fonticons.com
1	js.hs-scripts.com	art4ukraine.betterworld.org
1	use.fonticons.com	art4ukraine.betterworld.org
1	d2wy8f7a9ursnm.cloudfront.net	art4ukraine.betterworld.org
96	46

This site contains links to these domains. Also see Links.

Domain
betterworld.org
www.facebook.com
twitter.com
api.whatsapp.com
www.barabasilab.com
digitalsilverimaging.com
support.betterworld.org
support-us.betterworld.org
business.betterworld.org
betterworldcandles.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
betterworld.org Amazon	`2022-06-07` - `2023-07-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
use.fonticons.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2021-12-15` - `2022-12-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-23` - `2022-07-22`	3 months	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2022-05-07` - `2023-05-07`	a year	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Frame ID: 091DDF8D0784A8409DAB5FB540D61886
Requests: 76 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jikn5vmn64w1
Frame ID: C3C9F9C0C44B0E1E6C22A4C92EF3BE2E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=o9m8oasd8dbo
Frame ID: A9ABD2A5C0CDFEC159FFA05C2638700E
Requests: 4 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html
Frame ID: 44464C1F41420AA789336C3E3E0B5E7A
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn
Frame ID: 61C4E201A7E4101D7105453C619FFBF8
Requests: 3 HTTP requests in this frame

Frame: https://app.hubspot.com/feedback-web-fetcher
Frame ID: 19AC3D9EAD30AC279C32728EE17C00B6
Requests: 4 HTTP requests in this frame

Frame: https://api.hubspot.com/cors-preflight-iframe/
Frame ID: A73C863427B88818C1D193408896B1FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Art Auction for Ukraine by Art4Ukraine | BetterWorld

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

96
Requests

98 %
HTTPS

63 %
IPv6

31
Domains

46
Subdomains

43
IPs

4
Countries

2147 kB
Transfer

5576 kB
Size

37
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://betterworld.org/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine%3Futm_source%3Dfacebook%26utm_medium%3Dsocial%26utm_campaign%3Dfsm
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine&url=http%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine
Title: Twitter

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=http%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine?utm_source=whatsapp&utm_medium=social&utm_campaign=fsm
Title: WhatsApp

Search URL Search Domain Scan URL

URL: https://www.barabasilab.com/
Title: BarbasiLab

Search URL Search Domain Scan URL

URL: https://digitalsilverimaging.com/
Title: Digital Silver Imaging

Search URL Search Domain Scan URL

URL: https://betterworld.org/request-a-demo/
Title: Get a demo

Search URL Search Domain Scan URL

URL: https://betterworld.org/sign-up/choose-account-type/
Title: Sign up for free

Search URL Search Domain Scan URL

URL: https://betterworld.org/mission/
Title: Mission

Search URL Search Domain Scan URL

URL: https://betterworld.org/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://support-us.betterworld.org/
Title: Support Us

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://support.betterworld.org/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://betterworld.org/crowdfunding/
Title: Crowdfunding

Search URL Search Domain Scan URL

URL: https://betterworld.org/auctions/
Title: Auctions

Search URL Search Domain Scan URL

URL: https://betterworld.org/donations/
Title: Donations

Search URL Search Domain Scan URL

URL: https://betterworld.org/giveaways/
Title: Giveaways

Search URL Search Domain Scan URL

URL: https://betterworld.org/ticketing/
Title: Ticketing

Search URL Search Domain Scan URL

URL: https://betterworld.org/impact-giving/
Title: Impact Giving

Search URL Search Domain Scan URL

URL: https://business.betterworld.org/
Title: BetterWorld for Business

Search URL Search Domain Scan URL

URL: https://betterworldcandles.com/
Title: BetterWorld Candles

Search URL Search Domain Scan URL

URL: https://www.facebook.com/BetterWorldCollective

Search URL Search Domain Scan URL

URL: https://twitter.com/betterworldc

Search URL Search Domain Scan URL

URL: https://www.instagram.com/betterworldcollective/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/better-world-collective

Search URL Search Domain Scan URL

URL: https://betterworld.org/request-password-reset
Title: Forgot your password?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1657923621980%26url%3Dhttps%253A%252F%252Fart4ukraine.betterworld.org%252Fauctions%252Fart-auction-ukraine%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true&e_ipv6=AQIsWnZEpffklgAAAYID8taIgGqxcilqfD4akcP2yNom19pOT1RFIXytVN_Q1N_o5vZlp2v0iLpa5igsUv4VZ8zozngHoQ

Request Chain 89

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&RedC=c.clarity.ms&MXFR=3A377FBF324961C91FB56E5D36496FC9 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&MUID=366202D99C516BAA28C9133B9D836AAF

96 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request art-auction-ukraine Show response
art4ukraine.betterworld.org/auctions/ 121 KB
15 KB 1514ms
1199ms Document
text/html 3.216.159.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.216.159.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-216-159-37.compute-1.amazonaws.com

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips /

Resource Hash

e81bc04c4174016a8e8c6d0e8db71a8929015a2187f528e4655adb61e23989b7

Security Headers

Name	Value
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 22:20:21 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
vary: Accept-Encoding
x-frame-options: deny

GET
H/1.1 200
OK frontend.css
d33u8rw00328s3.cloudfront.net/css/2e42d2b/ 455 KB
156 KB 41ms
7ms Stylesheet
text/css 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/css/2e42d2b/frontend.css
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e11b7c0f7283902167a35e816e7c63a8b7c2c07b97c61fe178d0443f1b4a7e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 20:31:34 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 20:26:10 GMT
Server: AmazonS3
Age: 6528
ETag: "41416441ce835919863d9c4d05a3c67e"
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 159721
X-Amz-Cf-Id: QGm5lVfe26UbiKEkhFd21OlIDoowTGq9yT2dnV8kOiCmeQ2IzL1npA==

GET
H/1.1 200
OK wordmark.svg
d33u8rw00328s3.cloudfront.net/images/brand/ 34 KB
35 KB 47ms
9ms Image
image/svg+xml 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/brand/wordmark.svg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 27 May 2022 03:39:39 GMT
Via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 19:52:58 GMT
Server: AmazonS3
Age: 4300843
ETag: "b90d17a9c7961df823b9f953933a34d4"
X-Cache: Hit from cloudfront
Content-Type: image/svg+xml
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 34884
X-Amz-Cf-Id: j3mhyL5O73jTk0JLvgpctViqT5T0RqLAzDc0cPVqcK0fthsIeIS6vw==

GET
H/1.1 200
OK 269314-62bbc8695e561-e14825a48cdcf796e583.jpg
d33u8rw00328s3.cloudfront.net/user/images/organization/ 3 KB
3 KB 23ms
23ms Image
image/jpeg 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/organization/269314-62bbc8695e561-e14825a48cdcf796e583.jpg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25dba97f654e9112e2c1ae2b155aa751cddde135f9b57fd60d21a95eb174a4c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 06:57:55 GMT
Via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 03:35:06 GMT
Server: AmazonS3
Age: 141747
ETag: "824b1946ad49a30b59bd0036926e903e"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 2977
X-Amz-Cf-Id: MLO-8hB34cOJU8HfCitsKhNSXbkjOBaTi3U5YxXcRYK-JCkWBHAGAg==

GET
H/1.1 200
OK facebook.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 466 B
971 B 12ms
11ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/facebook.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sat, 04 Jun 2022 15:00:54 GMT
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 3568768
ETag: "aa576fca66ec02d2408fc2127fa71913"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 466
X-Amz-Cf-Id: Vc6eg8gLDNo7TEzvQTF5tcJc8P-E4WUz94OUIVpLqI97qdu5k2Fzgg==

GET
H/1.1 200
OK twitter.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 775 B
1 KB 12ms
12ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/twitter.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 30 May 2022 08:47:20 GMT
Via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Fri, 27 May 2022 21:09:07 GMT
Server: AmazonS3
Age: 4023181
ETag: "9413848f672dba3937857243d27399ca"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 775
X-Amz-Cf-Id: zuspGqrRiXiAp0zxxCGnKgYpttCYCVahYN_qXuajmywQwhmVC2wYsQ==

GET
H/1.1 200
OK whatsapp.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 1 KB
2 KB 8ms
8ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/whatsapp.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 15:20:49 GMT
Via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 3481173
ETag: "5abb67522bc243d7c42e833d3cd8cc76"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 1341
X-Amz-Cf-Id: bLoYN132fxoM44X05mk6xPu9NWRr93lylzgKLFvaEW5zHEmHeh8q0w==

GET
H/1.1 200
OK email.png
d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/ 2 KB
2 KB 7ms
6ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/icons/social/tiles/email.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 03 Jun 2022 00:35:13 GMT
Via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 12:48:49 GMT
Server: AmazonS3
Age: 3707109
ETag: "9c324ec5e8ace818bcc74b7f8303004d"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 2000
X-Amz-Cf-Id: NhVMT6r8gEsSlBW-Ae6Nnp9PLMmLnB71BKqS6RPL44w5GJ3RmPYMJQ==

GET
H/1.1 200
OK item-placeholder.png
d33u8rw00328s3.cloudfront.net/images/loading/ 110 B
616 B 8ms
8ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/loading/item-placeholder.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cf66f2335c0346af136def65ad4d2312a217a3548ab675ea25dde8353853032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 06 Jan 2022 07:45:49 GMT
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 05 Jan 2022 15:58:41 GMT
Server: AmazonS3
Age: 16468473
ETag: "ffef7d41b6180625b9ca1c55fdc3f48b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 110
X-Amz-Cf-Id: 09sk49VrJ7ZIGUwD44Jl78-35c5HONUn8J9jVjo3H0VbR9OcbcPtxg==

GET
H/1.1 200
OK bw-white-64.png
d33u8rw00328s3.cloudfront.net/images/brand/ 1 KB
2 KB 8ms
7ms Image
image/png 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/images/brand/bw-white-64.png
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 18 May 2022 13:13:45 GMT
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 17 May 2022 20:32:32 GMT
Server: AmazonS3
Age: 5043997
ETag: "fabc01ec04aadbdf899735f9c36e2021"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 1280
X-Amz-Cf-Id: 99RW5qtqFiExSMYx-qSvNrhNJcijTycGIylSSoKbaGUJESS3CWmMFg==

GET
H/1.1 200
OK jquery.min.gz.js Show response
d33u8rw00328s3.cloudfront.net/js/0/jquery/2.0.3/ 82 KB
29 KB 21ms
7ms Script
application/x-javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/0/jquery/2.0.3/jquery.min.gz.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 19 May 2022 07:10:33 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2015 18:18:38 GMT
Server: AmazonS3
Age: 4979389
ETag: "2dddd0d496fe5c68ba77b0bca5cbeeb9"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 29148
X-Amz-Cf-Id: CLzNeJ7YyTtFQ3w755zm3Lt3jt1IL3srVMKb3kscvfUiI3tV80BpIQ==

GET
H/1.1 200
OK bootstrap.min.gz.js Show response
d33u8rw00328s3.cloudfront.net/js/0/bootstrap/3.2.0/ 31 KB
9 KB 26ms
9ms Script
application/x-javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/0/bootstrap/3.2.0/bootstrap.min.gz.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Mon, 11 Apr 2022 04:30:17 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Sun, 02 Aug 2015 18:22:58 GMT
Server: AmazonS3
Age: 8272205
ETag: "f251f95e02359d8a7763c422d08a5377"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 8532
X-Amz-Cf-Id: FFRxX3otjOK08iBLdFWiIlI0K1caMmOtCXnB_QtFJaa02Re_ACdBIQ==

GET
H/1.1 200
OK bugsnag-2.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/ 6 KB
3 KB 57ms
7ms Script
application/javascript 13.225.84.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/bugsnag-2.min.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-38.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 03:22:00 GMT
Content-Encoding: gzip
Age: 68302
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2962
Last-Modified: Wed, 10 Aug 2016 00:30:49 GMT
Server: AmazonS3
ETag: "6103bb5e4ec6141e19e1100caafc780c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
X-Amz-Cf-Id: OnBMDhKXis_vXNi_RolCefvxdYFq9ASOt3lSwkFrgeiq90Nq1Ui8NA==

GET
H2 200 13854182.js Show response
use.fonticons.com/ 10 KB
4 KB 109ms
27ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fonticons.com/13854182.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 17:18:17 GMT
etag: "0bfb2071b9c8f025ec6da9fb2ef974c7"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1657923621.cds040.lo4.hn,1657923621.cds268.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60, private, must-revalidate
accept-ranges: bytes
content-length: 3989

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
995 B 52ms
21ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582
x-xss-protection: 1; mode=block
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H2 200 7187435.js Show response
js.hs-scripts.com/ 2 KB
1 KB 186ms
156ms Script
application/javascript 2606:4700::6811:d5cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/7187435.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d5cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff55ad635b29aa9a862a40867283ef7d6b9dea7be0fad19d7d2cca3d72a76ba9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
x-hubspot-correlation-id: e4910b6e-e139-406b-9069-9ab4bc3be01e
last-modified: Fri, 15 Jul 2022 22:20:21 GMT
server: cloudflare
x-trace: 2B8D0370CED07AB8E3A96063E79776E1F8604F68A4000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://art4ukraine.betterworld.org
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 72b5e2899cbccc3e-ZRH
expires: Fri, 15 Jul 2022 22:21:21 GMT

GET
H/1.1 200
OK a5f2c5fda8f5f580403ef1345128c086.js Show response
d33u8rw00328s3.cloudfront.net/js/2e42d2b/ 337 KB
99 KB 25ms
9ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/2e42d2b/a5f2c5fda8f5f580403ef1345128c086.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 226a246979b2323600048379431f6249e2e153e6e3050d1d39ead19bc8a406c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 20:27:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 20:25:16 GMT
Server: AmazonS3
Age: 6767
ETag: "69b86266a225f79a3b6f93f660787564"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 100697
X-Amz-Cf-Id: DyVA0ladb7Dblcz7yD2tCChNJU9LAtQIiRxdzpa9T9MLC3De2KUHrg==

GET
H/1.1 200
OK c52cc747ab83a98fd1ae0525269ce849.js Show response
d33u8rw00328s3.cloudfront.net/js/2e42d2b/ 15 KB
6 KB 26ms
9ms Script
application/javascript 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d33u8rw00328s3.cloudfront.net/js/2e42d2b/c52cc747ab83a98fd1ae0525269ce849.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b193130a7292ebe1fd6b18c73c47fa70acf18b0a615d0e5327d629129a56b1d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 20:31:34 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Fri, 15 Jul 2022 20:25:16 GMT
Server: AmazonS3
Age: 6528
ETag: "b53a9e11a04c3d09b6972d9f8f7d5514"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Cache-Control: max-age=94608000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 5794
X-Amz-Cf-Id: -Q-rdbe6XB33fKn_3GhPgNbIcYHL3fFK-N-P9o3UtejPNZQEcas_9g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
71 KB 51ms
28ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51a3cd5921c82d7061755761de551ab55db9c76daafe2503978ee5ebe271d1a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72075
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H/1.1 200
OK 269314-62bbda1a586bc-421a6f4a028227fb0ac8.jpg
d33u8rw00328s3.cloudfront.net/user/images/auction_slideshow/ 11 KB
11 KB 12ms
12ms Image
image/jpeg 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/auction_slideshow/269314-62bbda1a586bc-421a6f4a028227fb0ac8.jpg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bfddcb9ab1e32b3c618d18de3af45ff397b5e27812b26bede45e52bbed91495a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 07:14:45 GMT
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Wed, 29 Jun 2022 04:50:35 GMT
Server: AmazonS3
Age: 313537
ETag: "d76b9712a065ca35c722a4e8376fdcaf"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 10888
X-Amz-Cf-Id: Ot2vnf84x9VMOoZ7W4cAek53MNlfEHCK3T8d9NnVZEvk9WH_JlcRmw==

GET
H/1.1 200
OK verb-light.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 27 KB
28 KB 473ms
129ms Font
font/woff2 52.216.110.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-light.woff2
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/css/2e42d2b/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f

Request headers

Referer: https://d33u8rw00328s3.cloudfront.net/
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 22:20:22 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:50 GMT
Server: AmazonS3
x-amz-request-id: CX2PJSSA2ZX198HY
ETag: "1182fcf93f71ae6d6427c67b61a18865"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 27960
x-amz-id-2: FtQb+OLlZ/3eYDHg5WSXbMD1foQrbryDT3deiUTUu7Kfo8mCLse8s1NzkQxh51bGdjFFT2EG2YI=

GET
H/1.1 200
OK verb-semibold.woff2
betterworldcollective.s3.amazonaws.com/fonts/verb/ 24 KB
25 KB 487ms
141ms Font
font/woff2 52.216.110.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://betterworldcollective.s3.amazonaws.com/fonts/verb/verb-semibold.woff2
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/css/2e42d2b/frontend.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.110.19 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597

Request headers

Referer: https://d33u8rw00328s3.cloudfront.net/
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 22:20:22 GMT
Last-Modified: Fri, 30 Oct 2020 00:34:11 GMT
Server: AmazonS3
x-amz-request-id: CX2SHK95X5E4ZSNY
ETag: "30c9ed1daa069984ec816e2e481afb16"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET, HEAD
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: max-age=94608000, public
Accept-Ranges: bytes
Content-Length: 24584
x-amz-id-2: sv4lGtnuPirDlsEU/Ml59aE1stIpTqz5+H6gRKIwsEIW0Folbi0CbgGcm2MsCJBAaE6AAmRp2YA=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5053
date: Fri, 15 Jul 2022 20:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 15 Jul 2022 22:56:08 GMT

GET
DATA 200
OK truncated
/ 220 B
220 B Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c

Request headers

Referer
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff2

GET
H2 200 woff2.css
use.fortawesome.com/kits/13854182/publications/115659/ 42 KB
27 KB 75ms
23ms Stylesheet
text/css 151.139.128.8
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fortawesome.com/kits/13854182/publications/115659/woff2.css
Requested by: Host: use.fonticons.com
URL: https://use.fonticons.com/13854182.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.8 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: gzip
last-modified: Tue, 14 Sep 2021 17:18:17 GMT
etag: "d318f50ab6db8e3094db9a3f99338920"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw: 1657923621.cds230.lo4.hn,1657923621.cds282.lo4.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27423

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ 366 KB
145 KB 34ms
10ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://art4ukraine.betterworld.org/
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20730
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 16:34:51 GMT

GET
DATA 200
OK truncated
/ 23 KB
23 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8

Request headers

Referer
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H/1.1 200
OK 269314-62cc4fd7a0f70-ed6a3dbcde0ef33d1ec5-620.jpg
d33u8rw00328s3.cloudfront.net/user/images/item/ 34 KB
35 KB 18ms
17ms Image
image/jpeg 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/item/269314-62cc4fd7a0f70-ed6a3dbcde0ef33d1ec5-620.jpg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2779b247613bec214db655462bff1f974e40b8637ab936aa3ce3fbe665ef6ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 07:17:09 GMT
Via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2022 16:29:13 GMT
Server: AmazonS3
Age: 313393
ETag: "27ca491bd03a479d63990edd3ab6bd28"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 34928
X-Amz-Cf-Id: 60pGhkGl91o_jiBXprV58AtFEmc0XM1jt8mGZbD_SVA03JhWEOqh4Q==

GET
H/1.1 200
OK 269314-62cc506cc5811-b6082a8f63f9e17d5a41-620.jpg
d33u8rw00328s3.cloudfront.net/user/images/item/ 32 KB
32 KB 20ms
19ms Image
image/jpeg 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/item/269314-62cc506cc5811-b6082a8f63f9e17d5a41-620.jpg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32a90e32bd87e538e0313f2d569603d0365100cba3ce5ce251c31c6318fd1234

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 12 Jul 2022 07:17:10 GMT
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 11 Jul 2022 16:31:42 GMT
Server: AmazonS3
Age: 313392
ETag: "d32b024b62c1d524983ad5d5c3cfc9cf"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 32540
X-Amz-Cf-Id: ozvm3-UHteb2bZ5DzM7Htnbte7XirbIn9INZvGl6dpsIGtSftHUtdg==

GET
H2 200 feedbackweb-new.js Show response
js.hubspotfeedback.com/ 28 KB
10 KB 179ms
125ms Script
application/javascript 2606:4700::6811:72a2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hubspotfeedback.com/feedbackweb-new.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:72a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76

Request headers

Referer: https://art4ukraine.betterworld.org/
Origin: https://art4ukraine.betterworld.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
via: 1.1 470d4277236d0557f3e42c6bfe9dac78.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: IAD89-P1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js&cfRay=72b5e28c294a01eb-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-feedback-web-renderer-script-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 13 Jun 2022 03:24:27 UTC
server: cloudflare
etag: W/"19b25ddc87359648ff4cdc439eebaba5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: F9QmPMFhhfHpkU3M8pfRSsRzzlgUp21d
access-control-allow-origin: *
cache-control: max-age=600
x-hs-cache-status: HIT
cf-ray: 72b5e28c294a01eb-ZRH
x-amz-cf-id: bagi-xewZ1vLr_SbSxBPimeEmsQDBG8pV1aAcCMpU7Mr7mFaORvYyA==
x-hs-target-asset: feedback-web-renderer-ui/static-1.10889/bundles/popupInjector.js

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 72 KB
21 KB 79ms
26ms Script
application/javascript 2606:4700::6811:eccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.usemessages.com/conversations-embed.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
via: 1.1 2ca1a2664d288773b443dc5e52a8b5b8.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 118
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10317/bundles/project.js&cfRay=72b5dfa90c55cc46-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 28 Jun 2022 08:24:15 UTC
server: cloudflare
etag: W/"ec888afa280a584d80fa2e4a6e695475"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: MC1MujafCIKhor0u_m.Zxaddp4B8ErnC
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72b5e28c28650219-ZRH
x-amz-cf-id: mVNlrB3FHjE5WzzUaBxrkrdTNSfmoempaxpwW78UaEvaE82V7tvwEg==
x-hs-target-asset: conversations-embed/static-1.10317/bundles/project.js

GET
H2 200 7187435.js Show response
js.hs-banner.com/ 59 KB
16 KB 786ms
734ms Script
text/javascript 2606:4700:4400::ac40:9a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/7187435.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: DYDQMEG16RTYCSTJ
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 9MaDMAx0kn5tIM+2LP7psHpnk0cGZS0/6ANFaWfFCQCx0uZtoAqqj0dmVfxotLskrvxBP2pm/5o=
timing-allow-origin: *
last-modified: Fri, 03 Jun 2022 14:15:35 GMT
server: cloudflare
etag: W/"49f925a07c505ba01f1f8180c44e0d6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: HPt8KUZgkGtrFDaLP2QypS._hCgwdOY_
access-control-allow-origin: https://art4ukraine.betterworld.org
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 72b5e28c2cb001f8-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 15 Jul 2022 22:25:22 GMT

GET
H2 200 7187435.js Show response
js.hs-analytics.net/analytics/1657923600000/ 62 KB
20 KB 206ms
152ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1657923600000/7187435.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: CX2W1WZM8V98FFEN
x-amz-server-side-encryption: AES256
cf-ray: 72b5e28c2c8201f0-ZRH
x-amz-id-2: uqmyeR2VJEBHNIMZkwfFtSvNuA9DGq4vFt6VWVAek1UihnqZBVE7F0uxRnsI69GCX6LLagAactk=
last-modified: Tue, 14 Jun 2022 15:42:52 GMT
server: cloudflare
etag: W/"902cb3d6c08caa88250ea1dfc2805ed5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 15 Jul 2022 22:25:21 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 5 KB
3 KB 79ms
26ms Script
application/javascript 2606:4700::6811:70b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7187435.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:70b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
via: 1.1 d591fee4e3f29cf0e3380368d25b4a40.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 576
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.287/bundles/pixels-release.js&cfRay=72b5d4782fdf0208-IAD
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Thu, 30 Jun 2022 02:09:15 UTC
server: cloudflare
etag: W/"1b16fc147ec853ab9d82a3c0efe75b77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: dONne1FcPXm8F7qFk63xAz5e_hNw5LhN
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-P1
cf-ray: 72b5e28c2f4823df-ZRH
x-amz-cf-id: CnloIMKzFLs0OLGM5fGcIU09tDwuhaeHNZGr4M8VspGqUjNEmxQA6A==
x-hs-target-asset: adsscriptloaderstatic/static-1.287/bundles/pixels-release.js

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 103 KB
40 KB 67ms
22ms Script
application/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-T4QPHS7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d98c745bef6dae24e32c78e5b3403d8a60b2722152915753e00bfb32f70b3e38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40507
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 204 KB
70 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a6102eea2a3ec1a089a967f7ecc00c6d26aba85e48320f81ea1a118403fd444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71882
x-xss-protection: 0
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 32ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26001
x-xss-protection: 0
pragma: public
x-fb-debug: aNlqSRLNbWi5gGbkgKwA47k7+c7O6VynEV+vEgHWLjIJopXmEFeXSKnAjG0pBe8i4MY/P3Rv+WxDDkzKr8iW7Q==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 15 Jul 2022 22:20:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 hotjar-2888537.js Show response
static.hotjar.com/c/ 5 KB
2 KB 77ms
37ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

717662dfb638e9d5b331f126c715672fc33c7176b8b5e60a4aa9f5369ecfeb2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA56-P2
etag: W/53007398e132e071a3fa9577c0000f72
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-amz-cf-id: UOQIrYJtXz3wRxrtifuqN-LNDJafTKXswrQr0GiOXK2XjVb_rfIfwg==
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 164 KB
59 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-658085178

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab7be0eb14b0177b5c9855654dfd55f2d3eac3e0725b0767ed4b8c13cdba1fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60740
x-xss-protection: 0
last-modified: Fri, 15 Jul 2022 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 53ms
14ms Script
application/x-javascript 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 15 Jul 2022 22:20:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 23:25:22 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=17361
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3085

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 73ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 16 Jun 2022 18:22:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2AA92CB319946C1854A57CFCB96318B Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:21Z
etag: "0c8eafcad81d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 15 Jul 2022 22:20:21 GMT
accept-ranges: bytes
content-length: 11360

GET
H2 200 / Show response
ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/ 489 B
623 B 185ms
128ms Script
application/json 151.101.1.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5H6STQZ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f785182c37dd118034ac5891bff03d3fec6ec60d63d8d6609cebafe35a86ec0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/2617e7e791c425aeb97efbd51bde8407-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: VVE18HBljoEFdjg=

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
450 B 78ms
29ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43911805-1&cid=9220728.1657923622&jid=431424282&gjid=453600225&_gid=1674081423.1657923622&_u=IGBAgEABQAAAAE~&z=1409850285

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://art4ukraine.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 15 Jul 2022 22:20:21 GMT
content-type: text/plain
access-control-allow-origin: https://art4ukraine.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
10ms Image
image/gif 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1916040738&t=pageview&_s=1&dl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&ul=en-us&de=UTF-8&dt=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgEABQ~&jid=431424282&gjid=453600225&cid=9220728.1657923622&tid=UA-43911805-1&_gid=1674081423.1657923622&z=455269869

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 10:31:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 42526
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame C3C9 42 KB
22 KB 89ms
48ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jikn5vmn64w1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b8945f50f0f384a5ef2ff4298c8755fcacbd0dc43bd10e86a893729798c53de3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WM5FqYQdKeirCn92ilRkoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://art4ukraine.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22123
content-security-policy: script-src 'report-sample' 'nonce-WM5FqYQdKeirCn92ilRkoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 22:20:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame A9AB 43 KB
22 KB 66ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=o9m8oasd8dbo

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

83f0d301a01d6b05136f265a62ec980d503ea7378357c51e3f4737517859309e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zv424h_r20hzKX9HTJmmJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://art4ukraine.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22649
content-security-policy: script-src 'report-sample' 'nonce-zv424h_r20hzKX9HTJmmJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 22:20:21 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 763472054393761 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 76ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/763472054393761?v=2.9.65&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7e9b8295d65006ea14ff137c218c8b3b72b3354c01e46ec9590d9625d4c492e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: 8lk8nyur7yjz4bMAr84UJiPC3Y0r13mZXQ8fXMCPs1ReYKRP3R+bHwxOCiePiXEMoRDm+ucARdpA1bD2HjcjZw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 15 Jul 2022 22:20:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1657923621928
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 67ms
28ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-658085178

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15163
x-xss-protection: 0
server: cafe
etag: 11137310801552021614
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 15 Jul 2022 22:20:21 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 24ms
24ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=9220728.1657923622&jid=431424282&_u=IGBAgEABQAAAAE~&z=592167896

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 50ms
19ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-43911805-1&cid=9220728.1657923622&jid=431424282&_u=IGBAgEABQAAAAE~&z=592167896

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
355 B 55ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-GS2WP6TV7Y&gtm=2oe7d0&_p=1916040738&_z=ccd.v9B&_gaz=1&cid=9220728.1657923622&ul=en-us&sr=1600x1200&_s=1&sid=1657923621&sct=1&seg=0&dl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&dt=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://art4ukraine.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 67ms
24ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-GS2WP6TV7Y&cid=9220728.1657923622&gtm=2oe7d0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GS2WP6TV7Y&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://art4ukraine.betterworld.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 28ms
20ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-GS2WP6TV7Y&cid=9220728.1657923622&gtm=2oe7d0&aip=1&z=1993022309

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3146785%26time%3D1657923621980%26url%3Dhttps%253A%252F%252Fart4ukraine.betterworl...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true&e_ipv6=AQIsWnZEpffklgAAAYID...

0
263 B

209ms
153ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true&e_ipv6=AQIsWnZEpffklgAAAYID8taIgGqxcilqfD4akcP2yNom19pOT1RFIXytVN_Q1N_o5vZlp2v0iLpa5igsUv4VZ8zozngHoQ
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 450D2060DF1A4EADA28690F1EF019A0B Ref B: FRAEDGE1116 Ref C: 2022-07-15T22:20:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXj32yZnVPtr3zaHN1rpw==
x-li-fabric: prod-ltx1

Redirect headers

date: Fri, 15 Jul 2022 22:20:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 6AF9D99B352144AABBB9B718F521AF0A Ref B: FRAEDGE1114 Ref C: 2022-07-15T22:20:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=3146785&time=1657923621980&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&liSync=true&e_ipv6=AQIsWnZEpffklgAAAYID8taIgGqxcilqfD4akcP2yNom19pOT1RFIXytVN_Q1N_o5vZlp2v0iLpa5igsUv4VZ8zozngHoQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXj32yV1i7ISi/9ywQp0g==

GET
H3 200 public Show response
api.hubspot.com/livechat-public/v1/message/ 298 B
1 KB 181ms
156ms XHR
application/json 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/livechat-public/v1/message/public?portalId=7187435&conversations-embed=static-1.10317&mobile=false&messagesUtk=7dccb3a95320405c86252837f063a028&traceId=7dccb3a95320405c86252837f063a028

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2db3f7acdd11ad35404f34178623fd5dd759998e0a4dfc90955c46644c46b7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://art4ukraine.betterworld.org/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 344cb0cd-4037-4718-a4d7-5f844a29eedc
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 227
server: cloudflare
x-trace: 2BD311245E8DED7FD3053152D7B5EB628C07AE69BD000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTNMSwoEkdIod%2Fwd4W7zASN7iuUtmJqxyWNGypA5V1pFFE%2BmMVStvih3BkRYUJF7y8p0r7VqV5RwxvPlyGxrkql1DeWrfaSXgQKDKqLFWuPbXoB51hxC%2FB5sdXrPts4D%2Ff8PwjrWbie492nZow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://art4ukraine.betterworld.org
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 72b5e28ec8e9cc3e-ZRH
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api.hubspot.com/livechat-public/v1/message/ Frame 0
0 175ms
147ms Preflight
text/plain 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://art4ukraine.betterworld.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://art4ukraine.betterworld.org
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 72b5e28dab020208-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 15 Jul 2022 22:20:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgJ4%2FE6r%2FU3wSuaUwaKqPxbZgUX0Z%2FlrJ3XunPNpaTyd97uudy96C4IPupwt1788uf127EX8fbuBeNcw5nVNJBRtcrWsAElj5x7L5i6tXTFd3cMQXCP80HGkbdkTiA99Ki4tz5E14vdwTBZtLA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 44c7b0ce-3509-481e-82d7-da997576e91e
x-trace: 2B8E70A134D072487769A9349BA096CFD2569CFB78000000000000000000

GET
H2 200 modules.575e0da598e3619bac00.js Show response
script.hotjar.com/ 245 KB
63 KB 33ms
6ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.575e0da598e3619bac00.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

d5f78d77eeffb449e68105d7f5ce8209e7e1e079a50aba03bd9bdd72b6d2b4e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 14:12:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29295
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 64440
access-control-allow-origin: *
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
etag: "f254f3c0a1156c8c956c20699886d859"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 ce765e91525a836efb6bc0a409334a5e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: h5CO7yebJEpIzvRE9rnW3wkHHLN-4RJRPpurCgkK-KNvL2kW5lvW9g==

GET
H2 200 56384066.js Show response
bat.bing.com/p/action/ 828 B
716 B 198ms
197ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56384066.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e5a7649420e53c5f1c7fb0c7d1e32730a3f2734f0a78ac89f4c0930ec1308bab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: BFEF52B75C9C4B099CB1CF9DF18F903A Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:22Z
date: Fri, 15 Jul 2022 22:20:21 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 572

GET
H2 204 0
bat.bing.com/action/ 0
175 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56384066&Ver=2&mid=abe8f3ec-c994-4d08-bbda-0c97b64d81d7&sid=510b6d60048c11edb801ed8b22478ade&vid=510ba620048c11edbeb19734d4c97641&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&p=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&r=&lt=1890&evt=pageLoad&msclkid=N&sv=1&rn=109615

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6E84FC7DC41E42198DD1A431471ECB69 Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:22Z
date: Fri, 15 Jul 2022 22:20:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 137001031.js Show response
bat.bing.com/p/action/ 829 B
765 B 169ms
169ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/137001031.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

6d284e4e1edfc71b22996a7469dec3be7cfd4d9730d31a3e31dc900c70efa23b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 840C2320059740D58E08718691580F45 Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:22Z
x-powered-by: ARR/3.0
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
date: Fri, 15 Jul 2022 22:20:21 GMT
content-length: 573

GET
H2 204 0
bat.bing.com/action/ 0
119 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=137001031&Ver=2&mid=be2941ba-5259-4bb1-b890-9a32542dddad&sid=510b6d60048c11edb801ed8b22478ade&vid=510ba620048c11edbeb19734d4c97641&vids=0&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&p=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&r=&lt=1890&evt=pageLoad&msclkid=N&sv=1&rn=887432

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 943F4EC642294771B8203BC980C118C3 Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:22Z
date: Fri, 15 Jul 2022 22:20:21 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame A9AB 51 KB
24 KB 23ms
8ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=o9m8oasd8dbo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 20:15:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame A9AB 366 KB
145 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 16:34:51 GMT

GET
H/1.1 200
OK 269314-62c2544b6ea84-286c8ef2f122e4c6fada-620.jpg
d33u8rw00328s3.cloudfront.net/user/images/item/ 86 KB
87 KB 27ms
26ms Image
image/jpeg 13.32.121.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d33u8rw00328s3.cloudfront.net/user/images/item/269314-62c2544b6ea84-286c8ef2f122e4c6fada-620.jpg
Requested by: Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-38.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4047f7a186a76eecf23cc640206b05d25b61756bc1bc5195c31261c5ebb223a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 14 Jul 2022 06:58:02 GMT
Via: 1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 02:45:33 GMT
Server: AmazonS3
Age: 141741
ETag: "19965f2d955f5a91d5c8e4a23f743f47"
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Cache-Control: max-age=630720000, public
X-Amz-Cf-Pop: FRA60-P1
Accept-Ranges: bytes
Content-Length: 88387
X-Amz-Cf-Id: 2KAvFHm5Hksmb8EqrmsMsWrQf-8mr_SITBSGFp1CPlthdizc8bYLHA==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C3C9 51 KB
24 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jikn5vmn64w1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 20:15:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame C3C9 366 KB
145 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 16:34:51 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 74ms
11ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=PageView&dl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&rl=&if=false&ts=1657923622068&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1657923622066.62250922&it=1657923621860&coo=false&exp=u0&rqm=GET

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 15 Jul 2022 22:20:22 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/ 2 KB
2 KB 94ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/658085178/?random=1657923622071&cv=9&fst=1657923622071&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7d0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&tiba=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d540382a4019d77c9093b9cb228cd98b8ee6c305249b1a33f6783820b36726a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1071
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response
vars.hotjar.com/ Frame 4446 2 KB
1 KB 66ms
12ms Document
text/html 18.66.139.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2888537.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-117.fra60.r.cloudfront.net

Software

Resource Hash

cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://art4ukraine.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 29295
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 14:12:07 GMT
etag: "d2caf2e569940c65a88268a169f3facf"
last-modified: Fri, 15 Jul 2022 14:11:55 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-cf-id: 5MtYshbEwkEECynDj6cov9qk0Xo1CYdGPoAliIFexsHXk1smTNx0kg==
x-amz-cf-pop: FRA60-P4
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 92ms
21ms Script
application/javascript 18.65.39.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
URL: https://ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-90.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 25 May 2022 02:45:33 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 4476889
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9500c58b11c15528d15f2ca9add5bc00.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-P1
x-amz-cf-id: SVhi6Gg6tr2iTHeVvljB_WQ5rgtZDlUPUjE37-g5OkXerEdAyFySoA==

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame C3C9 2 KB
2 KB 13ms
12ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 271234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 19 Jul 2022 18:59:48 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3C9 15 KB
16 KB 38ms
9ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 278021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 12 Jul 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame C3C9 15 KB
15 KB 38ms
10ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 12 Jul 2022 08:48:37 GMT
x-content-type-options: nosniff
age: 307905
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Jul 2023 08:48:37 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame C3C9 102 B
132 B 17ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdnnbcZAAAAANQeMRX6vEy1a6y4GiswvXYfrOfd&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=invisible&cb=jikn5vmn64w1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Fri, 15 Jul 2022 22:20:22 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame A9AB 102 B
132 B 16ms
15ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn&co=aHR0cHM6Ly9hcnQ0dWtyYWluZS5iZXR0ZXJ3b3JsZC5vcmc6NDQz&hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&size=normal&cb=o9m8oasd8dbo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 1; mode=block
expires: Fri, 15 Jul 2022 22:20:22 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/658085178/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/658085178/?random=1657923622071&cv=9&fst=1657922400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&tiba=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=834668588&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/658085178/ 42 B
64 B 35ms
18ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/658085178/?random=1657923622071&cv=9&fst=1657922400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa7d0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&tiba=Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld&async=1&fmt=3&is_vtc=1&random=834668588&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 137001031 Show response
www.clarity.ms/tag/uet/ 914 B
1 KB 156ms
125ms Script
application/x-javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/137001031
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/137001031.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: b824c6510afc3e0ba935d795073b056452b6e57b5b2bc6b4dfc6467f8843b615

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
x-powered-by: ASP.NET
x-azure-ref: 0JujRYgAAAACiqC60QIJ1RIaOjkiKfqa1QlJVMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 914
expires: -1

GET
H2 200 56384066 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 139ms
109ms Script
application/x-javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56384066
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56384066.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: c4a0a04859bb975589289b5d481f68407dfa2caacb9f0a40510e6cda3c2235d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:21 GMT
x-powered-by: ASP.NET
x-azure-ref: 0JujRYgAAAADvzS1/TRr7RKKClzqC1LnWQlJVMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 61C4 7 KB
1 KB 23ms
22ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c6fb0ec59f750d72c669cc2a9d66d9034c7359596b554af2ecfdd30d1fc704a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-JKtSgJnUnRcTY6AAV8R0aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://art4ukraine.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-JKtSgJnUnRcTY6AAV8R0aA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Jul 2022 22:20:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 2888537 Show response
vc.hotjar.io/sessions/ 0
258 B 111ms
33ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2888537?s=0.25&r=0.165914259968863
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.575e0da598e3619bac00.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: ZCSpxtL1WM850IdTQUv0saDHONoN6QZKpZlRZ48Vp-y9KsSncZg2FQ==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 61C4 51 KB
24 KB 12ms
12ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 20:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7479
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 20:15:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/ Frame 61C4 366 KB
145 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/4rwLQsl5N_ccppoTAwwwMrEN/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=4rwLQsl5N_ccppoTAwwwMrEN&k=6Lf0qWgUAAAAABSFJrI86QJElyca5ihkX37U5bZn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 16:34:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148046
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 04:02:51 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jul 2023 16:34:51 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2/s/0.6.36/ 52 KB
23 KB 102ms
102ms Script
application/javascript 2620:1ec:27::cafe:1501
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/56384066
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1501 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
content-encoding: br
etag: "1d897c159e34826"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0JujRYgAAAACsve8JQEh3RZzRcBLCNMfRQlJVMzBFREdFMDQwOAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 20ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=763472054393761&ev=Microdata&dl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&rl=&if=false&ts=1657923622570&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%20%7C%20BetterWorld%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Art%20Auction%20for%20Ukraine%20by%20Art4Ukraine%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd33u8rw00328s3.cloudfront.net%2Fuser%2Fimages%2Fauction_slideshow%2F269314-62bbda1a586bc-421a6f4a028227fb0ac8.jpg%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Asite_name%22%3A%22BetterWorld%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.65&r=stable&ec=1&o=30&fbp=fb.1.1657923622066.62250922&it=1657923621860&coo=false&es=automatic&tm=3&exp=u0&rqm=GET

Requested by

Host: art4ukraine.betterworld.org
URL: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 15 Jul 2022 22:20:22 GMT

POST
H2 204 collect Show response
b.clarity.ms/ 0
183 B 300ms
97ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://art4ukraine.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://art4ukraine.betterworld.org
date: Fri, 15 Jul 2022 22:20:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect Show response
b.clarity.ms/ 0
25 B 341ms
290ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://art4ukraine.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://art4ukraine.betterworld.org
date: Fri, 15 Jul 2022 22:20:22 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 utils.js Show response
art4ukraine.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/ 239 KB
55 KB 115ms
114ms Script
application/javascript 3.216.159.37
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://art4ukraine.betterworld.org/js/thirdparty/intl-tel-input/17.0.0/utils.js
Requested by: Host: d33u8rw00328s3.cloudfront.net
URL: https://d33u8rw00328s3.cloudfront.net/js/2e42d2b/a5f2c5fda8f5f580403ef1345128c086.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.159.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-159-37.compute-1.amazonaws.com
Software: Apache/2.4.53 () OpenSSL/1.0.2k-fips /
Resource Hash: acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:23 GMT
content-encoding: gzip
last-modified: Fri, 15 Jul 2022 20:26:04 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips
etag: "3bdc0-5e3ddd3c90f00-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 55767
expires: Sun, 14 Aug 2022 22:20:23 GMT

GET
H2 200 feedback-web-fetcher Show response
app.hubspot.com/ Frame 19AC 2 KB
2 KB 112ms
81ms Document
text/html 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/feedback-web-fetcher

Requested by

Host: js.hubspotfeedback.com
URL: https://js.hubspotfeedback.com/feedbackweb-new.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://art4ukraine.betterworld.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 24881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: HIT
cf-ray: 72b5e294996f2397-ZRH
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: *.fullstory.com fullstory.com apis.google.com; report-uri https://exceptions.hubspot.com/csp/report?resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html&cfRay=72b5e294996f2397&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Ffeedback-web-fetcher&referrer=https%3A%2F%2Fart4ukraine.betterworld.org%2F&cfenv=prod&pdt=2022-07-15&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 22:20:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 16 Jul 2022 22:20:23 GMT
last-modified: Mon, 13 Jun 2022 15:03:35 GMT
nel: {"report_to":"nel","max_age":86400}
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=72b5e294996f2397&resource=feedback-web-renderer-ui/static-1.10889/html/fetcher.html"}]} {"group":"nel","max_age":86400,"endpoints":[{"url":"https://nel.hsbrowserreports.com/browser/reporting/reports"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-id: rXDHgjn5mO5NIk6jpDmrwzjJvRGHa47xA0YpxYyGvxh2HBhiu8a2GA==
x-amz-cf-pop: FRA56-P2
x-amz-replication-status: PENDING
x-amz-server-side-encryption: AES256
x-amz-version-id: KoJec5y2hHfKzlvl3QlZcjljSpOheOBf
x-cache: Hit from cloudfront
x-hs-target-asset: feedback-web-renderer-ui/static-1.10889/html/fetcher.html
x-hs-worker-debug-mode: false

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
959 B 280ms
252ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2760707843&v=1.1&a=7187435&pu=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&t=Art+Auction+for+Ukraine+by+Art4Ukraine+%7C+BetterWorld&cts=1657923623098&vi=9e9937d80f1086914086f0c9a01ed71d&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:23 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 2d145223-b28b-41d9-a7d3-6a852a3a9b83
cf-ray: 72b5e2949e0501df-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDYC3OQoFP6mp2khCHQh%2FFPls%2FswDtY1rtc3vjOwWCJx9tGd61kWLLL1JLVjsYfiAOybNuHPJmlce7OJdr9zkp3dTUbLPOFeqZVdd8%2FmGBFnJ0OxJdcqVxfaB0JvB8wHLKynmgJdaG%2FesV1oasU9"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&RedC=c.clarity.ms&MXFR=3A377FBF324961C91FB56E5D36496FC9
https://c.clarity.ms/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&MUID=366202D99C516BAA28C9133B9D836AAF

42 B
390 B

27ms
27ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&MUID=366202D99C516BAA28C9133B9D836AAF
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:23 GMT
last-modified: Sat, 02 Jul 2022 00:08:47 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8a177e6a78dd81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 15 Jul 2022 22:20:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2B802583F0DB4AB9BF6A2E531D04025A Ref B: FRAEDGE1317 Ref C: 2022-07-15T22:20:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=5B0F7BFB23554352B5333C98B4C7568D&MUID=366202D99C516BAA28C9133B9D836AAF
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 74 B
929 B 166ms
140ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7187435

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://art4ukraine.betterworld.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: d89fac57-bf44-4e67-904b-1254367cf41d
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2B66E18EBF741AB7A91B925F8172B240C7C843FAA0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYDeRry2mz41G2%2FJ9z090gZ0FGwoUc7wdNMiKUvgrD0FI4PpdAY6ai6NYrj2xEWFDoPT%2BG62MveBotamDBTo%2Bcj%2FTMQhXz6Hp2STqaWrIwe6kquVFACVvlapL2ApBow%2BEUfFyCON27epYuG%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://art4ukraine.betterworld.org
access-control-allow-credentials: false
cf-ray: 72b5e2949ebe01f8-ZRH
access-control-allow-headers: *

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.273/ Frame 19AC 289 KB
93 KB 55ms
28ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.273/bundle.production.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:23 GMT
via: 1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 648106
x-amz-server-side-encryption: AES256
cf-ray: 72b5e2959f8b23af-ZRH
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Jun 2022 20:12:51 GMT
server: cloudflare
etag: W/"7f1f4cf071fe807a6e3cb1c0e9606132"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulpZuk0LXBYPqsdjPZiehWd4VIitLfvqPPgOWZIOYueVfn5rigQy9sP%2BUKMJcP8rK89NbUn6X8jjE7foefH0PaikU9crqWjGMy5LOD%2BOZ88S5xPt6WMJPO%2Bi1vWegAjni3Vetg4%2FIW9vqSV46vtx8m2t2z0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: KzPlPnaGfC2KvqH_C2ydD6oOPrLTHXIr
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: L8DLv3ttouqVoZZLgz1kRnKmAbjCjm-RJ03HLmyXdycUF-oO7BVmAg==
expires: Sat, 15 Jul 2023 22:20:23 GMT

GET
H2 200 fetcher.js Show response
static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/ Frame 19AC 15 KB
7 KB 67ms
40ms Script
application/javascript 2606:4700::6811:7d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Origin: https://app.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 22:20:23 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 370513
x-amz-server-side-encryption: AES256
cf-ray: 72b5e2959f8c23af-ZRH
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 13 Jun 2022 15:03:34 GMT
server: cloudflare
etag: W/"f3eb42ea6bd5f051aac5bd3b724f5cfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9r%2FPAiDaJLCzjwDulJaPH3lSQuJ%2BCiu7ZaZ2zHoyBIAeMhh9602Ok3jtT84X6ENVX3XnbiuzfyaIgwdx7SvzSUqVHRyAie6VxZZt4XBw4zrYlWWNedbjvkSuz6gSHea9X80JU86cPl3AwmSTIKPZWiGYjSI%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: psS_L0aIxxJeWsOWmK5GyO04WEHx2efv
access-control-allow-origin: https://app.hubspot.com
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: PdbfcjZJCsC33I4SyZlG7pt1KouWS-LRBx-G0_MFXBwvfaGNEEUWbQ==
expires: Sat, 15 Jul 2023 22:20:23 GMT

GET
H3 200 / Show response
api.hubspot.com/cors-preflight-iframe/ Frame A73C 171 B
1 KB 49ms
33ms Document
text/html 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubspot.com/cors-preflight-iframe/

Requested by

Host: app.hubspot.com
URL: https://app.hubspot.com/feedback-web-fetcher

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 2101090
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cache-tag: staticjsapp-cors-preflight-iframe-web-prod,staticjsapp-prod
cf-cache-status: HIT
cf-ray: 72b5e2960f3c0204-ZRH
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 15 Jul 2022 22:20:23 GMT
etag: W/"e0a6d24f4774b193114cde59bad7a9b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 15 Jul 2023 22:20:23 GMT
last-modified: Tue, 24 May 2022 02:41:18 UTC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N5ZFxuL%2F7EWRrm4k6yFkk%2FIHJ%2Bnqv8Vsoxl9meNEU0zCGWjfaDk3wi3KvoZFrGbX6lTmORGR42L72s78R52c5CQ0SSwbe5TTQFM69tH43WiLjorzdlRHaEqTniMTYYcRo%2BErdgSUwbgRRE1N3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 8c1cde7cef0a6f5dc839234d2bb2bca4.cloudfront.net (CloudFront)
x-amz-cf-id: 2QxYMh8ROKAur_1BN93gAXy798e_qEc9HVPhOMpDFrqbZwtB0e5ozA==
x-amz-cf-pop: IAD89-P1
x-amz-meta-ao: {}
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: kgyGmBJa1ShZkqHRsjocf1kdkyXvzb6q
x-cache: Hit from cloudfront
x-hs-cache-status: HIT
x-hs-target-asset: cors-preflight-iframe/static-1.78/html/iframe.html

GET
H3 200 web-config Show response
feedback.hubapi.com/feedback/public/v1/ Frame 19AC 36 B
888 B 172ms
151ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://feedback.hubapi.com/feedback/public/v1/web-config?portalId=7187435&utk=9e9937d80f1086914086f0c9a01ed71d&bundleVersion=1.10889&currentUrl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine&pageUrl=https%3A%2F%2Fart4ukraine.betterworld.org%2Fauctions%2Fart-auction-ukraine

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/feedback-web-renderer-ui/static-1.10889/bundles/fetcher.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app.hubspot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-HS-Referer: https://art4ukraine.betterworld.org/auctions/art-auction-ukraine

Response headers

x-origin-hublet: na1
date: Fri, 15 Jul 2022 22:20:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: b4660034-2c9b-426a-ad0a-31feb647fa96
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
server: cloudflare
x-trace: 2B33635886FFAB2C768EF084E2C3CDE381A04C5042000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81CS6ni8Twx9ELvjQXiUIM9oJpydK%2BCLBjAN0%2B0MEAEwx8fsB3Ln%2B1DkNe6m1TQTuauzLRTONNMCmhD6rdYtaE5qKd61ftYngWxHC7CetblJiIO083kKszVXm6C3kkflk4EsrqSmwN2RBe5vBiAllXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
cf-ray: 72b5e2970986233d-ZRH
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer

OPTIONS
H2 200 web-config
feedback.hubapi.com/feedback/public/v1/ Frame 0
0 148ms
138ms Preflight
text/plain 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hs-referer
Access-Control-Request-Method: GET
Origin: https://app.hubspot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, X-Hubspot-Static-App-Info, X-HS-Referer
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://app.hubspot.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72b5e295f84901f8-ZRH
content-length: 18
content-type: text/plain; charset=utf-8
date: Fri, 15 Jul 2022 22:20:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bszhHLf%2FU0ZSZ%2Fa4FSE0fgxoe%2FyCxE%2BZpZF2eOlQHvC1jq55DY9%2FD7eFHSCtcyl8D2%2FTdJgS%2BWPOvvYT%2F5th0qC2LFGIiobKdrD9IpKoXRBlDbqynTwDBn7hnl0tl4E07JRLjGr0dYz%2B2yLBu0QF2hs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: 292a3993-4ad4-49cd-a799-363798689b23
x-trace: 2BAC8DD53CB48DBAA8E0DBD68F7F3D0627EC8B2F64000000000000000000

POST
H2 204 collect Show response
b.clarity.ms/ 0
48 B 97ms
96ms XHR
text/plain 20.75.32.255
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2/s/0.6.36/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.75.32.255 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://art4ukraine.betterworld.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin: https://art4ukraine.betterworld.org
date: Fri, 15 Jul 2022 22:20:24 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betterworld.org/	1969-12-31 23:59:59	Name: BWSESSID Value: 53F7hTSHSVbwOVay3K67qfy9Ki6nWCXL8ThV0NETBZ39L8y2HTwtDKWxNJg4aV%2CjvHe9i6GFXsUAgbM0ipDgTZpltn3N%2CW6D-A6Psl9ZXP5Sx1rAiLcNCe9j9vsIowLr
.betterworld.org/	1970-01-20 06:41:39	Name: _gcl_au Value: 1.1.928235685.1657923622
.betterworld.org/	1970-01-20 04:33:30	Name: _gid Value: GA1.2.1674081423.1657923622
.betterworld.org/	1970-01-20 04:32:03	Name: _gat Value: 1
.bing.com/	1970-01-20 13:53:39	Name: MUID Value: 366202D99C516BAA28C9133B9D836AAF
.betterworld.org/	1970-01-20 22:03:15	Name: _ga_GS2WP6TV7Y Value: GS1.1.1657923621.1.0.1657923621.60
.betterworld.org/	1970-01-20 22:03:15	Name: _ga Value: GA1.1.9220728.1657923622
.betterworld.org/	1970-01-20 04:33:30	Name: _uetsid Value: 510b6d60048c11edb801ed8b22478ade
.betterworld.org/	1970-01-20 13:53:39	Name: _uetvid Value: 510ba620048c11edbeb19734d4c97641
.betterworld.org/	1970-01-20 06:41:39	Name: _fbp Value: fb.1.1657923622066.62250922
.facebook.com/	1970-01-20 06:41:39	Name: fr Value: 06whTT1I1BpNANNKy..Bi0egm...1.0.Bi0egm.
.linkedin.com/	1970-01-20 05:15:15	Name: UserMatchHistory Value: AQJhfOkVUWVzDwAAAYID8tTAcbjkN6koTsP4csCQ81pjJUNyTYupaT9M5y8I8fzGS4Hdrgr6_BJQ2w
.linkedin.com/	1970-01-20 05:15:15	Name: AnalyticsSyncHistory Value: AQLJ_fEiANzxRQAAAYID8tTAxeuTbXqAI4FOqcK1XafqJDBx3rMZD9HmG_NygmEPGovsECEhDjMYmWSEgVf2UA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:03:57	Name: bcookie Value: "v=2&185dd507-764d-4da2-8784-eff62d103f8d"
.linkedin.com/	1970-01-20 04:33:30	Name: lidc Value: "b=TGST06:s=T:r=T:a=T:p=T:g=2465:u=1:x=1:i=1657923622:t=1658010022:v=2:sig=AQF-ptX5SpRAU4IPIZIdBaz8_tKm4gx6"
.doubleclick.net/	1970-01-20 04:32:04	Name: test_cookie Value: CheckForPermission
.betterworld.org/	1970-01-20 13:17:39	Name: _hjSessionUser_2888537 Value: eyJpZCI6ImZlYjAyZjNkLWU2NjAtNWI3NC04YjFlLWU2YjViMzVjNGNjOCIsImNyZWF0ZWQiOjE2NTc5MjM2MjIxMzksImV4aXN0aW5nIjpmYWxzZX0=
.betterworld.org/	1970-01-20 04:32:05	Name: _hjFirstSeen Value: 1
art4ukraine.betterworld.org/	1970-01-20 04:32:03	Name: _hjIncludedInSessionSample Value: 0
.betterworld.org/	1970-01-20 04:32:05	Name: _hjSession_2888537 Value: eyJpZCI6Ijk4NzgxNDJlLTM2ZjUtNDJkOC1iODQyLWZhMzk5M2Q2ZmZlZCIsImNyZWF0ZWQiOjE2NTc5MjM2MjI0MDYsImluU2FtcGxlIjpmYWxzZX0=
.betterworld.org/	1970-01-20 04:32:05	Name: _hjAbsoluteSessionInProgress Value: 1
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 22:03:57	Name: bscookie Value: "v=1&202207152220226d7af164-a955-4fea-86c3-e69a2371211fAQGFQffrJ6Wu6ZEKZzM7YcDGBsOfpGUE"
.linkedin.com/	1970-01-20 22:01:53	Name: li_gc Value: MTswOzE2NTc5MjM2MjI7MjswMjFaCJQ3CPRMYyghmKsVd+9aQ7ZuUqJJFG2RjWQZqPMNwg==
www.clarity.ms/	1970-01-20 13:17:39	Name: CLID Value: f8beedac3aae4815a79e850ecf1368bc.20220715.20230715
.betterworld.org/	1970-01-20 13:17:39	Name: _clck Value: b4nlz8\|1\|f36\|0
.betterworld.org/	1970-01-20 08:51:15	Name: __hstc Value: 224497285.9e9937d80f1086914086f0c9a01ed71d.1657923623093.1657923623093.1657923623093.1
.betterworld.org/	1970-01-20 08:51:15	Name: hubspotutk Value: 9e9937d80f1086914086f0c9a01ed71d
.betterworld.org/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.betterworld.org/	1970-01-20 04:32:05	Name: __hssc Value: 224497285.1.1657923623093
.betterworld.org/	1970-01-20 04:33:30	Name: _clsk Value: 1d2e6vh\|1657923623110\|1\|1\|b.clarity.ms/collect
.c.bing.com/	1970-01-20 13:53:39	Name: SRM_B Value: 366202D99C516BAA28C9133B9D836AAF
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 13:53:39	Name: MUID Value: 366202D99C516BAA28C9133B9D836AAF
.c.clarity.ms/	1970-01-20 04:32:04	Name: ANONCHK Value: 0
.hubspot.com/	1970-01-20 04:32:05	Name: __cf_bm Value: ._.0HjSlqenXkp8b2lZhme9yz3jx1Nkki9mk3XzKmRE-1657923623-0-AeqxdESt36i+fSKhhFI7KhnbJq7jeak7ueX5BBu8RcDd40Yn3bncVqClh2bnlcR6IblsPd1XVZoNi0456pcVngs=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ae6f09e2323c4987b82a0efdf1eadc58.js.ubembed.com
api.hubapi.com
api.hubspot.com
app.hubspot.com
art4ukraine.betterworld.org
assets.ubembed.com
b.clarity.ms
bat.bing.com
betterworldcollective.s3.amazonaws.com
c.bing.com
c.clarity.ms
connect.facebook.net
d2wy8f7a9ursnm.cloudfront.net
d33u8rw00328s3.cloudfront.net
feedback.hubapi.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hubspotfeedback.com
js.usemessages.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
script.hotjar.com
snap.licdn.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track.hubspot.com
use.fonticons.com
use.fortawesome.com
vars.hotjar.com
vc.hotjar.io
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
13.225.84.38
13.32.121.38
142.250.185.226
151.101.1.131
151.139.128.11
151.139.128.8
18.65.39.90
18.66.112.110
18.66.139.117
18.66.97.53
20.234.93.27
20.75.32.255
2001:4860:4802:34::36
2001:4860:4802:38::178
2606:4700:4400::ac40:9a55
2606:4700::6811:47b0
2606:4700::6811:70b0
2606:4700::6811:72a2
2606:4700::6811:7d2
2606:4700::6811:cbcc
2606:4700::6811:cccc
2606:4700::6811:d5cc
2606:4700::6811:eccc
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:21::14
2620:1ec:27::cafe:1501
2620:1ec:c11::200
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2008
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c1b::9b
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.216.159.37
52.216.110.19
52.222.236.74
003a8441b2de46f0acf2b3e540fba5ac02f844b3cc4361df5e535181f0c62c4a
00e67a6bb1601297c954a9c6438eb956f4ca87253683fb348d1bda64cee7d1ca
01f8ac0eca97a4590e3c7cc41769454b9632486e5adc21e51925ca8dbee5c58e
098f1a1400af17ccadd35f423d47cc1eab1e8e814f73a98c3bd034e4dea62c08
0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
21c0cb622b551fb96d9b2e52125126845f7157ec37acfba054407432c1ef5597
226a246979b2323600048379431f6249e2e153e6e3050d1d39ead19bc8a406c0
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
259d9eaacccd27939ed381bd80b929f9c87a7c087cdab0bf19affafe16f2ecc8
25dba97f654e9112e2c1ae2b155aa751cddde135f9b57fd60d21a95eb174a4c0
2632599941246619c5fb97b01f771c7be0788bede7d53c5023558c1630b4adf7
29a12be908da6c7734991f2eef72de3140a398fd9ca98824603d0cf60a3d3225
2a08d187ec02fad52a0102282f72cd3f570a2db86b7f117f6f4fc50494a474a7
2db3f7acdd11ad35404f34178623fd5dd759998e0a4dfc90955c46644c46b7a8
32a90e32bd87e538e0313f2d569603d0365100cba3ce5ce251c31c6318fd1234
36bc338d4454d68ba19d0b4ad84e5b9bd5cc04d8f1f97d0a6481a8044b76fa95
3cf66f2335c0346af136def65ad4d2312a217a3548ab675ea25dde8353853032
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4047f7a186a76eecf23cc640206b05d25b61756bc1bc5195c31261c5ebb223a0
44c5c194f3ea7e3ae862646b8cfd1e5370855b88c203dd0272344824c2837ec4
51a3cd5921c82d7061755761de551ab55db9c76daafe2503978ee5ebe271d1a5
52ad24b96f742149b364b407e8e7cd134bd78fd0bd835b234a7a1dd3cde148c1
54eea54f4599943179d3b7799eb656e9c1f72a82306ec0b3f2284cfefd5acc1d
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b611694513b07790f18ccb04ce99cc7cac90420d4f45e322204dec23add1581
62eff55da34fb881e5f26498f4c572a8810f8fb1953e8e00c24df6a05deb2747
6c915981d02126dd2411cee65149bdb68f092299f9c1633be286847e6d72aaf9
6d284e4e1edfc71b22996a7469dec3be7cfd4d9730d31a3e31dc900c70efa23b
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
717662dfb638e9d5b331f126c715672fc33c7176b8b5e60a4aa9f5369ecfeb2f
75af9dda9ed3b161473019f2d56b08e8d24fb98b706292af89fc0a576b8c499f
7c6fb0ec59f750d72c669cc2a9d66d9034c7359596b554af2ecfdd30d1fc704a
7d785a71b4eea52301b30602f34ac85092ff6ef81687c2a799377472c211aab1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f0d301a01d6b05136f265a62ec980d503ea7378357c51e3f4737517859309e
84aaf4cf9056f7961e4840854423429ee7c3b16c1252c63f01ddf229b412e204
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90a1e4a5597621c55b25bf26c1f83edbe06e8ebab81858323cebb5ba57d16e62
925597349d48aefd75ade3ba4d42e68427433d7e05f917da19feef1608338d8f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e11b7c0f7283902167a35e816e7c63a8b7c2c07b97c61fe178d0443f1b4a7e2
9ff538f72465724fc393ea1f3c03a17233c9b7e1d440d6f8a6d0b3a836c2a9cc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6102eea2a3ec1a089a967f7ecc00c6d26aba85e48320f81ea1a118403fd444f
ab7be0eb14b0177b5c9855654dfd55f2d3eac3e0725b0767ed4b8c13cdba1fa1
acaefecc2a438420ae02baa357bb498ac4abec71c80ba9e3c2b7079cacf256c2
afe2b2cf5526e737cb11e8f8188ce667a8b6fb97b42c6fbd143f0b700fa9e86d
b193130a7292ebe1fd6b18c73c47fa70acf18b0a615d0e5327d629129a56b1d9
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b824c6510afc3e0ba935d795073b056452b6e57b5b2bc6b4dfc6467f8843b615
b8945f50f0f384a5ef2ff4298c8755fcacbd0dc43bd10e86a893729798c53de3
bfddcb9ab1e32b3c618d18de3af45ff397b5e27812b26bede45e52bbed91495a
c2779b247613bec214db655462bff1f974e40b8637ab936aa3ce3fbe665ef6ec
c4a0a04859bb975589289b5d481f68407dfa2caacb9f0a40510e6cda3c2235d6
c4b3000568bda06a713f44c2a1892113854d394a0c004baa9ee75f8c43dda571
cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489
cc0efa3f55fec13fcdb49d48d597c3c81a1003d214039a3fb08f34ca98bb5f9e
d1146849b14934539a02490c2934b135178838306e98e2a490a8aac3206f8036
d540382a4019d77c9093b9cb228cd98b8ee6c305249b1a33f6783820b36726a8
d5f78d77eeffb449e68105d7f5ce8209e7e1e079a50aba03bd9bdd72b6d2b4e3
d98c745bef6dae24e32c78e5b3403d8a60b2722152915753e00bfb32f70b3e38
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a7649420e53c5f1c7fb0c7d1e32730a3f2734f0a78ac89f4c0930ec1308bab
e81bc04c4174016a8e8c6d0e8db71a8929015a2187f528e4655adb61e23989b7
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
eb7601649017df7305baf264fde0719101bd0379506aeddc9c90bdc060370e76
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ef184d65e532fe721461e9a0b7ecce621780284999d359af73f8e21c99c5b2
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f785182c37dd118034ac5891bff03d3fec6ec60d63d8d6609cebafe35a86ec0c
f7e9b8295d65006ea14ff137c218c8b3b72b3354c01e46ec9590d9625d4c492e
fd724882dc8a94e7d01094c644badf758051ed60099bb88faf936286f214c97c
ff55ad635b29aa9a862a40867283ef7d6b9dea7be0fad19d7d2cca3d72a76ba9

art4ukraine.betterworld.org Open in urlscan Pro 3.216.159.37 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

98 %HTTPS

63 %IPv6

31 Domains

46 Subdomains

43 IPs

4 Countries

2147 kBTransfer

5576 kBSize

37 Cookies

27 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

art4ukraine.betterworld.org Open in urlscan Pro
3.216.159.37 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

98 %
HTTPS

63 %
IPv6

31
Domains

46
Subdomains

43
IPs

4
Countries

2147 kB
Transfer

5576 kB
Size

37
Cookies

96 HTTP transactions
2 data transactions