safe.cascadetreeworkswa.com Open in urlscan Pro
35.240.1.10 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://safe.cascadetreeworkswa.com/
Submission: On September 29 via automatic, source certstream-suspicious (September 29th 2024, 12:01:02 pm UTC) — Scanned from GB

Summary HTTP 96 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 45 IPs in 6 countries across 43 domains to perform 96 HTTP transactions. The main IP is 35.240.1.10, located in Brussels, Belgium and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is safe.cascadetreeworkswa.com.
TLS certificate: Issued by R11 on September 29th 2024. Valid for: 3 months.

This is the only time safe.cascadetreeworkswa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.240.1.10 35.240.1.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
8	2400:52e0:1e0... 2400:52e0:1e00::1054:1	60068 (CDN77 _) (CDN77 _)
6	2a04:4e42:200... 2a04:4e42:200::720	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.102.106 18.66.102.106	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2600:9000:272... 2600:9000:2724:c600:6:9a19:88c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::ac43:49d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.225.74.32 3.225.74.32	14618 (AMAZON-AES) (AMAZON-AES)
1	35.241.14.198 35.241.14.198	15169 (GOOGLE) (GOOGLE)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2400:52e0:1e0... 2400:52e0:1e00::722:1	60068 (CDN77 _) (CDN77 _)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
7	34.168.224.78 34.168.224.78	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18 24	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:7e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:34cf:f8f2:c159:f9a3	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.58.104.46 52.58.104.46	16509 (AMAZON-02) (AMAZON-02)
1 1	35.156.239.139 35.156.239.139	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.207.125.55 52.207.125.55	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.160.221 2.18.160.221	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.211.255.159 52.211.255.159	16509 (AMAZON-02) (AMAZON-02)
1	52.208.23.237 52.208.23.237	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	18.66.147.58 18.66.147.58	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:33:1... 2620:1ec:33:1::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:249... 2600:9000:2490:6c00:12:879f:ba00:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2644:c00:1e:68cf:ab80:21	() ()
96	45

2 35.240.1.10 (Brussels, Belgium) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.1.240.35.bc.googleusercontent.com

safe.cascadetreeworkswa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2400:52e0:1e00::1054:1 (Germany)

ASN60068 (CDN77 _, GB)

cdn.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:200::720 (United States)

ASN54113 (FASTLY, US)

convertri.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-106.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2724:c600:6:9a19:88c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:49d1 (United States)

ASN13335 (CLOUDFLARENET, US)

salemlivechat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.74.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-74-32.compute-1.amazonaws.com

snowplow.convertri.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.14.198 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 198.14.241.35.bc.googleusercontent.com

video.cvtdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2400:52e0:1e00::722:1 (Germany)

ASN60068 (CDN77 _, GB)

vz-6c827c39-104.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.168.224.78 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.224.168.34.bc.googleusercontent.com

2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fault.rlets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 34.91.62.186 (Groningen, Netherlands) 18 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:7e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:34cf:f8f2:c159:f9a3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.104.46 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-104-46.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.239.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-239-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.207.125.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-125-55.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.221 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-221.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.255.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-255-159.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.23.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-23-237.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-58.fra60.r.cloudfront.net

capture-api.reachlocalservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:6c00:12:879f:ba00:21 (United States)

ASN16509 (AMAZON-02, US)

d3b4i635mede5k.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:c00:1e:68cf:ab80:21 (None, )

ASN- ()

d10w4s0jex8wby.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	simpli.fi 18 redirects tag.simpli.fi — Cisco Umbrella Rank: 5530 i.simpli.fi — Cisco Umbrella Rank: 4725 um.simpli.fi — Cisco Umbrella Rank: 999	16 KB
11	rlets.com cdn.rlets.com — Cisco Umbrella Rank: 18040 2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com fault.rlets.com — Cisco Umbrella Rank: 297694	90 KB
9	convertri.com cdn.convertri.com — Cisco Umbrella Rank: 208021 snowplow.convertri.com — Cisco Umbrella Rank: 199971	331 KB
7	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 53 cm.g.doubleclick.net — Cisco Umbrella Rank: 297 td.doubleclick.net — Cisco Umbrella Rank: 216	4 KB
6	imgix.net convertri.imgix.net — Cisco Umbrella Rank: 241784	505 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 3391	22 KB
5	gstatic.com fonts.gstatic.com	103 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 57	431 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 3	112 B
2	cloudfront.net d3b4i635mede5k.cloudfront.net d10w4s0jex8wby.cloudfront.net	56 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 378	15 KB
2	reachlocalservices.com capture-api.reachlocalservices.com — Cisco Umbrella Rank: 20971	589 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 292	2 KB
2	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 4792	128 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2165	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2006 ups.analytics.yahoo.com — Cisco Umbrella Rank: 531	568 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3062	847 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 601 d.agkn.com — Cisco Umbrella Rank: 816	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 477	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 537	730 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 112	3 KB
2	b-cdn.net vz-6c827c39-104.b-cdn.net	1 MB
2	salemlivechat.com salemlivechat.com — Cisco Umbrella Rank: 554683	5 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 196	73 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 957 script.hotjar.com — Cisco Umbrella Rank: 1386	61 KB
2	cascadetreeworkswa.com 1 redirects safe.cascadetreeworkswa.com	60 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 454	33 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 569	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 446	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 99	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 487	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1128	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1159	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1400	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1622	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 7382	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 459	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1367	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 648	237 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3537	233 B
1	cvtdn.com video.cvtdn.com	750 B
0	localiq.com Failed capturelogger-prod-usa.localiq.com Failed
0	intentiq.com Failed sync.intentiq.com Failed
96	43

	Domain	Requested by
24	um.simpli.fi	18 redirects safe.cascadetreeworkswa.com
8	cdn.convertri.com	safe.cascadetreeworkswa.com
6	2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com	cdn.rlets.com
6	convertri.imgix.net	safe.cascadetreeworkswa.com
5	fonts.gstatic.com	safe.cascadetreeworkswa.com
5	www.googletagmanager.com	safe.cascadetreeworkswa.com www.googletagmanager.com www.google-analytics.com cdn.rlets.com
4	cdn.rlets.com	www.googletagmanager.com cdn.rlets.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cm.g.doubleclick.net	3 redirects
3	www.google.com	2 redirects
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	bat.bing.com	safe.cascadetreeworkswa.com
2	capture-api.reachlocalservices.com	cdn.rlets.com
2	ib.adnxs.com	1 redirects safe.cascadetreeworkswa.com
2	www.google.co.uk	safe.cascadetreeworkswa.com
2	loadm.exelator.com	1 redirects safe.cascadetreeworkswa.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects safe.cascadetreeworkswa.com
2	sync.1rx.io	2 redirects
2	www.facebook.com	safe.cascadetreeworkswa.com
2	vz-6c827c39-104.b-cdn.net	cdn.convertri.com
2	salemlivechat.com	www.googletagmanager.com safe.cascadetreeworkswa.com
2	tag.simpli.fi	www.googletagmanager.com
2	connect.facebook.net	safe.cascadetreeworkswa.com connect.facebook.net
2	safe.cascadetreeworkswa.com	1 redirects
1	d10w4s0jex8wby.cloudfront.net
1	d3b4i635mede5k.cloudfront.net
1	ajax.googleapis.com	safe.cascadetreeworkswa.com
1	td.doubleclick.net	www.googletagmanager.com
1	fault.rlets.com
1	us-u.openx.net	safe.cascadetreeworkswa.com
1	pixel.rubiconproject.com	safe.cascadetreeworkswa.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com	safe.cascadetreeworkswa.com
1	ce.lijit.com	safe.cascadetreeworkswa.com
1	bcp.crwdcntrl.net	safe.cascadetreeworkswa.com
1	stags.bluekai.com	safe.cascadetreeworkswa.com
1	sync.bfmio.com	safe.cascadetreeworkswa.com
1	ups.analytics.yahoo.com	safe.cascadetreeworkswa.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	safe.cascadetreeworkswa.com
1	eb2.3lift.com	safe.cascadetreeworkswa.com
1	sync.targeting.unrulymedia.com	safe.cascadetreeworkswa.com
1	s.ad.smaato.net	safe.cascadetreeworkswa.com
1	i.simpli.fi	tag.simpli.fi
1	vc.hotjar.io	script.hotjar.com
1	region1.google-analytics.com	www.googletagmanager.com
1	script.hotjar.com	static.hotjar.com
1	video.cvtdn.com	cdn.convertri.com
1	snowplow.convertri.com	safe.cascadetreeworkswa.com
1	static.hotjar.com	www.googletagmanager.com
0	capturelogger-prod-usa.localiq.com Failed	cdn.rlets.com
0	sync.intentiq.com Failed	safe.cascadetreeworkswa.com
96	55

This site contains links to these domains. Also see Links.

Domain
business.cascadetreeworkswa.com

Subject Issuer	Validity	Valid
safe.cascadetreeworkswa.com R11	`2024-09-29` - `2024-12-28`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
cdn.convertri.com R10	`2024-09-24` - `2024-12-23`	3 months	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-07` - `2025-01-07`	a year	crt.sh
*.gstatic.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-08` - `2024-10-06`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.rlets.com Amazon RSA 2048 M02	`2024-09-29` - `2025-10-27`	a year	crt.sh
salemlivechat.com WE1	`2024-09-09` - `2024-12-08`	3 months	crt.sh
snowplow.convertri.com Amazon RSA 2048 M02	`2023-12-27` - `2025-01-25`	a year	crt.sh
video.cvtdn.com WR3	`2024-09-10` - `2024-12-09`	3 months	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-05` - `2024-11-11`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
captureapi.localiq.com R10	`2024-08-13` - `2024-11-11`	3 months	crt.sh
*.reachlocalservices.com Amazon RSA 2048 M03	`2023-11-04` - `2024-12-01`	a year	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.co.uk WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://safe.cascadetreeworkswa.com/
Frame ID: 6B545524F6C7212C3A3D96F96319BD44
Requests: 85 HTTP requests in this frame

Frame: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Frame ID: 6224BE0EF5EEAE2FBD127357A0E0A9CE
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/482845254?random=1727611255405&cv=11&fst=1727611255405&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&npa=0&pscdl=noapi&auid=390392058.1727611255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 11931B19F69F56BF5BCD6D6C3D32E930
Requests: 1 HTTP requests in this frame

Frame: https://d3b4i635mede5k.cloudfront.net/bubble.png
Frame ID: EBB3BD236DB8C50D1EAEDBF6DEB8B736
Requests: 3 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 5C7A2F0A463DABDF83A23001EF13FF14
Requests: 2 HTTP requests in this frame

Frame: https://cdn.rlets.com/capture_static/mms/capture.js
Frame ID: 830F3CD771785A36BCA17BAA52443C5A
Requests: 1 HTTP requests in this frame

Frame: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Frame ID: 3F442B5214C1D9B7AD53EF050CDB2DB1
Requests: 1 HTTP requests in this frame

Frame: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Frame ID: 38E7295C3F78175E5F169FDDCCDBB72F
Requests: 1 HTTP requests in this frame

Frame: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Frame ID: 6C2B9B72996E42C9EF3C02816B79B2FF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Portland & Vancouver Hazardous Tree Inspections | Cascade Tree Works | A

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

96
Requests

74 %
HTTPS

46 %
IPv6

43
Domains

55
Subdomains

45
IPs

6
Countries

3221 kB
Transfer

6089 kB
Size

59
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://business.cascadetreeworkswa.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=685F42CA731A41588F0678F922C5ABB8

Request Chain 47

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/685F42CA731A41588F0678F922C5ABB8 HTTP 302
https://sync.1rx.io/usersync/simplifi/685F42CA731A41588F0678F922C5ABB8?zcc=1&cb=1727611254095 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003

Request Chain 48

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=685F42CA731A41588F0678F922C5ABB8&dongle=yf3

Request Chain 49

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=685F42CA731A41588F0678F922C5ABB8

Request Chain 50

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8

Request Chain 51

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=685F42CA731A41588F0678F922C5ABB8 HTTP 302
https://d.agkn.com/pixel/10751/?che=1727611254155&ip=194.74.212.80&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216783105020001668074 HTTP 302
https://um.simpli.fi/aa_px?sk=216783105020001668074 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 52

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=685F42CA731A41588F0678F922C5ABB8

Request Chain 55

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=685F42CA731A41588F0678F922C5ABB8;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=685F42CA731A41588F0678F922C5ABB8;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 56

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0&xl8blockcheck=1

Request Chain 58

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=685F42CA731A41588F0678F922C5ABB8

Request Chain 59

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=685F42CA731A41588F0678F922C5ABB8

Request Chain 60

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=685F42CA731A41588F0678F922C5ABB8

Request Chain 61

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=685F42CA731A41588F0678F922C5ABB8

Request Chain 62

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=685F42CA731A41588F0678F922C5ABB8

Request Chain 63

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1727611253730&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI4KbouI3oiAMVM4mDBx2IzTOWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiRodHRwczovL3NhZmUuY2FzY2FkZXRyZWV3b3Jrc3dhLmNvbS8 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI4KbouI3oiAMVM4mDBx2IzTOWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiRodHRwczovL3NhZmUuY2FzY2FkZXRyZWV3b3Jrc3dhLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfskQ4UontXlCHT9aOIK4bF6y33t17bw&random=2563670598 HTTP 302
https://www.google.co.uk/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI4KbouI3oiAMVM4mDBx2IzTOWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiRodHRwczovL3NhZmUuY2FzY2FkZXRyZWV3b3Jrc3dhLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfskQ4UontXlCHT9aOIK4bF6y33t17bw&random=2563670598&ipr=y

Request Chain 65

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=685F42CA731A41588F0678F922C5ABB8 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D685F42CA731A41588F0678F922C5ABB8

Request Chain 66

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=685F42CA731A41588F0678F922C5ABB8&expires=365

Request Chain 67

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=685F42CA731A41588F0678F922C5ABB8

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEDdjIVaqwfQlgvUB9TR3ITk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=685F42CA731A41588F0678F922C5ABB8 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 75

https://safe.cascadetreeworkswa.com/favicon.ico HTTP 307
https://cdn.convertri.com/favicon.ico

Request Chain 81

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45be49p0za200&auid=390392058.1727611255&frm=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45be49p0za200&auid=390392058.1727611255&frm=0

96 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
safe.cascadetreeworkswa.com/ 363 KB
59 KB 209ms
55ms Document
text/html 35.240.1.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.240.1.10 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.1.240.35.bc.googleusercontent.com
Software: /
Resource Hash: e34dc78eca5e391454c70b323a172db53a86b187aaa7a757252ef7499315deb5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 29 Sep 2024 12:00:51 GMT
vary: Accept-Encoding

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
92 KB 273ms
65ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af2cdef0d2055b7428b459dffba00c3ba8e9bd6385d07a1001e1850a85a58c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sun, 29 Sep 2024 12:00:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:51 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93742
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 jquery-1.12.2.min.js Show response
cdn.convertri.com/ 393 KB
109 KB 293ms
63ms Script
text/javascript 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/jquery-1.12.2.min.js?v=2024-04-02-09-34-59
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: b828f3842bd62cca339daf4914437b2a042957c348113c95c9c3605ea076a1f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "174230bafc9c59ec8cf9ff9ffa8e4867"
date: Sun, 29 Sep 2024 12:00:51 GMT
last-modified: Tue, 24 Sep 2024 09:45:14 GMT
content-type: text/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: m7WPvibPbInJaF4ZvfodH07obr7W+zsr+nFA6dmSf4KGMQbQitpuWwUpfcMAGDCkjJXWF69LxX8=
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2024 09:56:57
cache-control: max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 5fae8d282665543e228ca2a160b09feb
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: DJ794M1QR5H35F2M
cdn-edgestorageid: 1047
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB
x-amz-server-side-encryption: AES256

GET
H2 200 revised46480231_1033413430195224_6616578431532400640_o.jpg
convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/0b579f0469da7e70801fb3b54c7ad91288bfcf89/ 426 KB
427 KB 341ms
157ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/0b579f0469da7e70801fb3b54c7ad91288bfcf89/revised46480231_1033413430195224_6616578431532400640_o.jpg?auto=compress%2Cformat&fit=crop&h=1.0&w=1600

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

a4410d64450a36f31a4b6fd4c3b93c643b4cc686564207f920c30169eca51a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 695
x-content-type-options: nosniff
x-cache: HIT, MISS, MISS
date: Sun, 29 Sep 2024 12:00:51 GMT
last-modified: Sun, 29 Sep 2024 11:49:17 GMT
x-served-by: cache-chi-klot8100036-CHI, cache-fra-etou8220114-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 436604
server: imgix
x-imgix-id: a1d55d3b4a4b44b5fd890ecb2039467a63b7a025

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93f57b8958c377861c27d6b7f55d3036a4e603df0a293e80e4700034c4d83bb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Cascade-Tree-Works-Video-Cover.jpg
convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/522cde4a431c3d9cf6e6eaa264e6df4eef68d081/ 19 KB
19 KB 300ms
136ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/522cde4a431c3d9cf6e6eaa264e6df4eef68d081/Cascade-Tree-Works-Video-Cover.jpg?auto=compress,format&fit=clip&w=635

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ec0cca45cc022b036063035a6c46262ba387be618a37e588eeaf5e8803f5785a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 1456283
x-content-type-options: nosniff
x-cache: HIT, MISS, MISS
date: Sun, 29 Sep 2024 12:00:51 GMT
last-modified: Thu, 12 Sep 2024 15:29:28 GMT
x-served-by: cache-chi-kigq8000083-CHI, cache-fra-eddf8230054-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19412
server: imgix
x-imgix-id: dd501dfcc554996945a78cdcaeaa5a48c4dada90

GET
H2 200 open-sans-700.ttf
cdn.convertri.com/font/ 35 KB
36 KB 222ms
69ms Font
application/octet-stream 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/font/open-sans-700.ttf
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 79431c33f2330eccac17fdd2aa229c0ce43b9db9c7bec3031178e68a004331e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "bdafb9df42d16395dd5d87d12a74ea3f"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
date: Sun, 29 Sep 2024 12:00:51 GMT
content-type: application/octet-stream
cdn-cachedat: 09/24/2024 09:45:29
last-modified: Sat, 23 Jul 2016 08:57:46 GMT
x-amz-id-2: c0c7SsBmskh4vjmPb9hQqI6WYl9ao0SErO7EsNuXm7B0E/z3w5JaQODseKATcecm7bLOYtTZcjs=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: b467034e57ff1c43dd543ab515867d4e
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: M6K20E42N6RSVPBW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35924
cdn-edgestorageid: 1075
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB

GET
H2 200 open-sans-400.ttf
cdn.convertri.com/font/ 33 KB
34 KB 281ms
128ms Font
application/octet-stream 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/font/open-sans-400.ttf
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "953de7bafd9fdbf41ea443aacabe2706"
date: Sun, 29 Sep 2024 12:00:51 GMT
content-type: application/octet-stream
cdn-cachedat: 09/24/2024 09:45:29
last-modified: Sat, 23 Jul 2016 08:57:13 GMT
x-amz-id-2: beY0+yNuMHCUn4TmN//089KbQ+LTaffcFyUytyTsfj26V+Ohy+DsUYhSYjfQJv8R3LDEipB9H34=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 2a22173b2a0ee8bf14aa0c2d6e3725f0
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: M6K5PHB2G1QYT0AJ
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34156
cdn-edgestorageid: 874
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB

GET
H2 200 open-sans-italic-400.ttf
cdn.convertri.com/font/ 32 KB
33 KB 258ms
106ms Font
application/octet-stream 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/font/open-sans-italic-400.ttf
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 7834ece529ae284e3f5da3cb2d431c0876ca284a9a14065b683ed419e18119ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "7621d1489de7a1c7468a5ed6a8065331"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
date: Sun, 29 Sep 2024 12:00:51 GMT
content-type: application/octet-stream
cdn-cachedat: 09/24/2024 09:45:36
last-modified: Sat, 23 Jul 2016 08:59:06 GMT
x-amz-id-2: n2O6VZynSck5x8Q50yRvQGzzANKcb1XpvVEw7gWBJ9SWehuyJ/92oFtb+KU/zVLR1BA8KssPY63szNt9Xdk4Sn4grVmot2JnDBOm56zvmWM=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 58d92917b894f764c5335b3f9b063111
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: KBQDBAWXYSTK186E
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32852
cdn-edgestorageid: 865
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB

GET
H2 200 open-sans-600.ttf
cdn.convertri.com/font/ 34 KB
35 KB 247ms
95ms Font
application/octet-stream 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/font/open-sans-600.ttf
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 93b4b393bdf79a8047bd391f9ca92db7924db520f81eb2de4b7df2ce1e534783

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
etag: "b2d9749b74c1fe30d345296a7ee7fb04"
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
date: Sun, 29 Sep 2024 12:00:51 GMT
content-type: application/octet-stream
cdn-cachedat: 09/24/2024 09:45:30
last-modified: Sat, 23 Jul 2016 08:57:30 GMT
x-amz-id-2: jr55doyT6dMtcqVn/OpQHaNNRblB8Z59FhUkxOs3fkEPfc6RaHk/UXq4aSkC1OJz5g5VLBp1C1w=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: max-age=31536000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 2ed6430ffea45aeb399c3b3aebfb11fb
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: J0A919ZVCA8HCRK8
accept-ranges: bytes
access-control-allow-origin: *
content-length: 35240
cdn-edgestorageid: 864
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
20 KB 165ms
52ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc9.ttf

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 269590
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 09:07:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 09:07:41 GMT
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20828
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxP.ttf
fonts.gstatic.com/s/roboto/v30/ 35 KB
20 KB 169ms
55ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxP.ttf

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 288301
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 03:55:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 03:55:50 GMT
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20776
x-xss-protection: 0
server: sffe

GET
H3 200 MwQ5bhbm2POE2V9BOA.ttf
fonts.gstatic.com/s/abel/v18/ 28 KB
13 KB 210ms
97ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abel/v18/MwQ5bhbm2POE2V9BOA.ttf

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

894aacdff8dce532c9208d42ae7f4e04130d84eea78c82db8dee29d6025412da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 206689
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 27 Sep 2025 02:36:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 27 Sep 2024 02:36:02 GMT
last-modified: Tue, 19 Apr 2022 18:29:38 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13259
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v24/ 58 KB
29 KB 194ms
81ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPHA.ttf

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 11599
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Mon, 29 Sep 2025 08:47:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 08:47:32 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29896
x-xss-protection: 0
server: sffe

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc9.ttf
fonts.gstatic.com/s/roboto/v30/ 36 KB
20 KB 225ms
112ms Font
font/ttf 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc9.ttf

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ceb245a8f768b65c2ae250d96f5457b96e9537326da2feb2310b707736817aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://safe.cascadetreeworkswa.com
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 301803
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 26 Sep 2025 00:10:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 26 Sep 2024 00:10:48 GMT
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/ttf
vary: Accept-Encoding
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20948
x-xss-protection: 0
server: sffe

GET
H2 200 hls.min.js Show response
cdn.convertri.com/ 250 KB
71 KB 201ms
103ms Script
text/javascript 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/hls.min.js?v=2024-04-02-09-34-59
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 32c0c7414c1eb9e069da5856b5c128ff3d8e3c75643e0beae971aa154b9b58f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "f4a9a08528c83211d1238c7765404692"
date: Sun, 29 Sep 2024 12:00:51 GMT
last-modified: Tue, 24 Sep 2024 09:45:16 GMT
content-type: text/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-amz-id-2: hC/j7GVMt27A7vHw7JpgpuQskVTZw+AtHdBHQWAFHjhcKikVKTjE62ExIXhfw8elFHRNMNK4ax0=
cdn-requestpullcode: 200
cdn-cachedat: 09/24/2024 11:04:23
cache-control: max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 5614c51ea7b30c4370826cf3ffe83689
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: TQXFFW54F0NQ2RN1
cdn-edgestorageid: 1049
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB
x-amz-server-side-encryption: AES256

GET
H2 200 cdn.min.css
cdn.convertri.com/ 67 KB
9 KB 121ms
64ms Stylesheet
text/css 2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/cdn.min.css?v=2024-04-02-09-34-59
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: 4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: br
etag: W/"91bf7fad9eda26930ae8c633102e65e0"
date: Sun, 29 Sep 2024 12:00:51 GMT
last-modified: Tue, 24 Sep 2024 09:45:19 GMT
cdn-cachedat: 09/24/2024 09:56:57
vary: Accept-Encoding
content-type: text/css
x-amz-id-2: ECasG0wWJWwhJvRPgzjc+NuuhoQJd/1Nn+L23gGc64nvQfPv7Gq1TeC8lksNzDZ23edBjFJuwlM=
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cache: HIT
cdn-requestpullcode: 200
cache-control: max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 2cad80a8ce68ac3a8dcd7a9bb094a8c8
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: KFP129AY97KWSBCH
access-control-allow-origin: *
cdn-edgestorageid: 864
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 225 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e36c03118a09dd8359f282be55f89cb39ce72569da03b92f2554a5269940d0b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 532 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdb606af80827609406c3e38feec29b3163532f5bd9253eefbee50925f87f1d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 299 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8bc0f5a38e5948cfe0bf3bf5ff850d294f1924e87626ae51710be3f69cc7dcd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
97 KB 96ms
96ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CM64PSQWYD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1fefb7525d8155a361ca25aacad3786a9ce44100d515522748a8961d48483c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 29 Sep 2024 12:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99354
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 hotjar-1111111.js Show response
static.hotjar.com/c/ 13 KB
6 KB 198ms
52ms Script
application/javascript 18.66.102.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1111111.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-106.fra56.r.cloudfront.net

Software

Resource Hash

0c1a6f5e1689e396106b77ae0dc1226e74929893b3702409d477f03e0dc2e58a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
etag: W/061b1157c37a2465af75cefaeab0aeba
age: 25
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: fkHhRYIHD4P17sp3HH8JCR_WYfM28p2RgoJxjKeW2NyZYpyyfghq6g==
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 199ms
43ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 1844
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Sun, 29 Sep 2024 13:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 11:30:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 159ms
41ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=5673, tp=10, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: q5UPIaqvyzP+Q/lbzO4ZH65LuCD1qU26xT5eF5QHYRPvkvisrEgWqzPHbaMwaXpojT1B5/HXcevWxbW/KnyUQw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 8c140ff0-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 183ms
46ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/8c140ff0-b8b0-0136-d8da-06a9ed4ca31b?referer=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-request-id: F_m1R9j0VDnTQm1EfC2B
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 d0b43468fec27b0a7a1cd46.js Show response
cdn.rlets.com/capture_configs/2d8/9fc/89e/ 186 KB
44 KB 807ms
621ms Script
text/javascript 2600:9000:2724:c600:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2724:c600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c2bf29c7b34fea8d98ef447f88bface1ca60fcd2db4d3e59d4e6c1c1ef2583bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-request-id: 193d5861468ae5f1b8c48e53f69ebc9c
content-encoding: br
etag: W/"c2bf29c7b34fea8d98ef447f88bface1"
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: b7FhCYXUKb0xJ5XJXQ73ulHi8Zh5hB9MWXDcC6k1sbvx6SxDHo7b6Q==
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.102983
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P12

GET
H2 200 8c140ff0-b8b0-0136-d8da-06a9ed4ca31b Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 184ms
49ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/8c140ff0-b8b0-0136-d8da-06a9ed4ca31b
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-request-id: F_m1R9j2n5yH3ZWQHj8C
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 invitation.ashx Show response
salemlivechat.com/scripts/ 10 KB
4 KB 759ms
626ms Script
text/javascript 2606:4700:20::ac43:49d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/scripts/invitation.ashx?company=cascadetreeworks
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ55DH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11ad819b00d35caff9ac8cd106f6857839e8051885cebd3e6314916f2143837e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqdjWCozyrC8JoBSlYeCmFFjD3TodGWJcyczxtjI5eW%2FPBbCT9DWsbauBTtJEBh%2B7MpgUkR7klp6n14hUeKfP78lqZ2pEn5HCKWhfjC0Ns%2FL7rWAySXPMuS6pBkI2M%2FSgDbYaQ2IPCr8itui9qdj"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cabd0b68f87bebf-LHR
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 i
snowplow.convertri.com/ 43 B
336 B 550ms
254ms Image
image/gif 3.225.74.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://snowplow.convertri.com/i?stm=1727611252227&e=pv&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&page=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&tv=js-2.7.0&tna=cvt-cookies-enabled&aid=cvt&p=web&tz=Europe%2FLondon&lang=en-GB&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=a8f2ea5a-8dbc-436d-9599-7f48481bec5b&dtm=1727611252213&vp=1600x1200&ds=1600x2940&vid=1&sid=86dd19d0-df1d-4ffc-ad76-f4c60be319e0&duid=14af3f0f-ba65-4cc0-b99a-98b13cd45789&fp=564591521
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.74.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-225-74-32.compute-1.amazonaws.com
Software: spray-can/1.3.3 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

access-control-allow-origin: *
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: image/gif
server: spray-can/1.3.3
access-control-allow-credentials: true

GET
H2 200 playlist.m3u8 Show response
video.cvtdn.com/1d23b75b-6062-11eb-abef-0697e5ca793e/ 172 B
750 B 365ms
235ms XHR
application/octet-stream 35.241.14.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://video.cvtdn.com/1d23b75b-6062-11eb-abef-0697e5ca793e/playlist.m3u8
Requested by: Host: cdn.convertri.com
URL: https://cdn.convertri.com/hls.min.js?v=2024-04-02-09-34-59
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.14.198 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 198.14.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e110f69560527dfe2c971e6564bd4b742693a7999363db090c7a3de218caeff2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-goog-metageneration: 1
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash: crc32c=WHgmbQ==, md5=ZR4k4zB7Xzpjw9aDHlWM6g==
etag: "651e24e3307b5f3a63c3d6831e558cea"
x-goog-stored-content-encoding: identity
expires: Sun, 29 Sep 2024 13:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 172
date: Sun, 29 Sep 2024 12:00:52 GMT
last-modified: Wed, 29 Jun 2022 11:01:06 GMT
content-type: application/octet-stream
x-guploader-uploadid: AD-8ljtzHyLAX9iVOuIQ8v__KB2fVVt73PULoMeoGzQEgg52fEQ3DyTU18ohPTv_4uOq2Ur2mg
cache-control: public, max-age=3600
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1656500466259913
content-length: 172
server: UploadServer

GET
H3 200 511590116097873 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 214ms
213ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/511590116097873?v=2.9.169&r=stable&domain=safe.cascadetreeworkswa.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54f280aaf6181118d3f0a7c3a20540530bdce070e6b65d7e4a747017c959164e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=44, rtx=0, c=74, mss=1232, tbw=68503, tp=64, tpl=0, uplat=173, ullat=0
pragma: public
x-fb-debug: IWDRdrq986TqUg35UlsySxS8HMV2PXFHW3coKLoZOuC6zaWFub0B8wIJaCP2t4aVQReV3YabdEiCvBGz05cP+Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 modules.0721e7cf944cf9d78a0b.js Show response
script.hotjar.com/ 224 KB
56 KB 212ms
61ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1111111.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "ac12d2f9dbf41b678b7eb52a4d3e70f3"
age: 859125
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: tHz72vJLVMsehzhWlJUBRq0H1ggXGjK_B_W7zucK_hu8NmspEpe4ag==
date: Thu, 19 Sep 2024 13:22:07 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 19 Sep 2024 13:21:34 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 4770dda4e92393e930d8a34dcbb04db2.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56508
x-amz-cf-pop: FRA60-P9

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
442 B 76ms
75ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1680164548&t=pageview&_s=1&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&ul=en-gb&de=UTF-8&dt=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAAI~&jid=473338370&gjid=1095515762&cid=2140986191.1727611253&tid=UA-33599368-1&_gid=2046362761.1727611253&_r=1&_slc=1&gtm=45He49p0n81NGZ55DHv830763300za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&z=778733241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

05b8163ec2e89e87a043f7bcdbe4c9b4cc007fcac0a5011daa4a24d3a31ce62b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://safe.cascadetreeworkswa.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:52 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://safe.cascadetreeworkswa.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 202ms
57ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CM64PSQWYD&gtm=45je49p0v9127016777z8830763300za200zb830763300&_p=1727611251633&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035~101747727&cid=2140986191.1727611253&ul=en-gb&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727611252&sct=1&seg=0&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dt=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&en=page_view&_fv=1&_ss=1&tfd=1545
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CM64PSQWYD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://safe.cascadetreeworkswa.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 286 KB
99 KB 61ms
61ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CM64PSQWYD&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cce28f32827773261788bfc663345e25c77ac314d5e659f4b67e73297f20610e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 29 Sep 2024 12:00:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:52 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100994
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 cascade-20200215053549_1.png
convertri.imgix.net/11de3a82-5e7b-11ea-abef-0697e5ca793e/f85d3cf59063ecc6b5659a3d06c683b1b535d01e/ 6 KB
6 KB 163ms
132ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/11de3a82-5e7b-11ea-abef-0697e5ca793e/f85d3cf59063ecc6b5659a3d06c683b1b535d01e/cascade-20200215053549_1.png?auto=compress,format&fit=scale&w=121&h=146

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

244aae2490bf8039daf5ba07826e8dc6793a2af79c3230bad40714a24547d027

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 696
x-content-type-options: nosniff
x-cache: HIT, MISS, MISS
date: Sun, 29 Sep 2024 12:00:53 GMT
last-modified: Sun, 29 Sep 2024 11:49:17 GMT
x-served-by: cache-chi-klot8100132-CHI, cache-fra-etou8220111-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5861
server: imgix
x-imgix-id: a7307912335240df2cbee7abdec5ec7814cdc3c4

GET
H2 200 57e5d2404f5ab114a6d98479c52b377b1622dfe05b52784e742d78d6_1920.png
convertri.imgix.net/11de3a82-5e7b-11ea-abef-0697e5ca793e/fa039c4302ac5c260db6aab3f9e004d495177862/ 727 B
923 B 33ms
3ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/11de3a82-5e7b-11ea-abef-0697e5ca793e/fa039c4302ac5c260db6aab3f9e004d495177862/57e5d2404f5ab114a6d98479c52b377b1622dfe05b52784e742d78d6_1920.png?auto=compress,format&fit=scale&w=30&h=40

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

e0fe9d128932f154b6fc5ac026dd5c8bfaef757557a876ba1564c5a2898ff286

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 332931
x-content-type-options: nosniff
x-cache: HIT, MISS, HIT
date: Sun, 29 Sep 2024 12:00:52 GMT
last-modified: Wed, 25 Sep 2024 15:32:01 GMT
x-served-by: cache-chi-klot8100085-CHI, cache-fra-etou8220104-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 727
server: imgix
x-imgix-id: 5c2a51293264b083f1c9cf4b5c939c3c78d294e7

GET
H2 200 Untitled%20design-Max-Quality%20%286%29.jpg
convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/f670e62a084469eb3164da95f8cbf4a80da3dad2/ 47 KB
48 KB 164ms
134ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/f670e62a084469eb3164da95f8cbf4a80da3dad2/Untitled%20design-Max-Quality%20%286%29.jpg?auto=compress,format&fit=scale&w=1080&h=474

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

d71b7faf20dd4e36aa2f476b3d95fe561c46d282dbcf4c6259c4dfd3c725b806

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 695
x-content-type-options: nosniff
x-cache: HIT, MISS, MISS
date: Sun, 29 Sep 2024 12:00:53 GMT
last-modified: Sun, 29 Sep 2024 11:49:17 GMT
x-served-by: cache-chi-klot8100057-CHI, cache-fra-etou8220028-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48525
server: imgix
x-imgix-id: 968fdd12fa5bca89f0977cb5f27ee99654c80957

GET
H2 200 fallen-229864__340.jpg
convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/e3b52fad7c98d026f672d9bab30e656ec018cbef/ 5 KB
5 KB 165ms
135ms Image
image/avif 2a04:4e42:200::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://convertri.imgix.net/3a439bf7-687e-11ea-abef-0697e5ca793e/e3b52fad7c98d026f672d9bab30e656ec018cbef/fallen-229864__340.jpg?auto=compress,format&fit=scale&w=156&h=117

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c6e346679688874e653b068c9c8613536240f84335cff7fc6f55aced45e73f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 696
x-content-type-options: nosniff
x-cache: HIT, MISS, MISS
date: Sun, 29 Sep 2024 12:00:53 GMT
last-modified: Sun, 29 Sep 2024 11:49:17 GMT
x-served-by: cache-chi-klot8100070-CHI, cache-fra-etou8220090-FRA, cache-lon4271-LON
vary: Accept, User-Agent
content-type: image/avif
cache-control: public, max-age=2419200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4714
server: imgix
x-imgix-id: e0b38757eba76dfa395b9b144b9db1006b5203bb

GET
H2 200 video.m3u8 Show response
vz-6c827c39-104.b-cdn.net/84b6c868-e20c-49bb-a114-06bf22acf3b2/1280x720/ 538 B
920 B 351ms
123ms XHR
application/vnd.apple.mpegurl 2400:52e0:1e00::722:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vz-6c827c39-104.b-cdn.net/84b6c868-e20c-49bb-a114-06bf22acf3b2/1280x720/video.m3u8
Requested by: Host: cdn.convertri.com
URL: https://cdn.convertri.com/hls.min.js?v=2024-04-02-09-34-59
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::722:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: cdb0bec9466184aa1bb668b30d88dcebfd63b4b1c8c0eec808f1347b5a48e29d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 369
date: Sun, 29 Sep 2024 12:00:53 GMT
cdn-storageserver: DE-383
last-modified: Wed, 29 Jun 2022 11:01:03 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: MISS
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 09/29/2024 12:00:53
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 5279b5d3a8b7b833b82850ae6e544a34
cdn-pullzone: 752138
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 874
server: BunnyCDN-DE1-722
cdn-requestcountrycode: GB

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 221ms
66ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=511590116097873&ev=PageView&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&rl=&if=false&ts=1727611252971&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4126&fbp=fb.1.1727611252955.192563755174347409&cs_est=true&ler=empty&cdl=API_unavailable&it=1727611252604&coo=false&exp=f0&rqm=GET

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=10, mss=1392, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 380ms
226ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=511590116097873&ev=PageView&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&rl=&if=false&ts=1727611252971&sw=1600&sh=1200&v=2.9.169&r=stable&ec=0&o=4126&fbp=fb.1.1727611252955.192563755174347409&cs_est=true&ler=empty&cdl=API_unavailable&it=1727611252604&coo=false&exp=f0&rqm=FGET

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7420033832177667996"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: oyE4HL+6iqyxoYMQ7Vv1fSblqT9JrABIq7QmhHz+dGp4m0zE2XP2KrndnDf/VXAOOK/1IC0N8nY6s6smo5nDzA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7420033832177667996", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1392, tbw=3089, tp=-1, tpl=-1, uplat=169, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 204 1111111 Show response
vc.hotjar.io/sessions/ 0
233 B 271ms
127ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1111111?s=0.25&r=0.01790103264185161
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
access-control-allow-origin: *
cache-control: no-store
x-cache: Miss from cloudfront
x-amz-cf-id: Yv0IqHAbZKG3kzwNBz0LFlYZ2WMZprSFifS3S_zX0Qh0__d1d1M-UA==
date: Sun, 29 Sep 2024 12:00:53 GMT
x-amz-cf-pop: FRA56-P5

GET 49506f7e-05ab-4be3-aa8e-d580d379f8c3
https://safe.cascadetreeworkswa.com/ Frame 0
0

GET
H2 200 video0.ts Show response
vz-6c827c39-104.b-cdn.net/84b6c868-e20c-49bb-a114-06bf22acf3b2/1280x720/ 1 MB
1 MB 332ms
332ms XHR
video/mp2t 2400:52e0:1e00::722:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://vz-6c827c39-104.b-cdn.net/84b6c868-e20c-49bb-a114-06bf22acf3b2/1280x720/video0.ts
Requested by: Host: cdn.convertri.com
URL: https://cdn.convertri.com/hls.min.js?v=2024-04-02-09-34-59
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::722:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-722 /
Resource Hash: 9d1c51f7fd7f5695362220668baba96a35904521e94103988677473bfb5e995a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 369
date: Sun, 29 Sep 2024 12:00:53 GMT
cdn-storageserver: DE-679
content-type: video/mp2t
last-modified: Wed, 29 Jun 2022 11:01:03 GMT
cdn-cachedat: 09/29/2024 12:00:53
cdn-cache: MISS
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: 680459f8c57326cc7baa9119b05101a6
cdn-pullzone: 752138
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1448728
cdn-edgestorageid: 1076
server: BunnyCDN-DE1-722
cdn-requestcountrycode: GB

GET
H2 200 storage.html
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/ Frame 6224 0
0 704ms
284ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://safe.cascadetreeworkswa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Sun, 29 Sep 2024 12:00:54 GMT
last-modified: Wed, 21 Aug 2024 16:44:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 p Show response
i.simpli.fi/ 800 B
763 B 80ms
64ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=150871&cb=sifi_att_1319882._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/8c140ff0-b8b0-0136-d8da-06a9ed4ca31b?referer=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 7b4b1f3056e9cc648aaf62299f41427606bdb673f7737fe948c0a20212da2597

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=685F42CA731A41588F0678F922C5ABB8

0
237 B

368ms
68ms

Image
text/plain

2600:9000:211e:7e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 2600:9000:211e:7e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

via: 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: vm459RTj9kVmOx2dF5nJNjmHG9MsKG4Zdb2upfo6qX8LRz357FyUkA==
date: Sun, 29 Sep 2024 12:00:54 GMT
x-amz-cf-pop: FRA56-C2
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:53 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/685F42CA731A41588F0678F922C5ABB8
https://sync.1rx.io/usersync/simplifi/685F42CA731A41588F0678F922C5ABB8?zcc=1&cb=1727611254095
https://sync.targeting.unrulymedia.com/csync/RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003

43 B
378 B

233ms
86ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Sun, 29 Sep 2024 12:00:54 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003
date: Sun, 29 Sep 2024 12:00:54 GMT
pragma: no-cache
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=685F42CA731A41588F0678F922C5ABB8&dongle=yf3

37 B
140 B

194ms
78ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=685F42CA731A41588F0678F922C5ABB8&dongle=yf3
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=685F42CA731A41588F0678F922C5ABB8&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:53 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=685F42CA731A41588F0678F922C5ABB8

43 B
175 B

574ms
243ms

Image
image/gif

2600:1f18:612b:4216:34cf:f8f2:c159:f9a3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 2600:1f18:612b:4216:34cf:f8f2:c159:f9a3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:53 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:53 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8

95 B
429 B

67ms
66ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=685F42CA731A41588F0678F922C5ABB8
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Sun, 29 Sep 2024 12:00:54 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=685F42CA731A41588F0678F922C5ABB8
https://d.agkn.com/pixel/10751/?che=1727611254155&ip=194.74.212.80&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216783105020001668074
https://um.simpli.fi/aa_px?sk=216783105020001668074
https://um.simpli.fi/empty.gif

43 B
361 B

36ms
35ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=685F42CA731A41588F0678F922C5ABB8

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 66ms
58ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 66ms
58ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=685F42CA731A41588F0678F922C5ABB8;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=685F42CA731A41588F0678F922C5ABB8;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
88 B

239ms
226ms

Image
text/html

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.137 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Sun, 29 Sep 2024 12:00:54 GMT
age: 0
content-type: text/html
server: ATS/9.1.10.137

Redirect headers

cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
content-length: 344
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
content-language: en
server: ATS/9.1.10.137

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0&xl8blockcheck=1

0
771 B

85ms
73ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0&xl8blockcheck=1
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 29 Sep 2024 12:00:54 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=685F42CA731A41588F0678F922C5ABB8&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 69ms
61ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=685F42CA731A41588F0678F922C5ABB8

0
421 B

546ms
123ms

Image
text/plain

52.207.125.55
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: HTTP/1.1
Server: 52.207.125.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-125-55.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

Date: Sun, 29 Sep 2024 12:00:53 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=685F42CA731A41588F0678F922C5ABB8

62 B
445 B

396ms
224ms

Image
image/gif

2.18.160.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 2.18.160.221 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-221.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length: 62
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=685F42CA731A41588F0678F922C5ABB8
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=685F42CA731A41588F0678F922C5ABB8

49 B
265 B

261ms
94ms

Image
image/gif

52.211.255.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 52.211.255.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-255-159.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
x-server: 10.45.8.40
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=685F42CA731A41588F0678F922C5ABB8

0
223 B

223ms
57ms

Image
text/plain

52.208.23.237
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 52.208.23.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-23-237.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 29 Sep 2024 12:00:54 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=685F42CA731A41588F0678F922C5ABB8

0
98 B

181ms
47ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 29 Sep 2024 12:00:54 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.co.uk/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1727611253730&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.co.uk/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCL...

42 B
64 B

186ms
73ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI4KbouI3oiAMVM4mDBx2IzTOWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiRodHRwczovL3NhZmUuY2FzY2FkZXRyZWV3b3Jrc3dhLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfskQ4UontXlCHT9aOIK4bF6y33t17bw&random=2563670598&ipr=y

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 29 Sep 2024 12:00:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.co.uk/pagead/1p-conversion/1026675585/?random=1396272116&cv=7&fst=1727611253730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAg&pscrd=IhMI4KbouI3oiAMVM4mDBx2IzTOWMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOiRodHRwczovL3NhZmUuY2FzY2FkZXRyZWV3b3Jrc3dhLmNvbS8&is_vtc=1&cid=CAQSGwDpaXnfskQ4UontXlCHT9aOIK4bF6y33t17bw&random=2563670598&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 29 Sep 2024 12:00:54 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 74ms
67ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Sun, 29 Sep 2024 12:00:54 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=685F42CA731A41588F0678F922C5ABB8
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D685F42CA731A41588F0678F922C5ABB8

43 B
1 KB

125ms
125ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D685F42CA731A41588F0678F922C5ABB8

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.80; 194.74.212.80; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 02938341-9135-4173-978f-67794936253b
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 29 Sep 2024 12:00:54 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D685F42CA731A41588F0678F922C5ABB8
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 194.74.212.80; 194.74.212.80; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 20a985d9-3cb0-4c36-aa6d-fd95a99b830d
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 29 Sep 2024 12:00:54 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=685F42CA731A41588F0678F922C5ABB8&expires=365

0
239 B

237ms
42ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=685F42CA731A41588F0678F922C5ABB8&expires=365
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e8e3ec71b160ae7345e4e302cc752a77
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=685F42CA731A41588F0678F922C5ABB8&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=685F42CA731A41588F0678F922C5ABB8

43 B
264 B

182ms
46ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=685F42CA731A41588F0678F922C5ABB8
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="CUR ADM OUR NOR STA NID"
content-length: 43
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=685F42CA731A41588F0678F922C5ABB8
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 29 Sep 2024 12:00:54 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEDdjIVaqwfQlgvUB9TR3ITk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=685F42CA731A41588F0678F922C5ABB8
https://um.simpli.fi/g_match?id=

0
320 B

36ms
34ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
expires: Sat, 28 Sep 2024 12:00:54 GMT
access-control-allow-origin: *
date: Sun, 29 Sep 2024 12:00:54 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

cache-control: no-cache, must-revalidate
location: https://um.simpli.fi/g_match?id=
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 229
date: Sun, 29 Sep 2024 12:00:54 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
DATA 200
OK truncated
/ 225 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f28a9a5b4fb3efdf4c1740a637720fe4fffcc89169419f1f7408be684bf68c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 originCountry Show response
capture-api.reachlocalservices.com/ 36 B
589 B 199ms
199ms XHR
application/json 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: /
Resource Hash: 22cf051cb6374ac9edc083ae947200b04db763f7618f0539fb66274479fe38e9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-amz-apigw-id: e3cqpEeXvHcElYA=
x-amzn-trace-id: Root=1-66f94177-70bd576b730a99b410ebf814;Parent=0539d649cb261fd5;Sampled=0;lineage=1:a245b58f:0
access-control-allow-credentials: true
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
x-amzn-requestid: 3c5ae6a0-3ac2-4275-b57d-6469a084a1d0
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 36
x-amz-cf-id: ApJH0oN_w3zlVsj-3xQHD07Y0TXrPLchNPJzvRiZAHKreThHC16oxg==
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P4
access-control-allow-headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With

OPTIONS
H2 200 originCountry
capture-api.reachlocalservices.com/ Frame 0
0 615ms
475ms Preflight
application/json 18.66.147.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capture-api.reachlocalservices.com/originCountry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-58.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://safe.cascadetreeworkswa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 29 Sep 2024 12:00:54 GMT
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-apigw-id: e3cqoFM3vHcEZRQ=
x-amz-cf-id: Ds6CP09U4tSbbZZnDBaE5zdtAt5JBkCmpgpbn3CDc-iho2xCJ5c99A==
x-amz-cf-pop: FRA60-P4
x-amzn-requestid: 533958b0-28be-4fb9-a3dd-31e7e0d0e4fb
x-cache: Miss from cloudfront

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 38ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1680164548&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&ul=en-gb&de=UTF-8&dt=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2F&el=10%25&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2140986191.1727611253&tid=UA-33599368-1&_gid=2046362761.1727611253&gtm=45He49p0n81NGZ55DHv830763300za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&z=1352031119

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 47435
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 22:50:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H3 200 collect
www.google-analytics.com/ 35 B
58 B 39ms
39ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1680164548&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&ul=en-gb&de=UTF-8&dt=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=%2F&el=25%25&_u=aGDACEABBAAAACAAI~&jid=&gjid=&cid=2140986191.1727611253&tid=UA-33599368-1&_gid=2046362761.1727611253&gtm=45He49p0n81NGZ55DHv830763300za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035~101747727&z=779548945

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

age: 47435
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 28 Sep 2024 22:50:20 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET ed4c6b25-6041-4cc8-9f90-e07bc560fe37
https://safe.cascadetreeworkswa.com/ Frame 0
0

GET
H2

200

favicon.ico
cdn.convertri.com/
Redirect Chain

https://safe.cascadetreeworkswa.com/favicon.ico
https://cdn.convertri.com/favicon.ico

2 KB
3 KB

46ms
46ms

Other
image/png

2400:52e0:1e00::1054:1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.convertri.com/favicon.ico
Protocol: H2
Server: 2400:52e0:1e00::1054:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-DE1-1054 /
Resource Hash: c79c14bf58a56fb450588a775ea6e0b231f4c8f6977c6334b650795162e14e79

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cdn-status: 200
etag: "542a6c950dc11dfdcc8262df4185b767"
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: image/png
last-modified: Tue, 11 Sep 2018 10:57:55 GMT
cdn-cachedat: 09/24/2024 09:45:31
cdn-cache: HIT
x-amz-id-2: lqApEho6/xQYZMpzKN2c7Gmz+nml8tR2f/yvYmvj2rv5HvxTXm7RRdWqt1ccIokk+n6VcsnQ+AWAmjF7chte5MG57p3mYpaa
cdn-requestpullcode: 200
cache-control: max-age=604800
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: aa1ac425-1b79-4cdb-bd61-f1990cecd40e
cdn-requestid: b69a825d5e7c18ec586f6a5ac6f210b1
cdn-pullzone: 408079
cdn-proxyver: 1.04
x-amz-request-id: M6KA20T9V75J23FD
accept-ranges: bytes
content-length: 2425
cdn-edgestorageid: 1053
server: BunnyCDN-DE1-1054
cdn-requestcountrycode: GB

Redirect headers

location: https://cdn.convertri.com/favicon.ico
content-length: 73
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding

GET
H2 200 _.gif
fault.rlets.com/static/ 43 B
419 B 711ms
345ms Image
image/gif 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fault.rlets.com/static/_.gif?s=2d89fc89-ed0b-4346-8fec-27b0a7a1cd46&m=Unknown%20OS%20or%20OS%20Version&f=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-frame-options: ALLOWALL
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: f84860b9cb5de82838ffb3f1e5ef62b6
cache-control: private
etag: W/"42b976597a2d977d0e300f6d06bc903d"
content-transfer-encoding: binary
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: image/gif
content-disposition: inline
x-runtime: 0.002459
access-control-allow-headers: Content-Type

GET
H2 200 bat.js Show response
bat.bing.com/ 49 KB
15 KB 222ms
41ms Script
application/javascript 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "803483b3aaadb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23E94AC60F474BEBB235908AA4602B95 Ref B: LON04EDGE1208 Ref C: 2024-09-29T12:00:55Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14402
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2024 15:43:41 GMT
vary: Accept-Encoding

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
92 KB 66ms
66ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-482845254

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

156859d2300623da8b09cdbe3d8bc118c21ac6c150bc8e95e973f90e8cfa89a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 29 Sep 2024 12:00:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:55 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94586
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 visits Show response
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/api/v1/ 0
382 B 309ms
308ms XHR
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/api/v1/visits

Requested by

Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-frame-options: ALLOWALL
strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: 250fe5a5b8a077e8e4235e1bd12fc028
cache-control: no-cache
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
date: Sun, 29 Sep 2024 12:00:56 GMT
content-type: text/html
x-runtime: 0.008309
access-control-allow-headers: Content-Type

OPTIONS
H2 200 visits
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/api/v1/ Frame 0
0 712ms
311ms Preflight
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/api/v1/visits

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

78.224.168.34.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	ALLOWALL

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://safe.cascadetreeworkswa.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html
date: Sun, 29 Sep 2024 12:00:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: ALLOWALL
x-request-id: ed9793c353bb598c2b1aede3daeb22d4
x-runtime: 0.001321

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45be49p0za200&au...
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45b...

42 B
65 B

58ms
56ms

Ping
image/gif

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45be49p0za200&auid=390392058.1727611255&frm=0

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 42
date: Sun, 29 Sep 2024 12:00:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3t3t5l1&tag_exp=101671035~101747727&rnd=44120574.1727611255&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&dma=0&npa=0&gtm=45be49p0za200&auid=390392058.1727611255&frm=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 29 Sep 2024 12:00:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/482845254/ 5 KB
2 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/482845254/?random=1727611255405&cv=11&fst=1727611255405&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&npa=0&pscdl=noapi&auid=390392058.1727611255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-482845254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af8a371d6c8af7f6780dcdcec521e5a075cc51a53fcb9fb05d1130d36504b5c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2378
date: Sun, 29 Sep 2024 12:00:55 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 482845254
td.doubleclick.net/td/rul/ Frame 1193 0
0 210ms
78ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/482845254?random=1727611255405&cv=11&fst=1727611255405&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&npa=0&pscdl=noapi&auid=390392058.1727611255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-482845254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://safe.cascadetreeworkswa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 29 Sep 2024 12:00:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/482845254/ 42 B
64 B 59ms
57ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/482845254/?random=1727611255405&cv=11&fst=1727611200000&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&npa=0&pscdl=noapi&auid=390392058.1727611255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnffchOOkF41Zruy_qRFr3SnZ2aANXvhu4mnxmErMuUKhpw9XNV&random=2396225969&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 29 Sep 2024 12:00:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.co.uk/pagead/1p-user-list/482845254/ 42 B
64 B 59ms
58ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/482845254/?random=1727611255405&cv=11&fst=1727611200000&bg=ffffff&guid=ON&async=1&gtm=45be49p0za200&gcd=13t3t3t3t5l1&dma=0&tag_exp=101671035~101747727&u_w=1600&u_h=1200&url=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&hn=www.googleadservices.com&frm=0&tiba=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&npa=0&pscdl=noapi&auid=390392058.1727611255&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnffchOOkF41Zruy_qRFr3SnZ2aANXvhu4mnxmErMuUKhpw9XNV&random=2396225969&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 29 Sep 2024 12:00:55 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 0
bat.bing.com/action/ 0
286 B 38ms
38ms Image
text/plain 2620:1ec:33:1::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56298707&Ver=2&mid=a683ee75-8fba-4972-8179-7d1eba78e305&sid=7c566d007e5a11efb51f6b4e49bbb1ad&vid=7c5651f07e5a11ef8a5839a442edc57b&vids=1&msclkid=N&pi=918639831&lg=en-GB&sw=1600&sh=1200&sc=24&tl=Portland%20%26%20Vancouver%20Hazardous%20Tree%20Inspections%20%7C%20Cascade%20Tree%20Works%20%7C%20A&p=https%3A%2F%2Fsafe.cascadetreeworkswa.com%2F&r=&lt=3825&evt=pageLoad&sv=1&cdb=AQAA&rn=724965

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6F28C1C03C634819AA76870B6C092CB3 Ref B: LON04EDGE1208 Ref C: 2024-09-29T12:00:57Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Sun, 29 Sep 2024 12:00:56 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 92 KB
33 KB 194ms
51ms Script
text/javascript 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: gzip
age: 306977
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Thu, 25 Sep 2025 22:44:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 25 Sep 2024 22:44:40 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33333
x-xss-protection: 0
server: sffe

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
50 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=

Requested by

Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

35ee2370b5fd7d39f447e7a142f66c3fabe02974c68c4700a81874c830e69282

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 29 Sep 2024 12:00:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 29 Sep 2024 12:00:57 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 51036
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 bubble.png
d3b4i635mede5k.cloudfront.net/ Frame EBB3 606 B
969 B 225ms
61ms Image
image/png 2600:9000:2490:6c00:12:879f:ba00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3b4i635mede5k.cloudfront.net/bubble.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6c00:12:879f:ba00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

vary: Accept-Encoding
etag: "40b49ccf770e4f18b0b7351d88e0fc06"
age: 28574
via: 1.1 cfbb6e543d97587a32117dbabb25fc86.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 606
x-amz-cf-id: DFWAhYI2ssAK3YnDEaUZiwDstTSN2z9eTGVTSEAHRk6aDbB9fWmXDw==
date: Sun, 29 Sep 2024 05:02:33 GMT
content-type: image/png
last-modified: Fri, 15 Sep 2023 03:36:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 pinghandler.ashx Show response
salemlivechat.com/handlers/slim/ 24 B
1 KB 718ms
613ms XHR
text/javascript 2606:4700:20::ac43:49d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://salemlivechat.com/handlers/slim/pinghandler.ashx?logType=shown&visitorId=1617071006&company=cascadetreeworks
Requested by: Host: safe.cascadetreeworkswa.com
URL: https://safe.cascadetreeworkswa.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

access-control-expose-headers: Request-Context
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2MD8Dby0y5IrYJk1MLlj9mjxy%2F84fF%2FkFS5S6%2FObJA14s1SHAbzHcbhCmmDEmQYqvqsURxC9%2F%2BRqrBIGHvlPTLi0fN63WnuNf8i5sq%2FXgMXJtbXB1jy6%2BWpFf%2BfDDvVCzjkWRj%2BJdu4DnMGv0%2Ba"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: POST,GET,OPTIONS,PUT,DELETE
x-ua-compatible: IE=edge
date: Sun, 29 Sep 2024 12:00:58 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, referring-domain, apexchat-username, apexchat-password, apexchat-company, Authorization
cache-control: private,no-transform
x-aspnet-version: 4.0.30319
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
request-context: appId=cid-v1:1063dcea-9f69-45d6-9f3e-65688f6e6a4f
cf-ray: 8cabd0d9984ccd26-LHR
access-control-allow-origin: *
content-length: 140
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame EBB3 177 KB
45 KB 44ms
42ms Script
application/javascript 2600:9000:2724:c600:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:c600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"04724134d571b7964120d72a52caedb0"
age: 676
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iK9UJGEjbKYG2Xs_3A8A8y_HQzGoeNqnqJJtQGvQIyh6d_bJIOiybQ==
date: Sun, 29 Sep 2024 11:49:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 25 Sep 2024 18:31:52 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame 5C7A 177 KB
0 44ms
44ms Script
application/javascript 2600:9000:2724:c600:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:c600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"04724134d571b7964120d72a52caedb0"
age: 676
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iK9UJGEjbKYG2Xs_3A8A8y_HQzGoeNqnqJJtQGvQIyh6d_bJIOiybQ==
date: Sun, 29 Sep 2024 11:49:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 25 Sep 2024 18:31:52 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 capture.js Show response
cdn.rlets.com/capture_static/mms/ Frame 830F 177 KB
0 44ms
44ms Script
application/javascript 2600:9000:2724:c600:6:9a19:88c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rlets.com/capture_static/mms/capture.js
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_configs/2d8/9fc/89e/d0b43468fec27b0a7a1cd46.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:c600:6:9a19:88c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

x-amz-cf-pop: FRA56-P12
content-encoding: gzip
etag: W/"04724134d571b7964120d72a52caedb0"
age: 676
via: 1.1 65c5d5104f267ee43cce97d81871c884.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: iK9UJGEjbKYG2Xs_3A8A8y_HQzGoeNqnqJJtQGvQIyh6d_bJIOiybQ==
date: Sun, 29 Sep 2024 11:49:42 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Wed, 25 Sep 2024 18:31:52 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 storage.html
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/ Frame 3F44 0
0 1ms
0ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.224.168.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://safe.cascadetreeworkswa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Sun, 29 Sep 2024 12:00:54 GMT
last-modified: Wed, 21 Aug 2024 16:44:54 GMT

GET
H2 200 storage.html
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/ Frame 38E7 0
0 1ms
1ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.224.168.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://safe.cascadetreeworkswa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Sun, 29 Sep 2024 12:00:54 GMT
last-modified: Wed, 21 Aug 2024 16:44:54 GMT

GET
H2 200 storage.html
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/ Frame 6C2B 0
0 0ms
0ms Document
text/html 34.168.224.78
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/static/storage.html
Requested by: Host: cdn.rlets.com
URL: https://cdn.rlets.com/capture_static/mms/capture.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.168.224.78 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 78.224.168.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://safe.cascadetreeworkswa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-length: 2056
content-type: text/html
date: Sun, 29 Sep 2024 12:00:54 GMT
last-modified: Wed, 21 Aug 2024 16:44:54 GMT

OPTIONS insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ Frame 0
0

POST insights
capturelogger-prod-usa.localiq.com/capture_logger/api/v1/ Frame EBB3 0
0

GET
H2 200 mg__7957.png
d10w4s0jex8wby.cloudfront.net/ Frame 5C7A 55 KB
55 KB 239ms
62ms Image
image/png 2600:9000:2644:c00:1e:68cf:ab80:21

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10w4s0jex8wby.cloudfront.net/mg__7957.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:c00:1e:68cf:ab80:21 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7ac069b76d1869b055de0d24bbcd118e231133c46df2ec4d7cb0679f7b0c11e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://safe.cascadetreeworkswa.com/

Response headers

etag: "639532bcab2d722bd36a46c61cbfd641"
age: 41799
via: 1.1 bc3ecf5f025b0be9b8c39c5dd2dace2e.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 55896
x-amz-cf-id: ILEdhXbX_bAERgH8hWDB71saB6oG4vsCOPTMsMe1gmYXcJVZMqzYIg==
date: Sun, 29 Sep 2024 00:24:22 GMT
content-type: image/png
last-modified: Mon, 11 Apr 2022 22:37:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: safe.cascadetreeworkswa.com
URL: blob:https://safe.cascadetreeworkswa.com/49506f7e-05ab-4be3-aa8e-d580d379f8c3

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=685F42CA731A41588F0678F922C5ABB8

Domain: safe.cascadetreeworkswa.com
URL: blob:https://safe.cascadetreeworkswa.com/ed4c6b25-6041-4cc8-9f90-e07bc560fe37

Domain: capturelogger-prod-usa.localiq.com
URL: https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights

Domain: capturelogger-prod-usa.localiq.com
URL: https://capturelogger-prod-usa.localiq.com/capture_logger/api/v1/insights

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
safe.cascadetreeworkswa.com/	1970-01-20 23:53:33	Name: _sp_ses.2ead Value: *
safe.cascadetreeworkswa.com/	1970-01-21 09:29:31	Name: _sp_id.2ead Value: 14af3f0f-ba65-4cc0-b99a-98b13cd45789.1727611252.1.1727611252.1727611252.86dd19d0-df1d-4ffc-ad76-f4c60be319e0
.simpli.fi/	1970-01-21 08:40:33	Name: suid Value: 685F42CA731A41588F0678F922C5ABB8
.cascadetreeworkswa.com/	1970-01-20 23:54:57	Name: _gid Value: GA1.2.2046362761.1727611253
.cascadetreeworkswa.com/	1970-01-20 23:53:31	Name: _gat_UA-33599368-1 Value: 1
.cascadetreeworkswa.com/	1970-01-21 09:29:31	Name: _ga_CM64PSQWYD Value: GS1.1.1727611252.1.0.1727611252.0.0.0
.cascadetreeworkswa.com/	1970-01-21 02:03:07	Name: _fbp Value: fb.1.1727611252955.192563755174347409
.cascadetreeworkswa.com/	1970-01-21 08:39:07	Name: _hjSessionUser_1111111 Value: eyJpZCI6ImY4YzllYTViLWE5ZDQtNWIxNy04YjIzLWQ1ZTUxNjViNDY4MCIsImNyZWF0ZWQiOjE3Mjc2MTEyNTMwODAsImV4aXN0aW5nIjpmYWxzZX0=
.cascadetreeworkswa.com/	1970-01-20 23:53:33	Name: _hjSession_1111111 Value: eyJpZCI6ImYzMTAxZTkyLTRlNmMtNDkxNy04YjIxLTk4ZTQxMmY4YWJiNSIsImMiOjE3Mjc2MTEyNTMwODEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.simpli.fi/	1970-01-21 00:03:36	Name: uid_syncd_secure Value: true
.tapad.com/	1970-01-21 01:19:55	Name: TapAd_TS Value: 1727611254093
.tapad.com/	1970-01-21 01:19:55	Name: TapAd_DID Value: d246d97b-8780-4de8-9db2-7eebc508a5f7
.doubleclick.net/	1970-01-21 09:15:07	Name: IDE Value: AHWqTUkNoaIQ67-3UjmkWoAc9_hxBZGh_7rVzYL0YbjEhQWtYyR7LRhBYJLu3EgN9ws
.tapad.com/	1970-01-21 01:19:55	Name: TapAd_3WAY_SYNCS Value:
.1rx.io/	1970-01-21 08:39:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003%22%7D
.agkn.com/	1970-01-21 08:39:07	Name: ab Value: 0001%3AJYufjDomSbPMKXauFdjXL41z9LQDKaAF
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-20 23:54:57	Name: test Value: test
.pro-market.net/	1970-01-21 04:12:43	Name: anProfile Value: "-1eq8xcri6hwqf+1+1f=1+1g=1+1j=1:3s+rs=s+rt=2A0023815374001A0000000000000080+s2=(skkpdi)+vm=24-685F42CA731A41588F0678F922C5ABB8"
.pro-market.net/	1970-01-21 00:36:43	Name: anHistory Value: "-1eq8xcri6hwqf+2+!#7')%'!UfR"
.adnxs.com/	1970-01-21 02:03:07	Name: XANDR_PANID Value: P5ctqpuIlqH2hLLf465wxDsKuEakoO-B7hfqjvNh_tzCjmVPQY-5FUx_8vd9XDCNpN7NZDVSc4b4u_3P6v5bgcEdRTSx4qg5zeM6RH5o7L4.
.adnxs.com/	1970-01-21 09:29:31	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:03:07	Name: uuid2 Value: 3049033785728036241
.agkn.com/	1970-01-21 08:39:07	Name: u Value: C\|0AAAAAAAALov99gAAAAAA
.targeting.unrulymedia.com/	1970-01-21 08:39:07	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-87fcc7ca-65c3-4964-b4d7-9896c1764a75-003%22%7D
.exelator.com/	1970-01-21 02:46:19	Name: EE Value: "fcce6e30f20503e61583c59f9aa5903a"
.exelator.com/	1970-01-21 02:46:19	Name: ud Value: "eJxrXxzq6XKLQSEtOTnVLNXYIM3IwNTAONXM0NTCONnUMs0yMdHU0sA4cXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6InenxUUpaQyLSopPBZ%252BUuwIAprEqUw%253D%253D"
.adnxs.com/	1970-01-21 02:03:07	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2ImMu!jA3!@wnfH8KW.dG5<#Z0rsHqASQiqyG=Upa.JAG49*8CyS@<Esgk>H!P9JE3PLIq36DP%(2K:$doS]%6lOESZNw@
.bluekai.com/	1970-01-21 04:14:09	Name: bku Value: blx99cjOIVR3aB/H
.bluekai.com/	1970-01-21 04:14:09	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwERTBDR61ABOBp1hxExhBEQTHM9tBpCsmE/0xpPOxA/T9y9ZnxrH
.bfmio.com/	1970-01-21 08:39:07	Name: __141_cid Value: 685F42CA731A41588F0678F922C5ABB8
.bfmio.com/	1970-01-21 08:39:07	Name: __io_cid Value: c76f78804328b3b4ab9ea133539401b6018c09a4
.cascadetreeworkswa.com/	1970-01-21 09:29:31	Name: _ga Value: GA1.2.2140986191.1727611253
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: rl_visitor_history Value: 8f8bcd13-e24d-46f3-87b1-e05c77df6473
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: sifi_user_id Value: undefined
.cascadetreeworkswa.com/	1970-01-20 23:53:34	Name: capture_storage Value: %7B%222d89fc89-ed0b-4346-8fec-27b0a7a1cd46%22%3A%7B%22visitor_id%22%3A%228f8bcd13-e24d-46f3-87b1-e05c77df6473%22%7D%7D
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: bot_type Value:
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: history_campaign Value:
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: history_referrer_type Value: DIRECT
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: last_activity_at Value: 1727611255266
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: visitor_id Value: 8f8bcd13-e24d-46f3-87b1-e05c77df6473
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: sifi_user_id Value:
2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com/	1970-01-21 09:29:31	Name: visit_id Value: 870cb79c-ab2e-4633-8f53-ba9477da5be4
.cascadetreeworkswa.com/	1970-01-21 02:03:07	Name: _gcl_au Value: 1.1.390392058.1727611255
.cascadetreeworkswa.com/	1970-01-20 23:54:57	Name: _uetsid Value: 7c566d007e5a11efb51f6b4e49bbb1ad
.cascadetreeworkswa.com/	1970-01-21 09:15:07	Name: _uetvid Value: 7c5651f07e5a11ef8a5839a442edc57b
.bing.com/	1970-01-21 09:15:07	Name: MUID Value: 00DA22F237A3647A3F0737FB364365B8
safe.cascadetreeworkswa.com/	1970-01-20 23:54:57	Name: cdn_apex_profile_id Value: 638864
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: apexchat_dropdown_invitation Value: _max
safe.cascadetreeworkswa.com/	1970-01-20 23:53:31	Name: livechat_v3_invitation_shown Value: true
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: livechat_is_page_refreshed Value: false
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: livechat_original_referrer Value:
safe.cascadetreeworkswa.com/	1970-01-20 23:53:34	Name: livechat_agent_alias_id Value: 7957
safe.cascadetreeworkswa.com/	1970-01-20 23:53:31	Name: livechat_operator_id Value: undefined
safe.cascadetreeworkswa.com/	1970-01-20 23:54:57	Name: livechat_profile_id Value: 638864
safe.cascadetreeworkswa.com/	1970-01-21 04:15:36	Name: livechat_invitation_traffic_sources Value: source%3Ddirect%26medium%3Dnone%26campaign%3Ddirect%26term%3D%26content%3D%26campaignId%3D%26overwritetrafficsource%3Dtrue%26date%3D20240929
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: apexchat_dompopup_chatwindow Value: _rendered
safe.cascadetreeworkswa.com/	1969-12-31 23:59:59	Name: apexchat_tab_invitation Value: _max
safe.cascadetreeworkswa.com/	1970-01-20 23:53:53	Name: livechat_visitor_id Value: 1617071006
safe.cascadetreeworkswa.com/	1970-01-20 23:53:53	Name: livechat_visitLogged Value: true

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=685F42CA731A41588F0678F922C5ABB8 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=685F42CA731A41588F0678F922C5ABB8 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2d89fc89-ed0b-4346-8fec-27b0a7a1cd46.rlets.com
aa.agkn.com
ajax.googleapis.com
bat.bing.com
bcp.crwdcntrl.net
capture-api.reachlocalservices.com
capturelogger-prod-usa.localiq.com
cdn.convertri.com
cdn.rlets.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
convertri.imgix.net
d.agkn.com
d10w4s0jex8wby.cloudfront.net
d3b4i635mede5k.cloudfront.net
eb2.3lift.com
fault.rlets.com
fei.pro-market.net
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
safe.cascadetreeworkswa.com
salemlivechat.com
script.hotjar.com
simplifi.partners.tremorhub.com
snowplow.convertri.com
stags.bluekai.com
static.hotjar.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
td.doubleclick.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vc.hotjar.io
video.cvtdn.com
vz-6c827c39-104.b-cdn.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
capturelogger-prod-usa.localiq.com
safe.cascadetreeworkswa.com
sync.intentiq.com
13.33.187.74
18.66.102.106
18.66.112.19
18.66.147.58
2.18.160.221
2001:4860:4802:32::36
216.58.206.66
2400:52e0:1e00::1054:1
2400:52e0:1e00::722:1
2600:1901:0:8eee::
2600:1f18:612b:4216:34cf:f8f2:c159:f9a3
2600:9000:211e:7e00:1b:5138:8a40:93a1
2600:9000:2490:6c00:12:879f:ba00:21
2600:9000:2644:c00:1e:68cf:ab80:21
2600:9000:2724:c600:6:9a19:88c0:93a1
2606:4700:20::ac43:49d1
2620:1ec:33:1::10
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:81c::200a
2a00:1450:4001:81d::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:200::720
3.225.74.32
3.75.62.37
34.111.113.62
34.168.224.78
34.254.143.3
34.91.62.186
34.98.64.218
35.156.239.139
35.204.89.238
35.240.1.10
35.241.14.198
35.244.174.68
37.252.171.21
46.228.174.117
52.207.125.55
52.208.23.237
52.211.255.159
52.58.104.46
69.173.144.138
76.223.111.18
05b8163ec2e89e87a043f7bcdbe4c9b4cc007fcac0a5011daa4a24d3a31ce62b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c1a6f5e1689e396106b77ae0dc1226e74929893b3702409d477f03e0dc2e58a
11ad819b00d35caff9ac8cd106f6857839e8051885cebd3e6314916f2143837e
156859d2300623da8b09cdbe3d8bc118c21ac6c150bc8e95e973f90e8cfa89a9
1ceb245a8f768b65c2ae250d96f5457b96e9537326da2feb2310b707736817aa
22cf051cb6374ac9edc083ae947200b04db763f7618f0539fb66274479fe38e9
244aae2490bf8039daf5ba07826e8dc6793a2af79c3230bad40714a24547d027
24b337181983cb1cff33d2bacf608a0568be59b83e505e26c8597cea5d2171c4
2f28a9a5b4fb3efdf4c1740a637720fe4fffcc89169419f1f7408be684bf68c9
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
32c0c7414c1eb9e069da5856b5c128ff3d8e3c75643e0beae971aa154b9b58f0
35ee2370b5fd7d39f447e7a142f66c3fabe02974c68c4700a81874c830e69282
3ac6eaebf7ae9ca22e3de595088bcc4cf380922ca912cac6c22d83494dd89604
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f350cf5d0700159b35356a392b66810a0051503b8221a091b68bc50732f7232
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4a9e5fa6d886f98d64d71b026e6e5fe57a3c207da288bbb63ee8a19803ec09f6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54f280aaf6181118d3f0a7c3a20540530bdce070e6b65d7e4a747017c959164e
5ebce957851eb83517851e8613f012eb45aa4ebb6142b92c30b7d9492c874e22
73aaa4e6bfc1dbed5f3f934710d1ada545f4068742235e59d0cb74f0eaf0a3c4
7834ece529ae284e3f5da3cb2d431c0876ca284a9a14065b683ed419e18119ce
79431c33f2330eccac17fdd2aa229c0ce43b9db9c7bec3031178e68a004331e2
7b4b1f3056e9cc648aaf62299f41427606bdb673f7737fe948c0a20212da2597
7e15d8482756e9d79c5b14dde8cd92256fd2afe0307703d825d4e8178d416c41
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
894aacdff8dce532c9208d42ae7f4e04130d84eea78c82db8dee29d6025412da
8a9a74f4455f392ec3e7499cfda6097b536bb4b7f1e529a079c3d953c08b54ca
93b4b393bdf79a8047bd391f9ca92db7924db520f81eb2de4b7df2ce1e534783
93f57b8958c377861c27d6b7f55d3036a4e603df0a293e80e4700034c4d83bb1
9d1c51f7fd7f5695362220668baba96a35904521e94103988677473bfb5e995a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4410d64450a36f31a4b6fd4c3b93c643b4cc686564207f920c30169eca51a81
a9ef021078603005c0b08fba881f1a7eb62ef213238021f3e8a4a00daa60b9d6
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
af2cdef0d2055b7428b459dffba00c3ba8e9bd6385d07a1001e1850a85a58c7b
af8a371d6c8af7f6780dcdcec521e5a075cc51a53fcb9fb05d1130d36504b5c4
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
b828f3842bd62cca339daf4914437b2a042957c348113c95c9c3605ea076a1f0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bdb606af80827609406c3e38feec29b3163532f5bd9253eefbee50925f87f1d3
bee03ff2d8109861f8ef2a448b8c841538e03d83cd52a1cf9129d2f4d2f676e7
c1fefb7525d8155a361ca25aacad3786a9ce44100d515522748a8961d48483c4
c2bf29c7b34fea8d98ef447f88bface1ca60fcd2db4d3e59d4e6c1c1ef2583bc
c6e346679688874e653b068c9c8613536240f84335cff7fc6f55aced45e73f30
c79c14bf58a56fb450588a775ea6e0b231f4c8f6977c6334b650795162e14e79
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cce28f32827773261788bfc663345e25c77ac314d5e659f4b67e73297f20610e
cdb0bec9466184aa1bb668b30d88dcebfd63b4b1c8c0eec808f1347b5a48e29d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d71b7faf20dd4e36aa2f476b3d95fe561c46d282dbcf4c6259c4dfd3c725b806
d7ac069b76d1869b055de0d24bbcd118e231133c46df2ec4d7cb0679f7b0c11e
d9ab69dce58f38aa6645744ec9ec579bc0a961e057fe428b98e2a834a5bd0481
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0fe9d128932f154b6fc5ac026dd5c8bfaef757557a876ba1564c5a2898ff286
e110f69560527dfe2c971e6564bd4b742693a7999363db090c7a3de218caeff2
e34dc78eca5e391454c70b323a172db53a86b187aaa7a757252ef7499315deb5
e36c03118a09dd8359f282be55f89cb39ce72569da03b92f2554a5269940d0b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8bc0f5a38e5948cfe0bf3bf5ff850d294f1924e87626ae51710be3f69cc7dcd
ec0cca45cc022b036063035a6c46262ba387be618a37e588eeaf5e8803f5785a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

safe.cascadetreeworkswa.com Open in urlscan Pro 35.240.1.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

74 %HTTPS

46 %IPv6

43 Domains

55 Subdomains

45 IPs

6 Countries

3221 kBTransfer

6089 kBSize

59 Cookies

1 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

safe.cascadetreeworkswa.com Open in urlscan Pro
35.240.1.10 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

74 %
HTTPS

46 %
IPv6

43
Domains

55
Subdomains

45
IPs

6
Countries

3221 kB
Transfer

6089 kB
Size

59
Cookies

96 HTTP transactions
5 data transactions