www.planttherapy.com Open in urlscan Pro
2606:4700:10::6816:c02 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://enews.planttherapy.com/q/BeM9321mpk50XfcaPhRbNfL2ebHtFdDCs-oZcOJam11ZWxsZXJAZmlyc3RhbS5jb23DiApUAr6qlndryLxneaLVtDPpKBCKg
Effective URL:
https://www.planttherapy.com/shipping
Submission: On December 11 via api (December 11th 2020, 10:12:54 pm UTC) from US

Summary HTTP 152 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 36 domains to perform 152 HTTP transactions. The main IP is 2606:4700:10::6816:c02, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.planttherapy.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.

This is the only time www.planttherapy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	142.0.93.11 142.0.93.11	394396 (LISTRAK-AS1) (LISTRAK-AS1)
1 30	2606:4700:10:... 2606:4700:10::6816:c02	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:baf8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:c200:16:98e8:3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	65.9.68.85 65.9.68.85	16509 (AMAZON-02) (AMAZON-02)
1	65.9.73.77 65.9.73.77	16509 (AMAZON-02) (AMAZON-02)
12	91.235.133.4 91.235.133.4	30286 (THM) (THM)
1	2a00:1450:400... 2a00:1450:4001:820::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:6c0... 2a02:26f0:6c00:294::1d72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	65.9.81.12 65.9.81.12	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
1	208.118.62.69 208.118.62.69	7296 (ALCHEMYNET) (ALCHEMYNET)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.73.87 65.9.73.87	16509 (AMAZON-02) (AMAZON-02)
1	65.9.68.67 65.9.68.67	16509 (AMAZON-02) (AMAZON-02)
14	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	167.172.136.187 167.172.136.187	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	192.229.233.223 192.229.233.223	15133 (EDGECAST) (EDGECAST)
1	65.9.73.11 65.9.73.11	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
2	52.207.51.121 52.207.51.121	14618 (AMAZON-AES) (AMAZON-AES)
1	54.160.201.253 54.160.201.253	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.73.24 65.9.73.24	16509 (AMAZON-02) (AMAZON-02)
4	142.0.93.34 142.0.93.34	394396 (LISTRAK-AS1) (LISTRAK-AS1)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
8	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
3	52.204.247.49 52.204.247.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:210... 2600:9000:2104:c800:1d:16cb:5a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.157.53.241 35.157.53.241	16509 (AMAZON-02) (AMAZON-02)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	3.88.253.15 3.88.253.15	14618 (AMAZON-AES) (AMAZON-AES)
1	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	93.184.220.43 93.184.220.43	15133 (EDGECAST) (EDGECAST)
1	34.102.245.58 34.102.245.58	15169 (GOOGLE) (GOOGLE)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
152	51

1 142.0.93.11 (Lititz, United States) 1 redirects

ASN394396 (LISTRAK-AS1, US)

enews.planttherapy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:10::6816:c02 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.planttherapy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.planttherapy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:baf8 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

cdn.swellrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:c200:16:98e8:3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.b1js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.68.85 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.searchspring.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.77 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 91.235.133.4 (Netherlands)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:294::1d72 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

staticw2.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.81.12 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.118.62.69 (United States)

ASN7296 (ALCHEMYNET, US)

www.upsellit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.87 (Seattle, United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.68.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)

container.pepperjam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 167.172.136.187 (United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: accessibeapp01.jetserver.net

acsbap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.acsbapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.223 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn-swell-assets.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.51.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-51-121.compute-1.amazonaws.com

s1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.160.201.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

onescript-recscont.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.0.93.34 (Lititz, United States)

ASN394396 (LISTRAK-AS1, US)

services.listrak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.204.247.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bt.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:c800:1d:16cb:5a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.b1js.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.53.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-241.eu-central-1.compute.amazonaws.com

p.yotpo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

planttherapy.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.88.253.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

at1.listrakbi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.132.130 (Netherlands)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (Netherlands)

ASN30286 (THM, US)

w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.184.220.43 (London, United Kingdom)

ASN15133 (EDGECAST, US)

mediacdn.espssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.245.58 (United States)

ASN15169 (GOOGLE, US)

b1img.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	planttherapy.com 2 redirects enews.planttherapy.com www.planttherapy.com cdn.planttherapy.com	584 KB
16	signifyd.com cdn-scripts.signifyd.com imgs.signifyd.com bt.signifyd.com	55 KB
14	zdassets.com static.zdassets.com ekr.zdassets.com	775 KB
8	gstatic.com fonts.gstatic.com	102 KB
8	listrakbi.com cdn.listrakbi.com s1.listrakbi.com onescript-recscont.listrakbi.com at1.listrakbi.com m1.listrakbi.com	76 KB
6	searchspring.net cdn.searchspring.net	113 KB
6	google.com apis.google.com www.google.com	90 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	9 KB
5	google-analytics.com www.google-analytics.com	21 KB
5	yotpo.com staticw2.yotpo.com cdn-swell-assets.yotpo.com p.yotpo.com	377 KB
4	zendesk.com planttherapy.zendesk.com	3 KB
4	listrak.com services.listrak.com	13 KB
4	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	23 KB
4	acsbapp.com 1 redirects acsbapp.com cdn.acsbapp.com	125 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	61 KB
3	typekit.net use.typekit.net p.typekit.net	29 KB
3	fontawesome.com use.fontawesome.com	120 KB
2	online-metrix.net h.online-metrix.net w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net	438 B
2	twitter.com platform.twitter.com	29 KB
2	facebook.com www.facebook.com	404 B
2	google.de www.google.de	214 B
2	doubleclick.net stats.g.doubleclick.net	162 B
2	bing.com bat.bing.com	9 KB
2	facebook.net connect.facebook.net	92 KB
2	b1js.com js.b1js.com tags.b1js.com	4 KB
1	b1img.com b1img.com	283 B
1	espssl.com mediacdn.espssl.com	92 KB
1	bootstrapcdn.com maxcdn.bootstrapcdn.com	7 KB
1	acsbap.com 1 redirects acsbap.com	85 B
1	pepperjam.com container.pepperjam.com	9 KB
1	upsellit.com www.upsellit.com	17 KB
1	jquery.com code.jquery.com	33 KB
1	googletagmanager.com www.googletagmanager.com	56 KB
1	swellrewards.com cdn.swellrewards.com	20 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
0	Failed function sub() { [native code] }. Failed
152	36

	Domain	Requested by
29	www.planttherapy.com	1 redirects www.planttherapy.com ajax.cloudflare.com
13	static.zdassets.com	www.googletagmanager.com static.zdassets.com
12	imgs.signifyd.com	cdn-scripts.signifyd.com imgs.signifyd.com www.planttherapy.com
8	fonts.gstatic.com	fonts.googleapis.com
6	cdn.searchspring.net	ajax.cloudflare.com cdn.searchspring.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	planttherapy.zendesk.com	static.zdassets.com
4	services.listrak.com	cdn.listrakbi.com
4	fonts.googleapis.com	staticw2.yotpo.com cdn-swell-assets.yotpo.com ajax.googleapis.com
3	at1.listrakbi.com	cdn.listrakbi.com
3	bt.signifyd.com	cdn-scripts.signifyd.com
3	www.google.com	apis.google.com
3	apis.google.com	ajax.cloudflare.com apis.google.com
3	use.fontawesome.com	www.planttherapy.com use.fontawesome.com
2	trc-events.taboola.com	cdn.taboola.com
2	cdn.acsbapp.com	acsbap.com
2	platform.twitter.com	cdn-swell-assets.yotpo.com platform.twitter.com
2	www.facebook.com
2	www.google.de
2	cdn-swell-assets.yotpo.com	cdn.swellrewards.com cdn-swell-assets.yotpo.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	acsbapp.com	1 redirects
2	bat.bing.com	www.googletagmanager.com
2	cdn.listrakbi.com	www.planttherapy.com cdn.listrakbi.com
2	connect.facebook.net	www.planttherapy.com connect.facebook.net
2	staticw2.yotpo.com	www.planttherapy.com staticw2.yotpo.com
2	use.typekit.net	www.planttherapy.com use.typekit.net
1	b1img.com
1	mediacdn.espssl.com
1	m1.listrakbi.com	cdn.listrakbi.com
1	ajax.googleapis.com	www.planttherapy.com
1	w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net
1	h.online-metrix.net	imgs.signifyd.com
1	p.yotpo.com
1	tags.b1js.com	js.b1js.com
1	maxcdn.bootstrapcdn.com	cdn-swell-assets.yotpo.com
1	vars.hotjar.com	static.hotjar.com
1	onescript-recscont.listrakbi.com	cdn.listrakbi.com
1	s1.listrakbi.com	cdn.listrakbi.com
1	trc.taboola.com	cdn.taboola.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	cdn.taboola.com	www.planttherapy.com
1	acsbap.com	1 redirects
1	container.pepperjam.com	www.planttherapy.com
1	static.hotjar.com	www.googletagmanager.com
1	www.upsellit.com	www.googletagmanager.com
1	code.jquery.com	ajax.cloudflare.com
1	www.googletagmanager.com	www.planttherapy.com
1	cdn-scripts.signifyd.com	ajax.cloudflare.com
1	js.b1js.com	ajax.cloudflare.com
1	cdn.swellrewards.com	ajax.cloudflare.com
1	p.typekit.net	use.typekit.net
1	ajax.cloudflare.com	www.planttherapy.com
1	cdn.planttherapy.com	www.planttherapy.com
1	enews.planttherapy.com	1 redirects
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	imgs.signifyd.com
152	57

This site contains links to these domains. Also see Links.

Domain
blog.planttherapy.com
about.usps.com
www.facebook.com
instagram.com
twitter.com
www.pinterest.com
www.youtube.com
plant-therapy.careerplug.com
accessibe.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.swellrewards.com DigiCert Secure Site ECC CA-1	`2020-02-25` - `2021-02-24`	a year	crt.sh
*.apis.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
js.b1js.com Amazon	`2020-05-21` - `2021-06-21`	a year	crt.sh
cdn.searchspring.net Amazon	`2020-07-19` - `2021-08-19`	a year	crt.sh
cdn-scripts.signifyd.com Amazon	`2020-09-30` - `2021-10-30`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2020-04-02` - `2021-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.yotpo.com DigiCert SHA2 Secure Server CA	`2020-04-24` - `2021-07-24`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.listrakbi.com Amazon	`2020-02-10` - `2021-03-10`	a year	crt.sh
*.upsellit.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-30` - `2022-11-01`	2 years	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2020-10-27` - `2021-04-27`	6 months	crt.sh
*.hotjar.com Amazon	`2020-01-22` - `2021-02-22`	a year	crt.sh
*.pepperjam.com Go Daddy Secure Certificate Authority - G2	`2020-01-30` - `2021-03-30`	a year	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
*.acsbapp.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-10-05` - `2021-10-05`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.listrak.com Sectigo RSA Domain Validation Secure Server CA	`2019-03-25` - `2021-03-24`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.signifyd.com Go Daddy Secure Certificate Authority - G2	`2019-01-16` - `2021-01-28`	2 years	crt.sh
tags.b1js.com Amazon	`2020-05-21` - `2021-06-21`	a year	crt.sh
planttherapy.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-05` - `2021-07-05`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2020-02-20` - `2021-02-19`	a year	crt.sh
*.e.aa.online-metrix.net Go Daddy Secure Certificate Authority - G2	`2019-09-13` - `2021-09-13`	2 years	crt.sh
s3.wac.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-10-30` - `2021-11-30`	a year	crt.sh
b1img.com GTS CA 1D2	`2020-10-20` - `2021-01-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.planttherapy.com/shipping
Frame ID: 1B494C2F80C461079A2C02158EDC46E9
Requests: 117 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: FF47AC2E04BD56AB33B65156DE1C1E88
Requests: 1 HTTP requests in this frame

Frame: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Frame ID: 0E47FF725238A288C2E7294CBBD0FCD3
Requests: 3 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.201b5a8043552a89bd7c.js
Frame ID: 307E65659810D836FAFB9C0585B0CD78
Requests: 15 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.planttherapy.com
Frame ID: D587EC9DAFD5A890C3AD94492A46D117
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/check.js;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jb=333524266a736f753544616e7d782662736f3f4e696e75782668716035416a706f6f672532303833
Frame ID: 641CA5DDBBE9B4586570441B0F580930
Requests: 11 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff
Frame ID: 073C227D3D726F779B16D4F33E8CB542
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff
Frame ID: 90FBF30F0FE5AA65F3F695F8808180AD
Requests: 1 HTTP requests in this frame

Frame: https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff
Frame ID: F89CE3E9011BA0EC7FCDB7FD98D4ED3F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=102425749&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.planttherapy.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
Frame ID: 594B76AD5DE5E59A449D23EABB3BC309
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://enews.planttherapy.com/q/BeM9321mpk50XfcaPhRbNfL2ebHtFdDCs-oZcOJam11ZWxsZXJAZmlyc3RhbS5jb23DiApUAr6... HTTP 302
https://www.planttherapy.com/shipping-and-return-policy?trk_msg=B1RVTINJPV3413T34AGRTD38EK&trk_contact=36... HTTP 301
https://www.planttherapy.com/shipping Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

152
Requests

99 %
HTTPS

47 %
IPv6

36
Domains

57
Subdomains

51
IPs

7
Countries

2948 kB
Transfer

10133 kB
Size

3
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.planttherapy.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://about.usps.com/newsroom/service-alerts/international/
Title: USPS Service Alerts page

Search URL Search Domain Scan URL

URL: https://www.facebook.com/planttherapy
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/planttherapy
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/PlantTherapy
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/planttherapy/
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/PlantTherapy/videos
Title:

Search URL Search Domain Scan URL

URL: https://plant-therapy.careerplug.com/account
Title: Careers

Search URL Search Domain Scan URL

URL: https://blog.planttherapy.com/blog/press/
Title: Press

Search URL Search Domain Scan URL

URL: https://accessibe.com/?utm_medium=link&utm_source=widget
Title: Web Accessibility Solution By accessiBe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://enews.planttherapy.com/q/BeM9321mpk50XfcaPhRbNfL2ebHtFdDCs-oZcOJam11ZWxsZXJAZmlyc3RhbS5jb23DiApUAr6qlndryLxneaLVtDPpKBCKg HTTP 302
https://www.planttherapy.com/shipping-and-return-policy?trk_msg=B1RVTINJPV3413T34AGRTD38EK&trk_contact=365N0MP9B9SSR6MDHOHH1UDJU0&trk_module=bna&trk_sid=VRSHAF9IPS6UMON0URUFIAL5D4&utm_source=Listrak&utm_medium=Email&utm_term=FREE+SHIPPING+%26amp%3b+RETURNS&utm_campaign=Browse+Abandonment&utm_content=Page+Browse+1 HTTP 301
https://www.planttherapy.com/shipping Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://acsbap.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/assets/js/acsb.js HTTP 301
https://acsbapp.com/apps/app/dist/js/app.js

152 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request shipping Show response
www.planttherapy.com/
Redirect Chain

http://enews.planttherapy.com/q/BeM9321mpk50XfcaPhRbNfL2ebHtFdDCs-oZcOJam11ZWxsZXJAZmlyc3RhbS5jb23DiApUAr6qlndryLxneaLVtDPpKBCKg
https://www.planttherapy.com/shipping-and-return-policy?trk_msg=B1RVTINJPV3413T34AGRTD38EK&trk_contact=365N0MP9B9SSR6MDHOHH1UDJU0&trk_module=bna&trk_sid=VRSHAF9IPS6UMON0URUFIAL5D4&utm_source=Listra...
https://www.planttherapy.com/shipping

70 KB
16 KB

829ms
828ms

Document
text/html

2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PleskLin

Resource Hash

96de2a09b230e71dd4601591dbe208bf75fba3bad4af28c95d05dc08ef03a8cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.planttherapy.com
:scheme: https
:path: /shipping
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=de441d03215cc483fbfeb7b27997524d71607724754
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-security-policy: frame-ancestors 'self'
x-frame-options: SAMEORIGIN
set-cookie: miva-PT-signifyd=0c2d1aed899e91a9da3bdad0e7c38766:faa249b78291cfd058f438301c11a0af0898929224af9e722b020648e1f7c3ba; path=/; secure; HttpOnly mm5-PT-basket-id=0b0362990a0c6df2ac4987f11c94a7a7; expires=Sat, 11-Dec-2021 22:12:35 GMT; path=/; secure; HttpOnly
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
cf-request-id: 06f575fe950000dfbbed8d6000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60028c442fb0dfbb-FRA
content-encoding: gzip

Redirect headers

date: Fri, 11 Dec 2020 22:12:34 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=de441d03215cc483fbfeb7b27997524d71607724754; expires=Sun, 10-Jan-21 22:12:34 GMT; path=/; domain=.planttherapy.com; HttpOnly; SameSite=Lax; Secure
location: https://www.planttherapy.com/shipping
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-powered-by: PleskLin
cf-cache-status: DYNAMIC
cf-request-id: 06f575fc610000dfbb17375000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 60028c409825dfbb-FRA

GET
H2 200 css.php
www.planttherapy.com/css/ 301 KB
48 KB 625ms
624ms Stylesheet
text/css 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/css/css.php?v=1590527169
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 238fc2d94c55d43d8d351197934d4d9a650f48e27dca1d48aa0b17b76eb72c01

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
etag: 5d771f9b733ad22984f95cb055f63f34
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PleskLin
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: text/css; charset=UTF-8
cache-control: max-age=604800, public, must-revalidate
cf-ray: 60028c4959c4dfbb-FRA
cf-request-id: 06f57601da0000dfbbe8b05000000001
expires: Fri, 18 Dec 2020 22:12:35 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 85ms
23ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
content-encoding: gzip
last-modified: Thu, 10 May 2018 15:10:14 GMT
server: NetDNA-cache/2.2
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 eyz3lec.css
use.typekit.net/ 2 KB
853 B 154ms
124ms Stylesheet
text/css 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/eyz3lec.css

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

c437f8960f19f5cc8e6996a7df7913c4d0935bc1cb58c4c459389a28b82b5bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.planttherapy.com/mm5/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 11 Dec 2020 22:12:35 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 653

GET
H2 200 PlantTherapy-NewBodyLotions-NavAd.jpg
www.planttherapy.com/mm5/graphics/00000001/ 33 KB
33 KB 26ms
24ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-NewBodyLotions-NavAd.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 620ce72ef6107b8cb5a7dbc8be4e0af940b88cade3279bf1e0ad2978d6fef8e6

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 189435
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 33801
cf-request-id: 06f57601dc0000dfbbe02dc000000001
last-modified: Mon, 09 Nov 2020 16:54:12 GMT
server: cloudflare
etag: "8425-5b3af696c86d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Fri, 08 Jan 2021 17:35:20 GMT
cache-control: max-age=2592000
cf-polished: origSize=33829
accept-ranges: bytes
cf-ray: 60028c4969cddfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 plant-therapy-logo.svg
cdn.planttherapy.com/images/web/global/ 30 KB
10 KB 35ms
23ms Image
image/svg+xml 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.planttherapy.com/images/web/global/plant-therapy-logo.svg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f591ede8d22d9d295769a027bacb25723adf2d112ef2e00047904e58a6b8ae1b

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1245
x-cache: Hit from cloudfront
content-type: image/svg+xml
cf-request-id: 06f57601e90000dfbbce8e3000000001
last-modified: Fri, 21 Aug 2020 15:37:09 GMT
server: cloudflare
etag: W/"083f0c996aba10c4e42d42872738b9a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: p.Vw1IQcqYu4RpTUmpoyQCaDuIB4GmtS
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
cf-ray: 60028c4979fbdfbb-FRA
x-amz-cf-id: d_78etrw58KIf-xVqb6hp4o6p1mF7AJydH5BFn_APANoODm8d784xg==

GET
H2 200 PlantTherapy-ComingSoon-NavAd.jpg
www.planttherapy.com/mm5/graphics/00000001/ 32 KB
33 KB 27ms
25ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-ComingSoon-NavAd.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 571520270d476652f33702e6a3a23092431355fddf3c834f65793e66d6af3cbd

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 364075
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 33177
cf-request-id: 06f57601dd0000dfbb1dbfe000000001
last-modified: Mon, 07 Dec 2020 17:03:40 GMT
server: cloudflare
etag: "875b-5b5e2cec9014d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 06 Jan 2021 17:04:39 GMT
cache-control: max-age=2592000
cf-polished: origSize=34651
accept-ranges: bytes
cf-ray: 60028c4969cfdfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 PlantTherapy-HolidayBlends-NavAd-2.jpg
www.planttherapy.com/mm5/graphics/00000001/ 41 KB
42 KB 26ms
25ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-HolidayBlends-NavAd-2.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 517a34276dc6b18e7c47eeb6fe74de3f5182b77f1cbc06292ebede93698a532a

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 485028
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 42249
cf-request-id: 06f57601dd0000dfbbfa17d000000001
last-modified: Mon, 02 Nov 2020 17:08:52 GMT
server: cloudflare
etag: "a54d-5b322ccf8e0b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Tue, 05 Jan 2021 07:28:47 GMT
cache-control: max-age=2592000
cf-polished: origSize=42317
accept-ranges: bytes
cf-ray: 60028c4969d0dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 PlantTherapy-Navigation-WhatsNew-NavAd-OOTM.jpg
www.planttherapy.com/mm5/graphics/00000001/ 36 KB
36 KB 32ms
30ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-Navigation-WhatsNew-NavAd-OOTM.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0eba18a748dec05c423f76a5ac0f578cc182aa2ba90440163537d417648c3a8d

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 748531
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 36527
cf-request-id: 06f57601de0000dfbbe3a93000000001
last-modified: Mon, 02 Nov 2020 16:56:09 GMT
server: cloudflare
etag: "8eaf-5b3229f75201d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 02 Jan 2021 06:17:04 GMT
cache-control: max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 60028c4969d2dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 planttherapy_Multi_Crystal_Carfresh-NavAd.jpg
www.planttherapy.com/mm5/graphics/00000001/ 27 KB
27 KB 19ms
18ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/planttherapy_Multi_Crystal_Carfresh-NavAd.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: e6c5fa7c3fdff8f0c6b346ce52f0345697a40ffa7a026a1729ef2717ef91aaf2

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 655067
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 27617
cf-request-id: 06f57601de0000dfbb173da000000001
last-modified: Mon, 02 Nov 2020 17:13:04 GMT
server: cloudflare
etag: "6c02-5b322dbfb237d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sun, 03 Jan 2021 08:14:48 GMT
cache-control: max-age=2592000
cf-polished: origSize=27650
accept-ranges: bytes
cf-ray: 60028c4969d4dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 BodySaltScrubs-NavAd.jpg
www.planttherapy.com/mm5/graphics/00000001/ 58 KB
58 KB 20ms
18ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/BodySaltScrubs-NavAd.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 0706da2aba61254011b66a5c12060c0505cb0c5815fb297ee0004b547ffdbc95

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 393947
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 59139
cf-request-id: 06f57601de0000dfbbcf8e1000000001
last-modified: Mon, 19 Oct 2020 15:46:40 GMT
server: cloudflare
etag: "e703-5b208052fec8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 06 Jan 2021 08:46:48 GMT
cache-control: max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 60028c4969d6dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 PlantTherapy-Lotus_Diffuser_Back_in_Stock-NavImage.jpg
www.planttherapy.com/mm5/graphics/00000001/ 33 KB
34 KB 26ms
24ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-Lotus_Diffuser_Back_in_Stock-NavImage.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 2cc2fd399006222050fc822b1d72e30d87fbf89a86fdea140261950d99b865b2

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 748531
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 34263
cf-request-id: 06f57601df0000dfbb36b71000000001
last-modified: Tue, 03 Nov 2020 15:43:27 GMT
server: cloudflare
etag: "85fb-5b335b9526032"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 02 Jan 2021 06:17:04 GMT
cache-control: max-age=2592000
cf-polished: origSize=34299
accept-ranges: bytes
cf-ray: 60028c4969d7dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 PlantTherapy-KidSafeRebrand-NavImage.jpg
www.planttherapy.com/mm5/graphics/00000001/ 29 KB
29 KB 33ms
32ms Image
image/jpeg 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/PlantTherapy-KidSafeRebrand-NavImage.jpg
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: a3e79257988d1a9a46d7dfce1d046b22a910ce7e656cf40c84154a93f8b48ee8

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 713456
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 29373
cf-request-id: 06f57601df0000dfbbcabdf000000001
last-modified: Tue, 03 Nov 2020 15:46:59 GMT
server: cloudflare
etag: "72d0-5b335c5f7f53c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Sat, 02 Jan 2021 16:01:39 GMT
cache-control: max-age=2592000
cf-polished: origSize=29392
accept-ranges: bytes
cf-ray: 60028c4969d8dfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 email-decode.min.js Show response
www.planttherapy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
862 B 17ms
15ms Script
application/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.planttherapy.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Dec 2020 17:14:28 GMT
server: cloudflare
etag: W/"5fd25774-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 60028c4969cbdfbb-FRA
vary: Accept-Encoding
cf-request-id: 06f57601dc0000dfbb0e116000000001
expires: Sun, 13 Dec 2020 22:12:35 GMT

GET
H2 200 plant_therapy_footer_logo_2.png
www.planttherapy.com/mm5/graphics/00000001/ 2 KB
2 KB 31ms
31ms Image
image/png 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/mm5/graphics/00000001/plant_therapy_footer_logo_2.png
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 30105f7f4ac4c29a1d4261ac12a3b4ef9453b9ea865d5d35612ed923820cba02

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
cf-cache-status: HIT
age: 580148
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 2377
cf-request-id: 06f57601df0000dfbb3a17d000000001
last-modified: Mon, 17 Aug 2020 17:03:39 GMT
server: cloudflare
etag: "949-5ad15c084230c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Mon, 04 Jan 2021 05:03:27 GMT
cache-control: max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 60028c4969dadfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 27ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06f57601ed00002c4a2d295000000001
last-modified: Thu, 10 Dec 2020 17:14:28 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fd25774-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QClxI9kY1yyi4NGmu0%2FhXpkGoEZaMcqN4hBuVU%2BelUkh%2BQ0yv76%2BXBsLPN02b73blh15lPNHghlHLwecqppsoJh%2FVSOXGktNzWQh%2Bk0QuhkRuOB%2Bj8Po8nn1hcWjxpxD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 60028c497fe42c4a-FRA
expires: Sun, 13 Dec 2020 22:12:35 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 22ms
7ms Stylesheet
text/css 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=eyz3lec&ht=tk&f=28081.41218&a=14535312&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/eyz3lec.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/eyz3lec.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:35 GMT
last-modified: Tue, 01 Sep 2020 23:51:26 GMT
server: nginx
etag: "5f4ede7e-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 sJocVz2f4S7dWE0d-1JSwg.js Show response
cdn.swellrewards.com/loader/ 221 KB
20 KB 826ms
776ms Script
text/javascript 2a02:26f0:6c00::210:baf8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.swellrewards.com/loader/sJocVz2f4S7dWE0d-1JSwg.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:baf8 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

f6c9b8109e6eae1fe6efc6a2644ce4677643499796463a9955ec568d7eb2f9c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-runtime: 0.073429
date: Fri, 11 Dec 2020 22:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"159f15033a0fe79dc66c9801b7d4281d"
x-frame-options: ALLOWALL
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=0
vary: Accept-Encoding
content-length: 19618
x-xss-protection: 1; mode=block
x-request-id: 23c41d39-fa77-4809-8d7e-bba524193d73

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 33ms
30ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?onload=renderBadge

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a0754eea5deec63375e001df80b62e0aed057d6f834978c4dfac3d6ddc44081

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BEBbO7mio81PZuLxdfL6lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "2ab8fea6520f9c49a28cad4c2da2ff8c"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-BEBbO7mio81PZuLxdfL6lA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 11 Dec 2020 22:12:36 GMT

GET
H2 200 tagcontainer.js Show response
js.b1js.com/ 8 KB
4 KB 56ms
9ms Script
application/javascript 2600:9000:206f:c200:16:98e8:3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.b1js.com/tagcontainer.js?id=3542a64e7e46413e9d224754ba621396&type=1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:c200:16:98e8:3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b348fe0866f6f89ee46d3ebfff284d6bee260a15e9c1d98f61296a66b9acdec

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 16:03:02 GMT
content-encoding: gzip
last-modified: Fri, 09 Nov 2018 16:02:41 GMT
server: AmazonS3
age: 22175
etag: W/"54f1cb6260819a5a5266727bff529786"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 1ws2q2m8IRT0nOnME0PqFbyY_SOsujNGExcAAut4_MwHPU8vIODqig==

GET
H2 200 scripts.js Show response
www.planttherapy.com/js/ 107 KB
22 KB 28ms
26ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/js/scripts.js?v=1603218616
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 42f0dbd0961ceeace87f99f67ccb07e2cd37d09f1ceecd08d2f51ea33d23505c

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 174328
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f576050e0000dfbbca81a000000001
last-modified: Tue, 20 Oct 2020 18:30:16 GMT
server: cloudflare
etag: W/"21ff6-5b21e6c26659f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 10 Dec 2020 01:47:07 GMT
cache-control: public, max-age=604800, must-revalidate
cf-polished: origSize=139254
cf-ray: 60028c4e7c3fdfbb-FRA
cf-bgj: minify

GET
H2 200 plugins.min.js Show response
www.planttherapy.com/js/ 47 KB
17 KB 21ms
18ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/js/plugins.min.js?v=12345
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: c944171397bd540da3b19db337e8bdcfd43fcbb7a4ce77ab1b0d3ebcc5360d3c

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 547359
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f576050f0000dfbbdd95d000000001
last-modified: Tue, 12 Feb 2019 17:56:18 GMT
server: cloudflare
etag: W/"bd05-581b624623480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate
cf-ray: 60028c4e7c40dfbb-FRA
expires: Sat, 05 Dec 2020 18:09:56 GMT

GET
H2 200 searchspring.catalog.js Show response
cdn.searchspring.net/search/v3/lts/ 245 KB
82 KB 235ms
80ms Script
application/javascript 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 16ba7ba4b24376f1a72fe96679c37dd6ff22cd15767c7ca1b599b2ee719fe4ce

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:03:19 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 20:24:33 GMT
server: AmazonS3
age: 569
etag: "e0e8448aa2e03b55b61a61549eac719b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: rOJAETPUulmGktTtmo8KGnkXg9-zq9Ot7hMrTuBZ4PjHetpr9ZBzTQ==

GET
H2 200 platform.js Show response
apis.google.com/js/ 49 KB
19 KB 29ms
27ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js?publisherid=106381009136394683076

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f543cd5aeb0ac8f31c5157d6039161093fb8d0a6b586c1204c9ca920544cdc7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-58qFOIvWumXyCaEYoHW4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "d89a44cddc9c302ee4be92e102add5e3"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-58qFOIvWumXyCaEYoHW4PQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 11 Dec 2020 22:12:36 GMT

GET
H2 200 clientside.mvc Show response
www.planttherapy.com/mm5/ 22 KB
4 KB 498ms
496ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/mm5/clientside.mvc?T=0c2045d1&Module_Code=mvga&Filename=mvga.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6056dc10cfd419dae02abeb3ff434d74021e0339b4dba6090ba50216076985e6

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Fri, 19 Apr 2019 22:47:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: text/javascript
content-disposition: inline; filename=mvga.js
cache-control: max-age=2592000
x-mm-cache: HIT
cf-ray: 60028c4e7c42dfbb-FRA
cf-request-id: 06f576050f0000dfbb4e32d000000001
expires: Tue, 05 Jan 2021 10:19:59 GMT

GET
H2 200 vendor.min.js Show response
www.planttherapy.com/js/ 82 KB
32 KB 21ms
19ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/js/vendor.min.js?v=12345
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ee9449af080a182c2e2d640e103920ef535dc35c2e9c300bbd57d2f8d5e6dafc

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 370291
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f576050f0000dfbb23b68000000001
last-modified: Fri, 11 May 2018 19:32:40 GMT
server: cloudflare
etag: W/"1497d-56bf332f9a600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate
cf-ray: 60028c4e7c43dfbb-FRA
expires: Mon, 07 Dec 2020 19:21:04 GMT

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 7 KB
7 KB 205ms
80ms Script
application/javascript 65.9.73.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.77 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e17857cb74ff8bb8c18929844a2d0ff42bd36dee42113f85a8831ad42ef6eb79

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:29 GMT
via: 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront)
age: 7
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-cf-pop: AMS1-C1
content-length: 7199
x-amz-cf-id: wf5j2jeYfT_i_c19_vyOhjKXgqrw_8FHVD4xOodzAgtCPZfdUtr00g==

GET
H2 200 clientside.mvc Show response
www.planttherapy.com/mm5/ 39 KB
7 KB 496ms
495ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/mm5/clientside.mvc?T=0c2045d1&Filename=ajax.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c131ce763682c42683e41989cf76c23d4f286a7a594a1d24758a121cc9afcc5

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-mm-cache: HIT
content-disposition: inline; filename=ajax.js
cf-request-id: 06f576050f0000dfbb32b4e000000001
last-modified: Mon, 12 Aug 2019 14:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: https://www.planttherapy.com
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 60028c4e7c45dfbb-FRA
expires: Mon, 28 Dec 2020 16:32:50 GMT

GET
H2 200 clientside.mvc Show response
www.planttherapy.com/mm5/ 7 KB
1 KB 479ms
479ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/mm5/clientside.mvc?T=0c2045d1&Filename=runtime.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 144375ccd8f305298b6186c536da15ae5ae6605681dbfd30440c516f39ded5f0

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-mm-cache: HIT
content-disposition: inline; filename=runtime.js
cf-request-id: 06f57607000000dfbb17046000000001
last-modified: Mon, 12 Aug 2019 14:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: https://www.planttherapy.com
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 60028c519adcdfbb-FRA
expires: Mon, 28 Dec 2020 16:32:45 GMT

GET
H2 200 clientside.mvc Show response
www.planttherapy.com/mm5/ 66 KB
13 KB 493ms
493ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/mm5/clientside.mvc?T=0c2045d1&Filename=runtime_ui.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd4fccf91983ebb9cef26cb4719dc82a7088fdd5c9ed470e0eda2cb2dc4fd0de

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:37 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-mm-cache: HIT
content-disposition: inline; filename=runtime_ui.js
cf-request-id: 06f57608e10000dfbb59319000000001
last-modified: Mon, 12 Aug 2019 14:24:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: https://www.planttherapy.com
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 60028c5499fddfbb-FRA
expires: Tue, 05 Jan 2021 10:31:03 GMT

GET
H2 200 clientside.mvc Show response
www.planttherapy.com/mm5/ 14 KB
4 KB 508ms
507ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/mm5/clientside.mvc?T=0c2045d1&Module_Code=cmp-cssui-searchfield&Filename=runtime.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3a86447576ceb41c8372fee42c4a8bec5a0eb30f244924c87a494632708821f

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
x-mm-cache: HIT
content-disposition: inline; filename=runtime.js
cf-request-id: 06f5760ad70000dfbb428b1000000001
last-modified: Fri, 19 Apr 2019 22:47:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: text/javascript
access-control-allow-origin: https://www.planttherapy.com
cache-control: max-age=2592000
access-control-allow-credentials: true
cf-ray: 60028c57b83fdfbb-FRA
expires: Tue, 05 Jan 2021 10:41:17 GMT

GET
H/1.1 200
OK tags.js Show response
imgs.signifyd.com/fp/ 44 KB
10 KB 117ms
33ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&pageid=2

Requested by

Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0f190d130feed43ee2dc5a9a22d331a52f9dd2a42a8d2ddd31a7416b0393ab0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 185 KB
56 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f196f51f926eab1f1edc69fd69fd98a7cc8a90d501326332ff83b8faf18e3b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56932
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 11 Dec 2020 22:12:38 GMT

GET
H2 200 preheader-holiday-2020.png
www.planttherapy.com/images/ 845 B
1 KB 18ms
17ms Image
image/png 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/images/preheader-holiday-2020.png
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 20b4d216b7c1023f38a112e249e6c3c9a58b772752f41b6edd3845b1c5fde1a0

Request headers

Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
cf-cache-status: HIT
age: 2499346
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 845
cf-request-id: 06f5760ce10000dfbbcb264000000001
last-modified: Thu, 12 Nov 2020 23:02:21 GMT
server: cloudflare
etag: "34d-5b3f0e7876cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 12 Dec 2020 23:56:52 GMT
cache-control: max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 60028c5b0f6bdfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 preheader-holiday-2020-2.png
www.planttherapy.com/images/ 845 B
1 KB 16ms
16ms Image
image/png 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.planttherapy.com/images/preheader-holiday-2020-2.png
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 20b4d216b7c1023f38a112e249e6c3c9a58b772752f41b6edd3845b1c5fde1a0

Request headers

Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
cf-cache-status: HIT
age: 2499346
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-length: 845
cf-request-id: 06f5760ce10000dfbbce9c6000000001
last-modified: Thu, 12 Nov 2020 23:21:19 GMT
server: cloudflare
etag: "34d-5b3f12b61f112"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 12 Dec 2020 23:56:52 GMT
cache-control: max-age=2592000
cf-polished: status=not_needed
accept-ranges: bytes
cf-ray: 60028c5b0f6cdfbb-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 plant_therapy.ttf
www.planttherapy.com/fonts/ 15 KB
8 KB 17ms
17ms Font
application/octet-stream 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/fonts/plant_therapy.ttf?byq78y
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 8621200746813cb03e433f07ddb07b35b9347842fe7fb480c5eaff124c9c297b

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8572
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760ce90000dfbb4e3dc000000001
last-modified: Tue, 16 Oct 2018 20:08:24 GMT
server: cloudflare
etag: W/"3bac-5785e1db1be00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 60028c5b0f8bdfbb-FRA
expires: Fri, 11 Dec 2020 23:49:46 GMT

GET
H2 200 montserrat-v12-latin-700.woff2
www.planttherapy.com/fonts/ 19 KB
19 KB 26ms
26ms Font
application/octet-stream 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/fonts/montserrat-v12-latin-700.woff2
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8571
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760cea0000dfbb428d8000000001
last-modified: Tue, 16 Oct 2018 20:08:27 GMT
server: cloudflare
etag: W/"4a0c-5785e1ddf84c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 60028c5b0f91dfbb-FRA
expires: Fri, 11 Dec 2020 23:49:46 GMT

GET
H2 200 montserrat-v12-latin-regular.woff2
www.planttherapy.com/fonts/ 18 KB
18 KB 16ms
16ms Font
application/octet-stream 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/fonts/montserrat-v12-latin-regular.woff2
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8571
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760ceb0000dfbbda969000000001
last-modified: Tue, 16 Oct 2018 20:08:20 GMT
server: cloudflare
etag: W/"48fc-5785e1d74b500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 60028c5b1f95dfbb-FRA
expires: Fri, 11 Dec 2020 23:49:46 GMT

GET
H2 200 montserrat-v12-latin-500.woff2
www.planttherapy.com/fonts/ 18 KB
18 KB 16ms
16ms Font
application/octet-stream 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/fonts/montserrat-v12-latin-500.woff2
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8571
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760cec0000dfbb1a0ec000000001
last-modified: Tue, 16 Oct 2018 20:08:26 GMT
server: cloudflare
etag: W/"4928-5785e1dd04280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 60028c5b1f9bdfbb-FRA
expires: Fri, 11 Dec 2020 23:49:46 GMT

GET
H2 200 l
use.typekit.net/af/d59b60/00000000000000003b9ada31/27/ 28 KB
28 KB 105ms
76ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d59b60/00000000000000003b9ada31/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/eyz3lec.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: b7dc08c2098e6ea593fa6caa85c6dfb37ab7dd706cb869d0beb015f05d859ddf

Request headers

Origin: https://www.planttherapy.com
Referer: https://use.typekit.net/eyz3lec.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
server: nginx
etag: "32f37a1c277bec216eb31e82ba41ce3e0077840c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 28268

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 49 KB
50 KB 33ms
28ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Origin: https://www.planttherapy.com
Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
last-modified: Thu, 10 May 2018 15:10:31 GMT
server: NetDNA-cache/2.2
etag: "8a8c0474283e0d9ef41743e5e486bf05"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 50372

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 60 KB
60 KB 62ms
57ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Origin: https://www.planttherapy.com
Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
last-modified: Thu, 10 May 2018 15:10:25 GMT
server: NetDNA-cache/2.2
etag: "3654744dc6d6c37c9b3582b57622df5e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 61336

GET
H2 200 oswald-v16-latin-700.woff2
www.planttherapy.com/fonts/ 15 KB
15 KB 16ms
13ms Font
application/octet-stream 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/fonts/oswald-v16-latin-700.woff2
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/css/css.php?v=1590527169
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: 9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/css/css.php?v=1590527169
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 8571
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760cf30000dfbbfa271000000001
last-modified: Tue, 16 Oct 2018 20:08:21 GMT
server: cloudflare
etag: W/"3cb8-5785e1d83f740"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 60028c5b1fb1dfbb-FRA
expires: Fri, 11 Dec 2020 23:49:46 GMT

GET
H2 200 widget.js Show response
staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/ 442 KB
121 KB 26ms
7ms Script
text/javascript 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/widget.js

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

d64cb98efa249227d8e32ef4290ee57fe479bb3a9f4b53ae0f402b0286af1d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 122859
x-xss-protection: 1; mode=block
x-request-id: a943c97a-3219-41e0-9d2e-21b2cc58b8be
x-runtime: 0.021416
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"9503f183f48718e28743b60c5ca82325"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5504
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 jquery-1.12.4.min.js Show response
code.jquery.com/ 95 KB
33 KB 24ms
8ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.12.4.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
x-hw: 1607724758.dop210.fr8.t,1607724758.cds243.fr8.hn,1607724758.cds010.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33738

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: rRI8NXUPBP4DbORXGF8QnWxitsAT7AZl1RTvPKAn/PTwkyFd+VVbgry7HnGoTM+xj21J0FhNxEFwNsMzML2Wxw==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Dec 2020 22:12:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 312 KB
68 KB 112ms
40ms Script
text/javascript 65.9.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.81.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 272b0425333076fbbececec519160e640edab34c949e3e39a3e21d25e4df2e10

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 22:12:30 GMT
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
Age: 8
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 68520
Last-Modified: Mon, 09 Nov 2020 16:27:49 GMT
Server: Microsoft-IIS/8.5
X-ltk: 12/9/2020 4:51:57 AM
ETag: "9BMUIiFX9vG5tQNMNCVzmQ=="
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: AMS1-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 1svRe8x4y9oHnDuYDt6YaWZcI8Xjp4QmpbnIQEzoALnjqpaJd1HzCQ==
Expires: Fri, 11 Dec 2020 23:12:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 1322
date: Fri, 11 Dec 2020 21:50:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 11 Dec 2020 23:50:36 GMT

GET
H2 200 planttherapy.jsp Show response
www.upsellit.com/active/ 52 KB
17 KB 515ms
169ms Script
application/x-javascript 208.118.62.69
ALCHEMYNET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.upsellit.com/active/planttherapy.jsp
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.118.62.69 , United States, ASN7296 (ALCHEMYNET, US),
Reverse DNS
Software: nginx /
Resource Hash: 68e37f87a84099550ac6fbe88fb6cb5af18a66fe38e2a4a4d2d6b196e034ca99

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
expires: Sat, 12 Dec 2020 22:12:38 GMT
server: nginx
cache-control: max-age=86400
content-type: application/x-javascript;charset=ISO-8859-1

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
8 KB 34ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:37 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: B9DA61D1C767450C86E3CA34D6F19B83 Ref B: FRAEDGE1518 Ref C: 2020-12-11T22:12:38Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 hotjar-990352.js Show response
static.hotjar.com/c/ 4 KB
2 KB 106ms
41ms Script
application/javascript 65.9.73.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-990352.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.87 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

9ee8a03a0d33d31814c0c0a926acb936056686d6104fc0ce7e5d52db46a011d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:30 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 8
etag: W/9aba9ed0f5f40d501f19827a73d87a17
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: AMS1-C1
content-length: 1749
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
x-amz-cf-id: 1QeKoxotfIiugczz_PkAGQq-RAUdpMsSczaofoWLUYZRvkuqHPaDlA==

GET
H2 200 2899548638.js Show response
container.pepperjam.com/ 8 KB
9 KB 63ms
63ms Script
application/x-javascript 65.9.68.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://container.pepperjam.com/2899548638.js
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: LM88SGt0Y03_hexBSAH06HAVX.DO.f83
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
last-modified: Mon, 17 Aug 2020 18:09:54 GMT
server: AmazonS3
age: 844
etag: "cda0a8b1fb96cd23c5b8431794f284c4"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=900
date: Fri, 11 Dec 2020 21:58:35 GMT
x-amz-replication-status: COMPLETED
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8688
x-amz-cf-id: t9Asss30QbPguuQ9-2T-9TCOr7kjWsEmCcLfymsEbcVwZjg24b29_Q==

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 78ms
30ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7WZ5PT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: br
cf-cache-status: HIT
age: 21
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: 236D466861EBD015
x-amz-id-2: YdMppmiiAZGDoyTTfJePxDeeEYxO+2y97Qi+QQUT+Wh5c16aPYlnm6n6er2ThXFnZJnV2ebIrdU=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 06f5760e340000a87371861000000001
cf-ray: 60028c5d2f5ea873-CDG

GET
H2

200

app.js Show response
acsbapp.com/apps/app/dist/js/
Redirect Chain

https://acsbap.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/assets/js/acsb.js
https://acsbapp.com/apps/app/dist/js/app.js

462 KB
104 KB

101ms
101ms

Script
application/x-javascript

167.172.136.187
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.136.187 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: accessibeapp01.jetserver.net
Software: /
Resource Hash: 35ae6c4e716d5236408527a2d3e31346fb6dbc63899e390d033db937c34c4d30

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 20:53:38 GMT
etag: "7386c-5fd28ad2-19541f7cf5059876;br"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 105822
expires: Sat, 12 Dec 2020 22:12:39 GMT

Redirect headers

location: https://acsbapp.com/apps/app/dist/js/app.js
date: Fri, 11 Dec 2020 22:12:39 GMT
content-length: 706
content-type: text/html

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1336317/ 62 KB
21 KB 87ms
28ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1336317/tfa.js
Requested by: Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c854db82e26b7016d128caebcc4613f068c88146bffd8970945bfb2ecc4ec27c

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 963LkFAadMz_56.252Uk_vz7fXOFGUS2
content-encoding: gzip
etag: "30645861fe9735916339cc4c82a99132"
age: 36
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 21417
x-amz-id-2: yiG4LR4nwW4oKlIyGxFv2tsmAzVN3KdGSwIuQRILPM+qW4NFsHaGMTG7kMAXqwJ9y1oWObxlZrU=
x-served-by: cache-hhn4073-HHN
last-modified: Mon, 23 Nov 2020 22:25:37 GMT
server: AmazonS3
x-timer: S1607724759.598465,VS0,VE1
date: Fri, 11 Dec 2020 22:12:38 GMT
vary: Accept-Encoding
x-amz-request-id: DE637AD421AF22E2
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 31
x-cache-hits: 1

GET
H2 200 widget.css
staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/ 481 KB
49 KB 7ms
7ms Stylesheet
text/css 2a02:26f0:6c00:294::1d72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/widget.css?widget_version=2020-11-02_12-08-40

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:294::1d72 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

a068e44e982adc07bc347d2570cd67453d4adc5d8989356311b63cc42a85ade9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
env: PRODUCTION
p3p: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT", CP="CAO PSA OUR"
status: 200 OK
server-timing: cdn-cache; desc=HIT, edge; dur=1
vary: Accept-Encoding
content-length: 49588
x-xss-protection: 1; mode=block
x-request-id: 4d37206f-4eab-4689-b8b0-bfb98642745e
x-runtime: 0.138986
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"0d59b925452c730dd1754394aea06eab"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=5458
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H2 200 vendor.min.js Show response
www.planttherapy.com/js/ 82 KB
32 KB 15ms
14ms Script
text/javascript 2606:4700:10::6816:c02
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.planttherapy.com/js/vendor.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:c02 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PleskLin
Resource Hash: ee9449af080a182c2e2d640e103920ef535dc35c2e9c300bbd57d2f8d5e6dafc

Request headers

Origin: https://www.planttherapy.com
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 545015
x-powered-by: PleskLin
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cf-request-id: 06f5760e1a0000dfbbf631c000000001
last-modified: Fri, 11 May 2018 19:32:40 GMT
server: cloudflare
etag: W/"1497d-56bf332f9a600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, must-revalidate
cf-ray: 60028c5cfb8bdfbb-FRA
expires: Sat, 05 Dec 2020 18:49:02 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
938 B 35ms
21ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 21:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3099
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 11 Dec 2020 22:20:59 GMT

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 34ms
20ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 21:41:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1870
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Fri, 11 Dec 2020 22:41:28 GMT

GET
H2 200 827071377412338 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 279ms
278ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/827071377412338?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

06b6a7c29f77bc3f3f287fb12e0fd1117c67bec8be147c17689f4ceaf8426c2c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tOlF6VPy6gRxldf6lmw+/ZW0IR6+YrmRSDIUDHOlSiwVufgrwaHfdGc0xb9RiKryb4RsKnN+7WcPZNaZqBD+Ew==
x-fb-trip-id: 436667874
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 11 Dec 2020 22:12:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2053480146
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: staticw2.yotpo.com
URL: https://staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/widget.css?widget_version=2020-11-02_12-08-40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://staticw2.yotpo.com/OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd/widget.css?widget_version=2020-11-02_12-08-40
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 21:28:48 GMT
server: ESF
date: Fri, 11 Dec 2020 22:12:38 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 22:12:38 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
198 B 14ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1126405057&t=pageview&_s=1&dl=https%3A%2F%2Fwww.planttherapy.com%2Fshipping&ul=en-us&de=UTF-8&dt=Shipping%20and%20Return%20Policies%20%7C%20Plant%20Therapy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEArAAAAAC~&jid=42518201&gjid=1631855613&cid=319928323.1607724759&tid=UA-34949153-1&_gid=818724086.1607724759&_r=1&gtm=2wgbu0W7WZ5PT&cd1=0&cd3=SARP&cd5=&cd13=false&z=1963738397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 34ms
34ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=42518201&gjid=1631855613&_gid=818724086.1607724759&_u=aGBAAEAqAAAAAC~&z=685469334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Dec 2020 22:12:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4a916cc9-9fa8-40a4-910b-11f8e8b12d8a Show response
ekr.zdassets.com/compose/ 1 KB
909 B 250ms
194ms XHR
application/json 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc6a1aa69b431847bbfe2d77d5f0b8b76ef484871ffd8a2789b80b425e206119

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200 OK
strict-transport-security: max-age=0
cf-request-id: 06f5760ecc0000cd9fe12f4000000001
x-request-id: d2564c11-fdec-44ce-8855-32d3d2cb498d
x-runtime: 0.003603
server: cloudflare
etag: W/"bc6a1aa69b431847bbfe2d77d5f0b8b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 60028c5e083bcd9f-CDG

GET
H2 204 0
bat.bing.com/action/ 0
116 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5321875&Ver=2&mid=35cd732f-5ca8-49e3-8f34-f5d2a70637b7&sid=fadf9d303bfd11ebb628077a5e751fac&vid=fadfb4d03bfd11ebb8c87f59457d185e&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shipping%20and%20Return%20Policies%20%7C%20Plant%20Therapy&kw=Pure%20Essential%20Oils&p=https%3A%2F%2Fwww.planttherapy.com%2Fshipping&r=&lt=2488&evt=pageLoad&msclkid=N&sv=1&rn=156021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 11 Dec 2020 22:12:38 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 35BB3D0C7685415ABB8A6096D56EBAA4 Ref B: FRAEDGE1518 Ref C: 2020-12-11T22:12:38Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.v1.0.350.js Show response
cdn-swell-assets.yotpo.com/ 1 MB
190 KB 127ms
30ms Script
text/plain 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js
Requested by: Host: cdn.swellrewards.com
URL: https://cdn.swellrewards.com/loader/sJocVz2f4S7dWE0d-1JSwg.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D4D) /
Resource Hash: ec8235b4fb4d0f47d0986dbab83a328d9766c4b8cc447e4db0d3b5002c87527a

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
last-modified: Tue, 08 Dec 2020 11:20:25 GMT
server: ECS (lcy/1D4D)
x-amz-meta-s3cmd-attrs: uid:1000/gname:ubuntu/uname:ubuntu/gid:1000/mode:33188/mtime:1607426423/atime:1607426423/md5:a9ac341dddc1f588dee8907916d61a0b/ctime:1607426423
age: 298178
etag: "a9ac341dddc1f588dee8907916d61a0b+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/plain
x-amz-request-id: 57C06F2895B153AC
content-length: 193740
x-amz-version-id: VlCfOQbLlLqa186cXw45hZXswg_zRGki
x-amz-id-2: G0oByklfRaQt3ouMvojprhIid/DxSNoi5IkHEpn5Qrq/yBFF+6v9Lo+KdhmcqKgnSibzQYZ6IJw=

GET
H2 200 modules.9dd23155c7d4a9746d0b.js Show response
script.hotjar.com/ 222 KB
59 KB 119ms
43ms Script
application/javascript 65.9.73.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.9dd23155c7d4a9746d0b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-990352.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.73.11 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 14:00:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29543
x-cache: Hit from cloudfront
content-length: 59490
access-control-allow-origin: *
last-modified: Fri, 11 Dec 2020 13:57:00 GMT
etag: "019b2097ab02dbafab8c376bea41ecc2"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: hKooX2xmHJV7-9FMY9yEKm76pPFcbZhS0xUeuD5YwYNcuW82JzYQ8g==

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
295 B 19ms
18ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=42518201&_u=aGBAAEAqAAAAAC~&z=93319320

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=42518201&_u=aGBAAEAqAAAAAC~&z=93319320

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 angular.js Show response
cdn.searchspring.net/ajax_search/sites/j3m9u2/js/ 39 KB
10 KB 96ms
96ms Script
application/javascript 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/ajax_search/sites/j3m9u2/js/angular.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 342f638342f2266e2a64ccac3b45273ffcb19d6844fc89fc8e668c75249d2231

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 22:06:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "3ad4aaf7696ad726f54b3cf3c71c5830"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
content-length: 9902
x-amz-cf-id: kXBcf3ucDqrKQB6nx5_Qd-Bq4UPzcEV1A2PKkdoVZDnEU_9gCIdGkg==

GET
H2 200 json Show response
trc.taboola.com/1336317/trc/3/ 797 B
767 B 47ms
46ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1336317/trc/3/json?tim=1607724758738&data=%7B%22id%22%3A506%2C%22ii%22%3A%22%2Fshipping%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1607724758734%2C%22cv%22%3A%2220201123-29-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.planttherapy.com%2Fshipping%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dplanttherapy-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1607724758737%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.planttherapy.com%2Fshipping%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336317/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9bea2f56c7336461e204e5c6c6ca010d46576bf708d47ff6adfa5c4fd7f883b

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 17
date: Fri, 11 Dec 2020 22:12:38 GMT
content-encoding: gzip
server: nginx
x-timer: S1607724759.776999,VS0,VE17
x-served-by: cache-hhn4073-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 getIds Show response
s1.listrakbi.com/LfzurVc9lZDp/session/ 175 B
1 KB 307ms
98ms Script
application/x-javascript 52.207.51.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.listrakbi.com/LfzurVc9lZDp/session/getIds?callback=ltkCallback3401&gsid=&_sid=&_tid=311530&ps=null&dps=true
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.51.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-51-121.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: aa5f431c14923c105dfaf6b1bb016dab19c0347ccb641b2de8d6a2623e8dd7a1

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:39 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: no-cache
content-type: application/x-javascript; charset=utf-8
content-length: 175
expires: -1

GET
H2 200 LfzurVc9lZDp.js Show response
onescript-recscont.listrakbi.com/ 3 KB
3 KB 375ms
154ms Script
text/javascript 54.160.201.253
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://onescript-recscont.listrakbi.com/LfzurVc9lZDp.js
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.201.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.3 / ASP.NET
Resource Hash: 02dcd37584e108e7e583470ec431cff8f6c1f25b40b6a93c67af4aab187ffeda

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
cache-control: max-age=300
server: nginx/1.17.3
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 3039
content-type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame FF47 0
0 155ms
61ms Document
text/html 65.9.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-990352.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.planttherapy.com/shipping
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

content-type: text/html
content-length: 851
date: Wed, 04 Nov 2020 19:00:32 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified: Wed, 04 Nov 2020 16:31:53 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: cfsbyPvz0hENM4viPz6jaKL9ZMbipUrpzwKY2_RqfC0pSPkUwRxSQA==
age: 3208326

GET
H2 200 pref_thankyou_template Show response
services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/ 736 B
937 B 482ms
118ms Script
text/javascript 142.0.93.34
LISTRAK-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/pref_thankyou_template?id=pref_thankyou_template
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.0.93.34 Lititz, United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: da5c2854bcf01d73044e5c02520c52f5be336b2067911efa374da8645c123a28

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
content-length: 736

GET
H2 200 autocomplete2.js Show response
cdn.searchspring.net/search/v3/lts/modules/ 32 KB
9 KB 58ms
58ms Script
application/javascript 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/lts/modules/autocomplete2.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d089cc150598d19c7892c08d5558bfd0679c9e0226cca5b3a2450e7306578ed

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 21:43:03 GMT
content-encoding: gzip
last-modified: Wed, 23 Sep 2020 19:48:17 GMT
server: AmazonS3
age: 1776
etag: "5d4d9cf4d7ecedcf4aac840af7fdcd2f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: zrD1WV9mW4EKLFT1QhySzT6osu-p6ZYF_b33EO5WcQfZEGelOTAFuw==

GET
H2 200 slideout.js Show response
cdn.searchspring.net/search/v3/lts/modules/ 9 KB
4 KB 55ms
55ms Script
application/javascript 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/lts/modules/slideout.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c8d61157b9f632fd7ba281e68de890d7529c6703d22df048761d9ec99402e2e

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 21:56:52 GMT
content-encoding: gzip
last-modified: Mon, 01 Jun 2020 20:28:29 GMT
server: AmazonS3
age: 1010
etag: "e9afe3956f597ad680eed56c1b1aa210"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: KWxRS_ok7wL_Z2JWv5ldG-Edvixg5C1nIROm1Iye8KqUaxEK9BI4vQ==

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 11ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=827071377412338&ev=PageView&dl=https%3A%2F%2Fwww.planttherapy.com%2Fshipping&rl=&if=false&ts=1607724758924&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.1.1607724758923.740151533&it=1607724758580&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 11 Dec 2020 22:12:38 GMT

GET
H/1.1 200
OK animate.min.css
cdn.listrakbi.com/css/ 5 KB
1 KB 35ms
33ms Stylesheet
text/css 65.9.81.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.listrakbi.com/css/animate.min.css
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.81.12 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 12:26:40 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Mon, 06 Jul 2020 14:12:04 GMT
Server: Microsoft-IIS/8.5
Age: 35185
X-Powered-By: ASP.NET
ETag: "93fb116d9f53d61:0"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: rQKXj2MMhn0Ix6aOVi69Peu4IZMcj6czGqcyznEOWEpvE0RkhFpr7w==

GET
H2 200 bootstrap.min.css
cdn-swell-assets.yotpo.com/ Frame 0E47 128 KB
17 KB 80ms
78ms Stylesheet
text/css 192.229.233.223
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-swell-assets.yotpo.com/bootstrap.min.css
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.223 Los Angeles, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D50) /
Resource Hash: d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: gzip
last-modified: Sat, 03 Nov 2018 07:07:15 GMT
server: ECS (lcy/1D50)
age: 39811647
etag: "ac7e8e8ff20e7d843326d71a28ecb087+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-amz-request-id: 38F020A425587B31
content-length: 16944
x-amz-version-id: null
x-amz-id-2: 53l9XgkoJ0h1y2ARIOvFykW725Nf2gD4jrIxkqgJWY15FLazTnkyGHhvruh+SmO6Tbkv+7zdCkA=

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 0E47 30 KB
7 KB 79ms
60ms Stylesheet
text/css 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H3-Q050 200 css
fonts.googleapis.com/ 5 KB
1 KB 78ms
64ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9de171726dbc73769f1b5a332b02d5305acf001dccf0261ba43fb7f03d51606a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 22:12:39 GMT
server: ESF
date: Fri, 11 Dec 2020 22:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 22:12:39 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 7ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40EB) /
Resource Hash: 2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 22:12:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 842
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28698
x-tw-cdn: VZ
Last-Modified: Thu, 01 Oct 2020 21:52:09 GMT
Server: ECS (fcn/40EB)
Etag: "a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 spatial-navigation.js Show response
cdn.searchspring.net/search/v3/lts/modules/ 3 KB
2 KB 64ms
62ms Script
application/javascript 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/search/v3/lts/modules/spatial-navigation.js
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be535ea59f5950223e23ad83eb03351c5508274b83291f8be7bb1482f2a3f830

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 21:56:25 GMT
content-encoding: gzip
last-modified: Mon, 08 Jun 2020 19:48:14 GMT
server: AmazonS3
age: 975
etag: "f09033df9e6c8e402927839aebed94e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: a4hYj0oHq8y8jyRgnAUpV405V-YnccUKQaM72s_pCI_8LjKdbbu3uw==

GET
H2 200 preload.201b5a8043552a89bd7c.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 61 KB
18 KB 156ms
89ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.201b5a8043552a89bd7c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b05e742f43c5e3abde607c78adfb44679b3b283208c439392eb886b6aed5fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 238706
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: A282C770A33A3474
x-amz-id-2: 9pxnP8UlI2eGmmSZRhF9mNFv75IlRG/jrZGWMdMDxUYDoThe9OfNgztIjHmico7CZbdjhOKmr40=
last-modified: Wed, 09 Dec 2020 03:45:47 GMT
server: cloudflare
etag: W/"0fa351dc3a046c0b7bf0970dfc8533a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CnQt.wtA3gkoIhw0HzZKVMsJGkeF_VQh
cf-request-id: 06f576108a0000a87389987000000001
cf-ray: 60028c60d9dca873-CDG
expires: Thu, 09 Dec 2021 03:45:46 GMT

GET
H2 200 web_widget.9dc7b1f513c47f4ab974.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 307E 245 KB
64 KB 257ms
191ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget.9dc7b1f513c47f4ab974.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 238706
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: A5EEC46177821CD1
x-amz-id-2: vhT58oZClBBOjbwPFWRGvq4BuputytStudhNb1wNk6QsZxrC5L5DKVtUOHFo+PZDL3C9uqVwlhk=
last-modified: Wed, 09 Dec 2020 03:45:48 GMT
server: cloudflare
etag: W/"acc0d0f9c31d1ba8afda0426cd8ac225"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: YViqwF933Mr4L08jWgG0ApRh7Ttlus_S
cf-request-id: 06f576108a0000a8736d255000000001
cf-ray: 60028c60d9dea873-CDG
expires: Thu, 09 Dec 2021 03:45:47 GMT

GET
H2 200 web_widget.ccb44c0ebef0071b798f.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 307E 495 KB
95 KB 96ms
31ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.ccb44c0ebef0071b798f.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

feb77df2b9d662851af32759b39c683616c3b27e1f545b713619f178b7eefdf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4137
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: CC3709F01FB30EBF
x-amz-id-2: zq4P+5q+I1Fb+d2m+00iqObWITVUduuS/YHmJcg8GkRfB7Qslr0hwb9MY9sSNIxjdhSkwrjKzUo=
last-modified: Wed, 09 Dec 2020 03:44:56 GMT
server: cloudflare
etag: W/"843a9e1610677d930e1ef5ffea83b2d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: kns0S4ZIlSwrEFVN__yonjfCC7v_ufcc
cf-request-id: 06f576108b0000a8737187d000000001
cf-ray: 60028c60d9dfa873-CDG
expires: Thu, 09 Dec 2021 03:44:55 GMT

GET
H2 200 web_widget.e93995869b58ab40e8ec.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 334 KB
66 KB 94ms
29ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.e93995869b58ab40e8ec.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5d7e52393264bb0ad18f23efd8f15a240f5cf56b581cd00f36a793ac7ea940

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11156
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0E6DF961DA8BB93A
x-amz-id-2: OSbqO309eoQaV+Ygpy4ZOC+jQETP432c9bYVI37GfVp6pMyEFSY706jomH8nkr1+rjC4kPm1SGg=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"78f99bda60d57d1b42eef16e75dd158b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FObEWn2VEkszwW0wnnX0AMsq1z9lI8f4
cf-request-id: 06f576108b0000a8736d8c7000000001
cf-ray: 60028c60d9e0a873-CDG
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 vendors~web_widget.ccbc82c9f877226a18ba.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 493 KB
151 KB 99ms
33ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4137
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E2C03621BF6F5809
x-amz-id-2: q+hl93xreBVceMBANO4zuzjOzFHAhSyt4xpeqpp8a1klSsgVrEXH7X6iBtjStwMh28HBdWMZGjM=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"64d67bfca286493ba83366c7d77d37ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VBSOWfwvDFkm3g5tWUtswynZM70AY5pZ
cf-request-id: 06f576108b0000a87381350000000001
cf-ray: 60028c60d9e2a873-CDG
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 web_widget~messenger.3afa7dfbaad2d4646a30.chunk.js Show response
static.zdassets.com/web_widget/latest/vendors~lazy/ Frame 307E 318 KB
63 KB 207ms
197ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~lazy/web_widget~messenger.3afa7dfbaad2d4646a30.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c18ffc44532d06dc6a238f52a6a3ab1c2e69f2dd9bae006f77e57c0c98591636

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 238706
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: B931331A8B085575
x-amz-id-2: fWQ5uXTumW7KmwY1RQPotwpD7d6qaosqRDqctv2R2/lgyW2FmRueGhSVHcCtb99rafxCqsbDIhs=
last-modified: Wed, 09 Dec 2020 03:45:48 GMT
server: cloudflare
etag: W/"2456af75cae7aca905921869d7efbe13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tclCa4aaU3Du6JAEh6e9.mx4V2_4aB0a
cf-request-id: 06f576108b0000a873819df000000001
cf-ray: 60028c60d9e3a873-CDG
expires: Thu, 09 Dec 2021 03:45:47 GMT

GET
H2 200 talk-sdk.fced29ac845e4c42422b.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 68 KB
18 KB 131ms
122ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/talk-sdk.fced29ac845e4c42422b.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 238705
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 7466BD253D79688E
x-amz-id-2: 0C7c2t7r+vEzhC8TWnPU8SJgsbnzJuK2IsN/EVYiTTAjLdd4RQJYD1xI4VAYVuR4sKJml6+/2CA=
last-modified: Wed, 09 Dec 2020 03:45:47 GMT
server: cloudflare
etag: W/"e0d48bf92424d80462f91d1ec9e02fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: iEzunsM6HpC7h1X9GcalwRfmhpdvkfHO
cf-request-id: 06f576108c0000a8737e845000000001
cf-ray: 60028c60d9e4a873-CDG
expires: Thu, 09 Dec 2021 03:45:46 GMT

GET
H2 200 chat-sdk.ef57fe179f7fdba70997.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 257 KB
50 KB 155ms
146ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.ef57fe179f7fdba70997.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 238706
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 88D273850E1315F2
x-amz-id-2: AeMA8QRzT+W/q/3aG7kYuT04uU1qtsQID3ibfLQobvI2k6/W4imEfMq0tLtBtYp7jXzBWhk+OIA=
last-modified: Wed, 09 Dec 2020 03:44:55 GMT
server: cloudflare
etag: W/"471486ebf305f761724c4a3d88d24c68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tUzJzxwRIGBtH2yGLDY0ifhL7s6uFqT5
cf-request-id: 06f576108c0000a8736f16e000000001
cf-ray: 60028c60d9e5a873-CDG
expires: Thu, 09 Dec 2021 03:44:53 GMT

GET
H/1.1 200
OK widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame D587 0
0 17ms
17ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.planttherapy.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.planttherapy.com/shipping
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1483745
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 11 Dec 2020 22:12:39 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Thu, 01 Oct 2020 21:50:01 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40B4)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H3-Q050 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 04:27:58 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 63881
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Sat, 11 Dec 2021 04:27:58 GMT

GET
H3-Q050 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v35/ 13 KB
13 KB 8ms
6ms Font
font/woff 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:45:15 GMT
x-content-type-options: nosniff
last-modified: Mon, 13 Jul 2020 19:17:42 GMT
server: sffe
age: 12444
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13064
x-xss-protection: 0
expires: Sat, 11 Dec 2021 18:45:15 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 0E47 5 KB
752 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:700|Open%20Sans:400|Montserrat:400

Requested by

Host: cdn-swell-assets.yotpo.com
URL: https://cdn-swell-assets.yotpo.com/app.v1.0.350.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9de171726dbc73769f1b5a332b02d5305acf001dccf0261ba43fb7f03d51606a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 22:12:39 GMT
server: ESF
date: Fri, 11 Dec 2020 22:12:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 22:12:39 GMT

GET
H/1.1 200
OK onload Show response
bt.signifyd.com/ 0
994 B 398ms
97ms XHR
text/plain 52.204.247.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bt.signifyd.com:11103/onload
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.247.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Tracking: eyJicm93c2VySWQiOiI5MTYyYmZlNmU1Yzk0Nzc1OGRlZTc1OTU0Y2ZmMjk1ODFiYzBlNzhkM2JkNTFiYWNhZjIyNTljYWM1ZTA4M2U3NTE5Y2JlMjEiLCJzZXNzaW9uSWQiOiJlNWIxMGNiNjE4OGI0YTc3YWFkNDYwOWQ0MThkZjQ2NjljMjRlMmQyOTg2MmZhMWFkZmFjMDQyYTgxYTY5Zjc4OGM5MjM3ODYiLCJ0aW1lc3RhbXAiOjE2MDc3MjQ3NTk3NDd9
ETag: eyJicm93c2VySWQiOiI5MTYyYmZlNmU1Yzk0Nzc1OGRlZTc1OTU0Y2ZmMjk1ODFiYzBlNzhkM2JkNTFiYWNhZjIyNTljYWM1ZTA4M2U3NTE5Y2JlMjEiLCJzZXNzaW9uSWQiOiJlNWIxMGNiNjE4OGI0YTc3YWFkNDYwOWQ0MThkZjQ2NjljMjRlMmQyOTg2MmZhMWFkZmFjMDQyYTgxYTY5Zjc4OGM5MjM3ODYiLCJ0aW1lc3RhbXAiOjE2MDc3MjQ3NTk3NDd9
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, ETag-State, Tracking, Tracking-State
Cache-Control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Content-Length: 0

GET
H/1.1 200
OK check.js;CIS3SID=514D364F1615AB37196713F0C653DCE4 Show response
imgs.signifyd.com/fp/ Frame 641C 135 KB
34 KB 60ms
59ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/check.js;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jb=333524266a736f753544616e7d782662736f3f4e696e75782668716035416a706f6f672532303833

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/tags.js?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&pageid=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4ca50f96eb85276280804ea8e7b8f87e8800dd30274276cb8b41e62fec119c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: ee40f300b7e9fbff
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 3542a64e7e46413e9d224754ba621396.js Show response
tags.b1js.com/tags/ 42 B
375 B 179ms
15ms Script
application/javascript 2600:9000:2104:c800:1d:16cb:5a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.b1js.com/tags/3542a64e7e46413e9d224754ba621396.js
Requested by: Host: js.b1js.com
URL: https://js.b1js.com/tagcontainer.js?id=3542a64e7e46413e9d224754ba621396&type=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:c800:1d:16cb:5a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9437e3f1d79a5e09c08deb1b826d4b5a1063000e8db20f1eb05dba66b2b937c

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 19:47:09 GMT
via: 1.1 025692f042f48f4d5f15fa44d00c09ee.cloudfront.net (CloudFront)
last-modified: Wed, 23 May 2018 13:18:09 GMT
server: AmazonS3
age: 8731
etag: "cd580530e46671a95d75f1b2c472fe90"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
content-length: 42
x-amz-cf-id: VVPvWn2dHYGPYiD1ux8bZdrTC45TnJHtpGhM_BlLvrW1mxUA2AFNWA==

GET
H/1.1 200
OK clear.png
imgs.signifyd.com/fp/ Frame 641C 81 B
475 B 154ms
85ms Image
image/png 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&w=5d266e6e1d23752f&ck=0&m=1

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:39 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK i
p.yotpo.com/ 35 B
402 B 189ms
29ms Image
image/gif 35.157.53.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.yotpo.com/i?e=pv&page=Shipping%20and%20Return%20Policies%20%7C%20Plant%20Therapy&se_va=OCOj8kUTBDaMO2xVMhtQcUHCfSa0bcegBEPFXgVd&cx=eyJwdl91dWlkIjo1OTQwMzkwMzB9&dtm=1607724759370&tid=419311&vp=1600x1200&ds=1600x2947&vid=1&duid=756705528c7d9202&p=web&tv=js-0.13.2&fp=606422418&aid=onsite_v2&lang=en-US&cs=UTF-8&tz=Europe%2FBerlin&res=1600x1200&cd=24&cookie=1&url=https%3A%2F%2Fwww.planttherapy.com%2Fshipping
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.53.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-53-241.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 22:12:39 GMT
Cache-Control: max-age=86400, private
Expires: Sat, 12 Dec 2020 22:12:39 GMT
Server: nginx
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK clear.png
imgs.signifyd.com/fp/ Frame 641C 81 B
474 B 151ms
83ms Image
image/png 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:39 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 61ms
61ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=827071377412338&ev=Microdata&dl=https%3A%2F%2Fwww.planttherapy.com%2Fshipping&rl=&if=false&ts=1607724759497&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shipping%20and%20Return%20Policies%20%7C%20Plant%20Therapy%22%2C%22meta%3Adescription%22%3A%22Plant%20Therapy%20provides%20the%20highest%20quality%20100%25%20pure%20essential%20oils%20and%20accessories%20at%20a%20price%20that%20everyone%20can%20afford.%20Order%20online%20today!%22%2C%22meta%3Akeywords%22%3A%22Pure%20Essential%20Oils%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Essential%20Oils%20%7C%20Plant%20Therapy%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.planttherapy.com%2Fimages%2FPT-Main-Logo-Facebook-1200x627.jpg%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A54%2C%22w%22%3A1146%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A54%2C%22w%22%3A62%7D%2C%22properties%22%3A%7B%22position%22%3A%221%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22HOME%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FThing%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FListItem%22%7D%2C%7B%22dimensions%22%3A%7B%22h%22%3A54%2C%22w%22%3A208%7D%2C%22properties%22%3A%7B%22position%22%3A%222%22%7D%2C%22subscopes%22%3A%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22SHIPPING%20AND%20RETURN%20POLICY%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FThing%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FListItem%22%7D%5D%2C%22type%22%3A%22http%3A%2F%2Fschema.org%2FBreadcrumbList%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.1.1607724758923.740151533&it=1607724758580&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 11 Dec 2020 22:12:39 GMT

GET
H2 200 config Show response
planttherapy.zendesk.com/embeddable/ 850 B
1 KB 338ms
226ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://planttherapy.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=4a916cc9-9fa8-40a4-910b-11f8e8b12d8a

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c01f3d4527d4c5a40148a935c01e0bc61f4a9da20ac23f23a004d3470aa0dc7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-89564bd5b-rv7k6
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 06f576127d0000cdb36fa1f000000001
x-request-id: 600263b8fc2ddf7f-SEA
x-runtime: 0.001580
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FXBrVXCP3oSWYVpMrZMJY3VojywsFwlCm2tsJ4nMNYUelaxen1%2BfTgm8ZsilLY6GXtybgqutKnOHVIk92ZmbdfAPLJj3clDjq0mqfkRKjmSsYqPJ3F0%2BpAc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 60028c63fa86cdb3-CDG

GET
H2 200 vendors~web_widget.ccbc82c9f877226a18ba.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 493 KB
151 KB 52ms
41ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.201b5a8043552a89bd7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 4137
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E2C03621BF6F5809
x-amz-id-2: q+hl93xreBVceMBANO4zuzjOzFHAhSyt4xpeqpp8a1klSsgVrEXH7X6iBtjStwMh28HBdWMZGjM=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"64d67bfca286493ba83366c7d77d37ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: VBSOWfwvDFkm3g5tWUtswynZM70AY5pZ
cf-request-id: 06f576121b0000a87392a5c000000001
cf-ray: 60028c635b3ca873-CDG
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 web_widget.e93995869b58ab40e8ec.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 307E 334 KB
66 KB 39ms
32ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.e93995869b58ab40e8ec.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.201b5a8043552a89bd7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b5d7e52393264bb0ad18f23efd8f15a240f5cf56b581cd00f36a793ac7ea940

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11156
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 0E6DF961DA8BB93A
x-amz-id-2: OSbqO309eoQaV+Ygpy4ZOC+jQETP432c9bYVI37GfVp6pMyEFSY706jomH8nkr1+rjC4kPm1SGg=
last-modified: Wed, 09 Dec 2020 03:45:49 GMT
server: cloudflare
etag: W/"78f99bda60d57d1b42eef16e75dd158b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: FObEWn2VEkszwW0wnnX0AMsq1z9lI8f4
cf-request-id: 06f576121b0000a8737188f000000001
cf-ray: 60028c635b3da873-CDG
expires: Thu, 09 Dec 2021 03:45:48 GMT

GET
H2 200 LfzurVc9lZDp Show response
at1.listrakbi.com/activity/ 111 B
703 B 316ms
100ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/LfzurVc9lZDp
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 614cdd4f0f37c40ae434194d78f4b1d4062e1d71110ba1b9828265282f72b197

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/ 148 KB
52 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js?onload=renderBadge

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef69fed3dfb5e2204eec4e9e45b120ad0738640dcaf1dd82be51d4dad5db3cf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 18:40:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 17:03:00 GMT
server: sffe
age: 12736
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52983
x-xss-protection: 0
expires: Sat, 11 Dec 2021 18:40:23 GMT

OPTIONS
H/1.1 200
OK ingest
bt.signifyd.com/ Frame 0
0 97ms
96ms Other 52.204.247.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bt.signifyd.com:11103/ingest
Protocol: HTTP/1.1
Server: 52.204.247.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,tracking,tracking-state
Origin: https://www.planttherapy.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, ETag-State, Tracking, Tracking-State
Access-Control-Max-Age: 3600
Cache-Control: private
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK ingest Show response
bt.signifyd.com/ 0
438 B 102ms
102ms XHR
text/plain 52.204.247.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bt.signifyd.com:11103/ingest
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.247.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planttherapy.com/shipping
Tracking-State: RECEIVED
Tracking: eyJicm93c2VySWQiOiI5MTYyYmZlNmU1Yzk0Nzc1OGRlZTc1OTU0Y2ZmMjk1ODFiYzBlNzhkM2JkNTFiYWNhZjIyNTljYWM1ZTA4M2U3NTE5Y2JlMjEiLCJzZXNzaW9uSWQiOiJlNWIxMGNiNjE4OGI0YTc3YWFkNDYwOWQ0MThkZjQ2NjljMjRlMmQyOTg2MmZhMWFkZmFjMDQyYTgxYTY5Zjc4OGM5MjM3ODYiLCJ0aW1lc3RhbXAiOjE2MDc3MjQ3NTk3NDd9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, ETag-State, Tracking, Tracking-State
Cache-Control: private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Authorization, ETag, ETag-State, If-None-Match, Tracking, Tracking-State
Content-Length: 0

GET
H2 200 products_template_carousel Show response
services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/ 5 KB
5 KB 113ms
112ms Script
text/javascript 142.0.93.34
LISTRAK-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/products_template_carousel?id=products_template_carousel
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.0.93.34 Lititz, United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4c47fc32b64d051ebb6df27a6fbfc17649393a5b687059ab622f2f9011507d53

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:39 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
content-length: 4773

GET
H2 200 config.json Show response
cdn.acsbapp.com/cache/app/planttherapy.com/ 115 B
299 B 294ms
98ms Fetch
application/json 167.172.136.187
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/planttherapy.com/config.json
Requested by: Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.136.187 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: accessibeapp01.jetserver.net
Software: /
Resource Hash: 2bdc4efe959c48b8ca4ebade0a099ea1b2912402d8030e2cbab2315c07049703

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
last-modified: Fri, 11 Dec 2020 22:12:17 GMT
etag: "73-5fd3eec1-7ea0a52188afcc52;;;"
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 115
expires: Sat, 12 Dec 2020 22:12:40 GMT

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame 641C 81 B
536 B 99ms
34ms XHR
image/png 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/fp/check.js;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jb=333524266a736f753544616e7d782662736f3f4e696e75782668716035416a706f6f672532303833

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/ee40f300b7e9fbff0c2d1aed899e91a9da3bdad0e7c38766
Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 22:12:40 GMT
Last-Modified: Fri, 11 Dec 2020 22:12:40 GMT
Server: Apache
Etag: ef6e3afc533c41f58e080a00131f5810
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://www.planttherapy.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Wed, 10 Dec 2025 22:12:40 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4
imgs.signifyd.com/fp/ Frame 073C 0
0 44ms
40ms Document
text/html 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/ls_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: imgs.signifyd.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.planttherapy.com/shipping
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: thx_guid=eab875e0a19145ed8da47c92a76779fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

Date: Fri, 11 Dec 2020 22:12:39 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame 641C 0
387 B 41ms
37ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jb=3530246c73613d356c3a3f366d366539643231353532666538363b663d643a6362343534653965396d3839633932613062376034393831

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:39 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4
h.online-metrix.net/fp/ Frame 90FB 0
0 117ms
45ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , Netherlands, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: h.online-metrix.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.planttherapy.com/shipping
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

Date: Fri, 11 Dec 2020 22:12:40 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 641C 0
0

GET
H/1.1 200
OK top_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4
imgs.signifyd.com/fp/ Frame F89C 0
0 38ms
35ms Document
text/html 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/top_fp.html;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: imgs.signifyd.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.planttherapy.com/shipping
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: thx_guid=eab875e0a19145ed8da47c92a76779fe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

Date: Fri, 11 Dec 2020 22:12:40 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
204 clear.png Show response
imgs.signifyd.com/fp/ Frame 641C 0
218 B 46ms
29ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&ja=3636362626773d356c3a3f366d3665396432313535326626633f34322e783f343024643d3136303070393a303826616e3d3134323078313230322471707b3f327832246470723d3124393e30382c313a30302e333630302c3130323224333432302e333230302c313e38382c393230382c302e32267363643d303624646a3f6a74767273253341253a4e2d324e77777f2e706e636e74746865706372712c616d6d27304673686970786166672e64723526686a3f38343062333160663f35323a3863633736626265313831326d36333930666766266a736f3d4e6b6c7d7a246873603f4368726f6d6d2d3a3030332662736f773f4c696e7578246c6a6b3f3334266c666d3d382674726c35457d726f78652530444265726c696c246f69766a703d363230336431633a6a6d633832653e6363373430303832616633373d3632336666363538383134396c3e656961323c64633b3661666264373031333b333b346124723d706c756761665766646173605e66636e736521706c77656b665d756b6e666d77735f6d656c61695f786c617165725c64616c736521726e776f6b6c5d61666d62655f61637a676a617c5e66696c736723706c7567696c5d737d6b6169746b6f655e66616c7b6d2970647567616e5f716a6f636b776174675c6e636e716523726c7567696e577a6d6164706c697965705c66616c736523726e7d656b6c5f746e635f706c61716d7a5e6e616c7b6521726e7567696e5f666774696e74705e64636c73652170647d6f69665f737e675f746b657765725e64636e7b6723726c7765696e5f6a617e695666696c736d26657a313d633834663635663f343b616231356133346332386d3a643131666e37333a3630636137303763366b246161643f303030303030&jb=31373b266c713d4d6772616c6461253a46352c32253230284d63616b66766d716827314225323049667c6d6c2d32304561632730304f532532325a273a3233325f33365f35292532384978706465576d624b6b762532463533352c313e27303228494a544d4c25324b2d3a3064696b6d2532324565636b6f292730324b6a706d6d6727324638332e38263c3138332e3e3125303253616661726b27304e3731352e3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 11 Dec 2020 22:12:40 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net/fp/ Frame 641C 81 B
438 B 141ms
33ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
5 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: www.planttherapy.com
URL: https://www.planttherapy.com/shipping

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 08:37:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48918
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Dec 2021 08:37:22 GMT

GET
H2 200 ModalImpression.ashx Show response
m1.listrakbi.com/ 103 B
690 B 118ms
103ms Script
application/javascript 52.207.51.121
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://m1.listrakbi.com/ModalImpression.ashx?callback=ltkCallback4195&t=impression&ctid=LfzurVc9lZDp&globalSessionUID=f194fae0-5160-44b3-9294-fad9f23a1f1f&mid=d29ea4f8-a25c-4af8-a640-ec6292081d22
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.51.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-51-121.compute-1.amazonaws.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2264db590c13810b3b4e9c0d472e161fc109d6d08b23881185d1301268676ebe

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: private
content-type: application/javascript; charset=utf-8
content-length: 103

GET
H2 200 PlantTherapy-Email-SMS-PopUp-Winter2019-Desktop-600x200.jpg
mediacdn.espssl.com/7891/ 92 KB
92 KB 143ms
29ms Image
image/jpeg 93.184.220.43
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediacdn.espssl.com/7891/PlantTherapy-Email-SMS-PopUp-Winter2019-Desktop-600x200.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.43 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (lcy/1D2E) /
Resource Hash: 6f30ff9ba4b2c9a2a5dbdf63aee794a4b8e4a31adb4e91606943ac0b422b9a76

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
last-modified: Mon, 18 Nov 2019 17:11:00 GMT
server: ECS (lcy/1D2E)
age: 49964
etag: "d55f5126339ed51:0"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-transform,public,max-age=3600,s-maxage=86400
x-cache: HIT
accept-ranges: bytes
content-length: 94432

GET
H2 200 eu_tag
b1img.com/3542a64e7e46413e9d224754ba621396/ 95 B
283 B 186ms
124ms Image
image/png 34.102.245.58
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1img.com/3542a64e7e46413e9d224754ba621396/eu_tag?type=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.245.58 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: gunicorn /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
via: 1.1 google
server: gunicorn
alt-svc: clear
content-length: 95
content-type: image/png

GET
H3-Q050 200 badge
www.google.com/shopping/customerreviews/ Frame 594B 0
0 185ms
185ms Document
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/shopping/customerreviews/badge?usegapi=1&merchant_id=102425749&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.planttherapy.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sazTpAB7NWc.O/m=ratingbadge/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMGRnMhese6OTxesnN0rDvhruAGIg/cb=gapi.loaded_0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cMWTt222O/doVwgHS4Vldw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-cMWTt222O/doVwgHS4Vldw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /shopping/customerreviews/badge?usegapi=1&merchant_id=102425749&position=BOTTOM_LEFT&origin=https%3A%2F%2Fwww.planttherapy.com&gsrc=3p&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.sazTpAB7NWc.O%2Fam%3DwQE%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCMGRnMhese6OTxesnN0rDvhruAGIg%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.planttherapy.com/shipping
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.planttherapy.com/shipping

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
expires: Fri, 11 Dec 2020 22:12:40 GMT
date: Fri, 11 Dec 2020 22:12:40 GMT
cache-control: private, max-age=900
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-cMWTt222O/doVwgHS4Vldw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/VerifiedReviewsBadgeUi/cspreport;worker-src 'self' script-src 'nonce-cMWTt222O/doVwgHS4Vldw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/VerifiedReviewsBadgeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=204=ygf4GPvSAkHA_n2TTCnrqoTpQ6lVRBpfJR08Xv-zUnyjWXy5o-llKzrhCelRqzihyUcU3mMqfrw3kr93c0xs153LYqi1IxF8N8W-I0r2wLxRhQYcoM3HqKKhMJmt80zB8e4G--msKaRaQ_ahtoJXm34wKanoevvIM18_f87tRHc; expires=Sat, 12-Jun-2021 22:12:40 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 en-us-json.15692f2f120276004b07.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 307E 25 KB
5 KB 39ms
39ms Script
application/javascript 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.15692f2f120276004b07.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.201b5a8043552a89bd7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 692014
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: E5C0B7224DBC5AD6
x-amz-id-2: yOgzIZfKnZ+I9YyUAhnCXttmfdCGeEMVQQ3pmxYkEXPBTDsuv1Wdp09xjCL/jYv05g4GuqoUfeM=
last-modified: Thu, 03 Dec 2020 05:35:47 GMT
server: cloudflare
etag: W/"92bf604e2109e764598caba6181d1b87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: fU6PbKFokFWY4fQI_leztNkNTO_uPXEo
cf-request-id: 06f57614e30000a8736f1a0000000001
cf-ray: 60028c67ddeea873-CDG
expires: Fri, 03 Dec 2021 05:35:45 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1336317/log/3/ 0
296 B 86ms
29ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336317/log/3/unip?en=pre_d_eng_tb&tos=1574&scd=40&ssd=1&est=1607724758736&ver=27&isls=true&src=i&invt=1500&tim=1607724760310&vi=1607724758734&ri=d34919484494b6bbaaca6fe1be242110&sd=v2_7a4da05f2e3c711dcca3b7c06a9a4d54_8e6dc9ae-002a-469f-b9af-6947b2f2d88d-tuct6cd7456_1607724758_1607724758_CNawjgYQ_cdRGM7t857lLiABKAEwSjjE1whA9YsQSLv91wNQr6EPWAFgAGjipqqRsq2X4nA&ui=8e6dc9ae-002a-469f-b9af-6947b2f2d88d-tuct6cd7456&ref=null&cv=20201123-29-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336317/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 9073
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.14:10213

GET
H2 200 j3m9u2.css
cdn.searchspring.net/ajax_search/sites/j3m9u2/css/ 35 KB
6 KB 57ms
57ms Stylesheet
text/css 65.9.68.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.searchspring.net/ajax_search/sites/j3m9u2/css/j3m9u2.css
Requested by: Host: cdn.searchspring.net
URL: https://cdn.searchspring.net/search/v3/lts/searchspring.catalog.js?j3m9u2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.85 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd6276ffa98ea3a10f852a9d074ee26f45619b02ee5d407ae678f9dd6f235228

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 22:06:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "49732eac16fd4bd4311f3d33c2594fc5"
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 3dd91613764eafe7ad199013ce202443.cloudfront.net (CloudFront)
cache-control: public, max-age=300
accept-ranges: bytes
content-length: 5718
x-amz-cf-id: IdnfVegv0gtYqIyU4KnsKp02nzKhH2vrwnpgUwQ3vAa0sYfb5dt-Qw==

GET
H3-Q050 200 css
fonts.googleapis.com/ 7 KB
783 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4734b6ead164acca3543cbe8059e555e73b0cd1f07056828928772af9546cc16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Dec 2020 22:12:40 GMT
server: ESF
date: Fri, 11 Dec 2020 22:12:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Dec 2020 22:12:40 GMT

GET
H2 200 embeddable_blip Show response
planttherapy.zendesk.com/ Frame 307E 0
773 B 189ms
189ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planttherapy.zendesk.com/embeddable_blip?type=settings&data=eyJzZXR0aW5ncyI6eyJ3ZWJXaWRnZXQiOnsiY29udGFjdE9wdGlvbnMiOnsiZW5hYmxlZCI6dHJ1ZSwiY2hhdExhYmVsT25saW5lIjp7IioiOiJMaXZlIENoYXQifSwiY2hhdExhYmVsT2ZmbGluZSI6eyIqIjoiQ2hhdCBpcyB1bmF2YWlsYWJsZSJ9LCJjb250YWN0Rm9ybUxhYmVsIjp7IioiOiJFbWFpbCB1cyJ9fX19LCJidWlkIjoiOTZiNjlmMGUzOWU3MGQxYjc5YjMyZTM1NTkyYTc3MzgiLCJzdWlkIjoiNDZmNzc5YTE4Mjk2YmVhMzBiOTFjMGM4MTJkMjc5MTkiLCJ2ZXJzaW9uIjoiYTdiZDg5YjQ2IiwidGltZXN0YW1wIjoiMjAyMC0xMi0xMVQyMjoxMjo0MC4zNDhaIiwidXJsIjoiaHR0cHM6Ly93d3cucGxhbnR0aGVyYXB5LmNvbS9zaGlwcGluZyJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wowuD1IgLmuxJMv0%2FBD9mJYlG1h2L%2BtiYJMUnWotB%2BA85ElQ9fEDqnOErUShElS%2F38sR8hAO0jtBHqYcp%2FjoJtO8yjnQGlHtfx2qFxRrueldkUit5yZxoM0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 60028c683abbcdb3-CDG
cf-request-id: 06f57615280000cdb3840cb000000001

GET
H2 200 en.build.json Show response
cdn.acsbapp.com/cache/app/ 226 KB
21 KB 97ms
97ms Fetch
application/json 167.172.136.187
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.acsbapp.com/cache/app/en.build.json
Requested by: Host: acsbap.com
URL: https://acsbap.com/apps/app/assets/js/acsb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.136.187 , United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: accessibeapp01.jetserver.net
Software: /
Resource Hash: eb125d3d333c45b2ff5e9ba160bc8a3bc84e5dd4a307a49e7b673bf240325285

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: br
last-modified: Thu, 10 Dec 2020 20:56:02 GMT
etag: "388d7-5fd28b62-59a7bd36e0891245;br"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=432000 public
accept-ranges: bytes
access-control-allow-headers: *
content-length: 21362
expires: Sat, 12 Dec 2020 22:12:40 GMT

GET
H3-Q050 200 4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 17:10:16 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:01 GMT
server: sffe
age: 277344
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13720
x-xss-protection: 0
expires: Wed, 08 Dec 2021 17:10:16 GMT

GET
H3-Q050 200 4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 05:31:55 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:11 GMT
server: sffe
age: 578445
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14096
x-xss-protection: 0
expires: Sun, 05 Dec 2021 05:31:55 GMT

GET
H3-Q050 200 tDbD2oWUg0MKqScQ7Z7o_vo.woff2
fonts.gstatic.com/s/arvo/v14/ 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arvo/v14/tDbD2oWUg0MKqScQ7Z7o_vo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62dd1591b85ac94338ebf05423aaf78e49e4a9c26ce929d2286c648c67f22686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 18:30:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:20 GMT
server: sffe
age: 186136
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10632
x-xss-protection: 0
expires: Thu, 09 Dec 2021 18:30:24 GMT

GET
H2 200 products_template_no_carousel Show response
services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/ 5 KB
5 KB 105ms
105ms Script
text/javascript 142.0.93.34
LISTRAK-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/T/Recs/4aa0aae8-b2c5-4963-a929-2b8cff26d98c/products_template_no_carousel?id=products_template_no_carousel
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.0.93.34 Lititz, United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8fad349b03c56c3c503c1b1aed617b9557888611b3e2d0718c9483e18a8f38b9

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
content-length: 5038

GET
H2 200 LfzurVc9lZDp Show response
at1.listrakbi.com/activity/ 111 B
703 B 99ms
98ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/LfzurVc9lZDp?vuid=a77776cc-32ce-442f-9f54-3d8c4d9d625f&uid=FAA2E949-E099-4B7C-837C-9D2AF70F6E63&gsid=f194fae0-5160-44b3-9294-fad9f23a1f1f&sid=e7576492-2669-4b00-8853-7aa2b076f171&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fwww.planttherapy.com%2Fshipping
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 614cdd4f0f37c40ae434194d78f4b1d4062e1d71110ba1b9828265282f72b197

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 status Show response
planttherapy.zendesk.com/talk_embeddables_service/web/ Frame 307E 108 B
648 B 195ms
192ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://planttherapy.zendesk.com/talk_embeddables_service/web/status?subdomain=planttherapy&nickname=Customer%20Service

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc080fc9110f766bcfcf2937a22f5b55f39a84d3b05be9f790771a1eb694ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-dns-prefetch-control: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sNodgyBVFS3yIGdHtLPD3YetrvJ7AZdMTMvGzIo0ondzKkfXDUqFPLQzscpc%2Bbqx6uFj5Sm1416l8pmQBzZG%2Be6l8Cjo8O7%2FZGkhQqcQR%2Fb3ZzZFUC25ufE%3D"}],"group":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains
cf-request-id: 06f576160d0000cdb306b4b000000001
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6c-dqarXL/miSehMNte2tUwPWW4aII"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining: 499
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-ratelimit-reset: 1607724762
x-ratelimit-limit: 500
cf-ray: 60028c69ad73cdb3-CDG

GET
H2 200 embeddable_blip Show response
planttherapy.zendesk.com/ Frame 307E 0
450 B 189ms
188ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://planttherapy.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly93d3cucGxhbnR0aGVyYXB5LmNvbS9tbTUvIiwidGltZSI6ODQxLCJsb2FkVGltZSI6MTU3LjMzNDk5ODI1MDAwNzYzLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiU2hpcHBpbmcgYW5kIFJldHVybiBQb2xpY2llcyB8IFBsYW50IFRoZXJhcHkiLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzYiLCJpc01vYmlsZSI6ZmFsc2UsImlzUmVzcG9uc2l2ZSI6dHJ1ZSwidmlld3BvcnRNZXRhIjoid2lkdGg9ZGV2aWNlLXdpZHRoLCBpbml0aWFsLXNjYWxlPTEiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6Ijk2YjY5ZjBlMzllNzBkMWI3OWIzMmUzNTU5MmE3NzM4Iiwic3VpZCI6IjQ2Zjc3OWExODI5NmJlYTMwYjkxYzBjODEyZDI3OTE5IiwidmVyc2lvbiI6ImE3YmQ4OWI0NiIsInRpbWVzdGFtcCI6IjIwMjAtMTItMTFUMjI6MTI6NDAuNjIwWiIsInVybCI6Imh0dHBzOi8vd3d3LnBsYW50dGhlcmFweS5jb20vc2hpcHBpbmcifQ%3D%3D
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ccbc82c9f877226a18ba.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ixhz13YRpKEccj5jkdiZsJrJJ6IVvv%2FOp%2F30gT1KnP3MkoNZidmRT5x8yjyIkcw9X650cQajnm%2BTk4WKsEGLUgnwZ2Yf%2FvoFt7zkxwst3Xvc7F0bJ4HcQXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-store, no-cache, must-revalidate
cf-ray: 60028c69ede1cdb3-CDG
cf-request-id: 06f57616350000cdb339149000000001

GET
H2 200 LfzurVc9lZDp Show response
at1.listrakbi.com/activity/ 111 B
704 B 97ms
96ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://at1.listrakbi.com/activity/LfzurVc9lZDp?vuid=a77776cc-32ce-442f-9f54-3d8c4d9d625f&uid=B4D500DD-AA1C-4353-BD7B-59F119BEA116&gsid=f194fae0-5160-44b3-9294-fad9f23a1f1f&sid=e7576492-2669-4b00-8853-7aa2b076f171&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 614cdd4f0f37c40ae434194d78f4b1d4062e1d71110ba1b9828265282f72b197

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame 641C 0
387 B 31ms
31ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jac=1&je=3133352626706d3d66672e626974737c3d7b206e6576656c2238332c38322e20737663747573223a2a6b60617a67696667227f24617564683d643b6669323b6037303366316136626e6969366e30303965633b3134353832636137323f3334306560306237613638393130343035626d663036356164373731

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 tDbM2oWUg0MKoZw1-LPK89D4hAA.woff2
fonts.gstatic.com/s/arvo/v14/ 10 KB
10 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arvo/v14/tDbM2oWUg0MKoZw1-LPK89D4hAA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79419e0e3612d8c598e40cc447ddc3f97f04e27d6b4fd7c2f00451b91471232e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 10:12:29 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:25 GMT
server: sffe
age: 216011
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10624
x-xss-protection: 0
expires: Thu, 09 Dec 2021 10:12:29 GMT

GET
H3-Q050 200 4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Dec 2020 01:17:43 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:02:49 GMT
server: sffe
age: 593697
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13588
x-xss-protection: 0
expires: Sun, 05 Dec 2021 01:17:43 GMT

GET
H3-Q050 200 4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v15/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyNPYZvgw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.planttherapy.com
Referer: https://fonts.googleapis.com/css?family=Arvo:400,700%7CUbuntu:300,400,500,700&subset=latin,latin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Dec 2020 13:30:01 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:13 GMT
server: sffe
age: 290559
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13848
x-xss-protection: 0
expires: Wed, 08 Dec 2021 13:30:01 GMT

GET
H2 200 ltkPrefCenterFrame Show response
services.listrak.com/API/S/ 3 KB
3 KB 104ms
104ms Script
text/javascript 142.0.93.34
LISTRAK-AS1

General

Check archive.org

Show headers Download Go to

Full URL: https://services.listrak.com/API/S/ltkPrefCenterFrame
Requested by: Host: cdn.listrakbi.com
URL: https://cdn.listrakbi.com/scripts/script.js?m=LfzurVc9lZDp&v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.0.93.34 Lititz, United States, ASN394396 (LISTRAK-AS1, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a20475110b6665b6a8ffef06d071c7a77507fc167cd9ef860fffb408f2facd74

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 11 Dec 2020 22:12:40 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/javascript; charset=utf-8
cache-control: private,no-transform,public,max-age=3600,s-maxage=7200
content-length: 2665

GET
H/1.1 204
204 clear1.png;CIS3SID=514D364F1615AB37196713F0C653DCE4
imgs.signifyd.com/fp/ Frame 641C 0
386 B 35ms
34ms Image
image/png 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/fp/clear1.png;CIS3SID=514D364F1615AB37196713F0C653DCE4?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jf=34333a267369645f7a666c3d7c647257665360526b5169736e605474504b5a6a26716b645f6461746d3539363837373a34373432267369645f767b726d3f756762386763647361267b616c5f636579353330373b33303133303432353a633a34343a61653364303238393836383832693836363a636533643031323338353231343032303034613238693d383039346a6561343236656361343561316a32346330666732343533653a6939323b62636a34393b323562313933333b3b3936306337353337646561386e6e30626b35646c383564373561613663613b366b613761343a6337346237316d3069326d6236696431323038343865373534643a36643a6137346566302673616c577361673d3b30343432323231303066356069643b3b36666065643931613a3131643938393e3838326432353664383732323964303530326331656231366a6c3f386e6264393236633738303961643230303932326466303437663439366d3a3a333b38653d3239643239363539366037616c32353062613b66316165386a3d6d316a30343f34346436356436643533313a69673a24736b64723d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:40 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 307E 19 KB
20 KB 65ms
65ms Media
audio/mpeg 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 11 Dec 2020 22:12:41 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: AC72A4688A536830
x-amz-server-side-encryption: AES256
cf-ray: 60028c6d4908a873-CDG
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LYYBMjli0asDNXpO0T32buDmtzDcoYiePt+OmXZule23UpZ0M/ls2K4Me0Wr+NYHF9yDLBQfs9k=
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 06f57618520000a8736e3fc000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H/1.1 204
No Content clear.png Show response
imgs.signifyd.com/fp/ Frame 641C 0
387 B 33ms
32ms Script
text/javascript 91.235.133.4
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png?org_id=w2txo5aa&session_id=0c2d1aed899e91a9da3bdad0e7c38766&nonce=ee40f300b7e9fbff&jac=1&je=353a2426776562727c6b57657074657a6e616e5d69703d38322c33323a2c333a2e3333342677696d357f6d627a746357696e7667726e616c5f6f666c7b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.4 , Netherlands, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Dec 2020 22:12:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1336317/log/3/ 0
295 B 30ms
29ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1336317/log/3/unip?en=pre_d_eng_tb&tos=4575&scd=40&ssd=1&est=1607724758736&ver=27&isls=true&src=i&invt=3000&tim=1607724763311&vi=1607724758734&ri=d34919484494b6bbaaca6fe1be242110&sd=v2_7a4da05f2e3c711dcca3b7c06a9a4d54_8e6dc9ae-002a-469f-b9af-6947b2f2d88d-tuct6cd7456_1607724758_1607724758_CNawjgYQ_cdRGM7t857lLiABKAEwSjjE1whA9YsQSLv91wNQr6EPWAFgAGjipqqRsq2X4nA&ui=8e6dc9ae-002a-469f-b9af-6947b2f2d88d-tuct6cd7456&ref=null&cv=20201123-29-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1336317/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:43 GMT
server: nginx
x-fastly-to-nlb-rtt: 9123
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.11:10213

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
211 B 13ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1126405057&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.planttherapy.com%2Fshipping&ul=en-us&de=UTF-8&dt=Shipping%20and%20Return%20Policies%20%7C%20Plant%20Therapy&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Dwell%20Time&ea=00%3A10%20on%20page&_u=aGhAAEArAAAAAC~&jid=549084940&gjid=628001776&cid=319928323.1607724759&tid=UA-34949153-1&_gid=2095880862.1607724769&_r=1&gtm=2wgbu0W7WZ5PT&z=1284399006

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=549084940&gjid=628001776&_gid=2095880862.1607724769&_u=aGhAAEArAAAAAC~&z=961656441

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Dec 2020 22:12:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.planttherapy.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 17ms
16ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=549084940&_u=aGhAAEArAAAAAC~&z=545495673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-34949153-1&cid=319928323.1607724759&jid=549084940&_u=aGhAAEArAAAAAC~&z=545495673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.planttherapy.com/shipping
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Dec 2020 22:12:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Verdicts & Comments Add Verdict or Comment

378 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.planttherapy.com/	1970-01-19 23:21:00	Name: mm5-PT-basket-id Value: 0b0362990a0c6df2ac4987f11c94a7a7
www.planttherapy.com/	1969-12-31 23:59:59	Name: miva-PT-signifyd Value: 0c2d1aed899e91a9da3bdad0e7c38766:faa249b78291cfd058f438301c11a0af0898929224af9e722b020648e1f7c3ba
.planttherapy.com/	1970-01-19 15:18:36	Name: __cfduid Value: de441d03215cc483fbfeb7b27997524d71607724754

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 3) Message: "_ltk.Signup.New: Footer Signup" is running v2...

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acsbap.com
acsbapp.com
ajax.cloudflare.com
ajax.googleapis.com
apis.google.com
at1.listrakbi.com
b1img.com
bat.bing.com
bt.signifyd.com
cdn-scripts.signifyd.com
cdn-swell-assets.yotpo.com
cdn.acsbapp.com
cdn.listrakbi.com
cdn.planttherapy.com
cdn.searchspring.net
cdn.swellrewards.com
cdn.taboola.com
code.jquery.com
connect.facebook.net
container.pepperjam.com
ekr.zdassets.com
enews.planttherapy.com
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
h.online-metrix.net
imgs.signifyd.com
js.b1js.com
m1.listrakbi.com
maxcdn.bootstrapcdn.com
mediacdn.espssl.com
onescript-recscont.listrakbi.com
p.typekit.net
p.yotpo.com
planttherapy.zendesk.com
platform.twitter.com
s1.listrakbi.com
script.hotjar.com
services.listrak.com
static.hotjar.com
static.zdassets.com
staticw2.yotpo.com
stats.g.doubleclick.net
tags.b1js.com
trc-events.taboola.com
trc.taboola.com
use.fontawesome.com
use.typekit.net
vars.hotjar.com
w2txo5aalew36wwm4bdqynxng72e5noyn34n5wj2ee40f300b7e9fbffam1.e.aa.online-metrix.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.planttherapy.com
www.upsellit.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
104.16.53.111
104.18.71.113
141.226.228.48
142.0.93.11
142.0.93.34
151.101.113.44
167.172.136.187
192.229.233.223
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:2b
208.118.62.69
23.111.9.35
2600:9000:206f:c200:16:98e8:3c0:93a1
2600:9000:2104:c800:1d:16cb:5a80:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:c02
2606:4700::6810:a823
2620:1ec:c11::200
2a00:1450:4001:801::200a
2a00:1450:4001:802::200e
2a00:1450:4001:808::200a
2a00:1450:4001:817::2003
2a00:1450:4001:817::2004
2a00:1450:4001:81d::200a
2a00:1450:4001:820::2008
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c0c::9c
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:294::1d72
2a02:26f0:6c00::210:ba0a
2a02:26f0:6c00::210:baf8
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.88.253.15
34.102.245.58
35.157.53.241
52.204.247.49
52.207.51.121
54.160.201.253
65.9.68.67
65.9.68.85
65.9.73.11
65.9.73.24
65.9.73.77
65.9.73.87
65.9.81.12
91.235.132.130
91.235.133.4
91.235.134.131
93.184.220.43
02dcd37584e108e7e583470ec431cff8f6c1f25b40b6a93c67af4aab187ffeda
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b6a7c29f77bc3f3f287fb12e0fd1117c67bec8be147c17689f4ceaf8426c2c
0706da2aba61254011b66a5c12060c0505cb0c5815fb297ee0004b547ffdbc95
07c11651c7d7d1133b696cfb396b2d60b02bf481768ba5c7c27f0a7c3c93e1cc
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e6a8ebb415b2e0f742a329be7950247d3a421ebaf9182826b6f6200fa272e8c
0eba18a748dec05c423f76a5ac0f578cc182aa2ba90440163537d417648c3a8d
0f190d130feed43ee2dc5a9a22d331a52f9dd2a42a8d2ddd31a7416b0393ab0b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12deb5082d9a265422916da8c3f6b1db8636ff8a5a72e0cad6cdf62f1ef5fc93
144375ccd8f305298b6186c536da15ae5ae6605681dbfd30440c516f39ded5f0
16ba7ba4b24376f1a72fe96679c37dd6ff22cd15767c7ca1b599b2ee719fe4ce
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20b4d216b7c1023f38a112e249e6c3c9a58b772752f41b6edd3845b1c5fde1a0
2264db590c13810b3b4e9c0d472e161fc109d6d08b23881185d1301268676ebe
238fc2d94c55d43d8d351197934d4d9a650f48e27dca1d48aa0b17b76eb72c01
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
272b0425333076fbbececec519160e640edab34c949e3e39a3e21d25e4df2e10
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2bdc4efe959c48b8ca4ebade0a099ea1b2912402d8030e2cbab2315c07049703
2cc2fd399006222050fc822b1d72e30d87fbf89a86fdea140261950d99b865b2
30105f7f4ac4c29a1d4261ac12a3b4ef9453b9ea865d5d35612ed923820cba02
342f638342f2266e2a64ccac3b45273ffcb19d6844fc89fc8e668c75249d2231
35ae6c4e716d5236408527a2d3e31346fb6dbc63899e390d033db937c34c4d30
3e43d592d0aa592f24ad510ef3f453a51bba24a9534a07a55a9685b4d4b3f2cb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
42f0dbd0961ceeace87f99f67ccb07e2cd37d09f1ceecd08d2f51ea33d23505c
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4734b6ead164acca3543cbe8059e555e73b0cd1f07056828928772af9546cc16
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4c47fc32b64d051ebb6df27a6fbfc17649393a5b687059ab622f2f9011507d53
4ca50f96eb85276280804ea8e7b8f87e8800dd30274276cb8b41e62fec119c77
4d089cc150598d19c7892c08d5558bfd0679c9e0226cca5b3a2450e7306578ed
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
517a34276dc6b18e7c47eeb6fe74de3f5182b77f1cbc06292ebede93698a532a
571520270d476652f33702e6a3a23092431355fddf3c834f65793e66d6af3cbd
5a0754eea5deec63375e001df80b62e0aed057d6f834978c4dfac3d6ddc44081
5b348fe0866f6f89ee46d3ebfff284d6bee260a15e9c1d98f61296a66b9acdec
5b5d7e52393264bb0ad18f23efd8f15a240f5cf56b581cd00f36a793ac7ea940
5c8d61157b9f632fd7ba281e68de890d7529c6703d22df048761d9ec99402e2e
6056dc10cfd419dae02abeb3ff434d74021e0339b4dba6090ba50216076985e6
614cdd4f0f37c40ae434194d78f4b1d4062e1d71110ba1b9828265282f72b197
620ce72ef6107b8cb5a7dbc8be4e0af940b88cade3279bf1e0ad2978d6fef8e6
62dd1591b85ac94338ebf05423aaf78e49e4a9c26ce929d2286c648c67f22686
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
68e37f87a84099550ac6fbe88fb6cb5af18a66fe38e2a4a4d2d6b196e034ca99
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b05e742f43c5e3abde607c78adfb44679b3b283208c439392eb886b6aed5fc8
6cd2c4f7c32d76dfddf8850d4d93209e41914394cd46184978e5c4cec5986f3d
6f30ff9ba4b2c9a2a5dbdf63aee794a4b8e4a31adb4e91606943ac0b422b9a76
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79419e0e3612d8c598e40cc447ddc3f97f04e27d6b4fd7c2f00451b91471232e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8621200746813cb03e433f07ddb07b35b9347842fe7fb480c5eaff124c9c297b
8c131ce763682c42683e41989cf76c23d4f286a7a594a1d24758a121cc9afcc5
8fad349b03c56c3c503c1b1aed617b9557888611b3e2d0718c9483e18a8f38b9
8fe24463504e3dd9e313848538f3cffe1dcb04fcd50f2b446c690aec554d6947
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
957f3a81d57b42875e7b2b3c033b1f86fc5fcc9a0c6b2416cef0ed0c8471c49a
96de2a09b230e71dd4601591dbe208bf75fba3bad4af28c95d05dc08ef03a8cb
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9d83e7cda3ff6c3ffe85ec390da052257d18df60dca9751dac386d1994f76029
9de171726dbc73769f1b5a332b02d5305acf001dccf0261ba43fb7f03d51606a
9ee8a03a0d33d31814c0c0a926acb936056686d6104fc0ce7e5d52db46a011d4
a068e44e982adc07bc347d2570cd67453d4adc5d8989356311b63cc42a85ade9
a20475110b6665b6a8ffef06d071c7a77507fc167cd9ef860fffb408f2facd74
a3e79257988d1a9a46d7dfce1d046b22a910ce7e656cf40c84154a93f8b48ee8
a9437e3f1d79a5e09c08deb1b826d4b5a1063000e8db20f1eb05dba66b2b937c
aa5f431c14923c105dfaf6b1bb016dab19c0347ccb641b2de8d6a2623e8dd7a1
af1f298c793498fe8d6ad4006cff127be33466755c69ba3f28c58c23d9ceed55
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b7dc08c2098e6ea593fa6caa85c6dfb37ab7dd706cb869d0beb015f05d859ddf
bb8fa5f5216fa65fb3b0cfc76de29efaf4e6ff82a281dc540fb568d4767f688e
bc6a1aa69b431847bbfe2d77d5f0b8b76ef484871ffd8a2789b80b425e206119
be535ea59f5950223e23ad83eb03351c5508274b83291f8be7bb1482f2a3f830
c01f3d4527d4c5a40148a935c01e0bc61f4a9da20ac23f23a004d3470aa0dc7a
c0845965bb6f39caab6e9132495f4c6e773db92584cc4a2d8359aaf06f193424
c18ffc44532d06dc6a238f52a6a3ab1c2e69f2dd9bae006f77e57c0c98591636
c437f8960f19f5cc8e6996a7df7913c4d0935bc1cb58c4c459389a28b82b5bc1
c854db82e26b7016d128caebcc4613f068c88146bffd8970945bfb2ecc4ec27c
c944171397bd540da3b19db337e8bdcfd43fcbb7a4ce77ab1b0d3ebcc5360d3c
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cd6276ffa98ea3a10f852a9d074ee26f45619b02ee5d407ae678f9dd6f235228
cf7a2b3976c3af63dc2bca70cc5625a26341f19b1ccd484feddf076df895ed58
d1be10e5e6aa281178dc59390ffc7ae8ccba107ebe14e8a7a03fd3905620c938
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d64cb98efa249227d8e32ef4290ee57fe479bb3a9f4b53ae0f402b0286af1d91
d85fdb38867dbfd85d49d3711045f03ba72cccfc3217003f911b34d18a05d580
da5c2854bcf01d73044e5c02520c52f5be336b2067911efa374da8645c123a28
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e17857cb74ff8bb8c18929844a2d0ff42bd36dee42113f85a8831ad42ef6eb79
e25d65f020f2bb10f8aa86568b527bba648a17396d239331e7e45a0139879ecc
e3a86447576ceb41c8372fee42c4a8bec5a0eb30f244924c87a494632708821f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e6c5fa7c3fdff8f0c6b346ce52f0345697a40ffa7a026a1729ef2717ef91aaf2
eb125d3d333c45b2ff5e9ba160bc8a3bc84e5dd4a307a49e7b673bf240325285
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ebc080fc9110f766bcfcf2937a22f5b55f39a84d3b05be9f790771a1eb694ade
ec8235b4fb4d0f47d0986dbab83a328d9766c4b8cc447e4db0d3b5002c87527a
ee9449af080a182c2e2d640e103920ef535dc35c2e9c300bbd57d2f8d5e6dafc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef69fed3dfb5e2204eec4e9e45b120ad0738640dcaf1dd82be51d4dad5db3cf7
f196f51f926eab1f1edc69fd69fd98a7cc8a90d501326332ff83b8faf18e3b20
f543cd5aeb0ac8f31c5157d6039161093fb8d0a6b586c1204c9ca920544cdc7a
f591ede8d22d9d295769a027bacb25723adf2d112ef2e00047904e58a6b8ae1b
f6c9b8109e6eae1fe6efc6a2644ce4677643499796463a9955ec568d7eb2f9c0
f9bea2f56c7336461e204e5c6c6ca010d46576bf708d47ff6adfa5c4fd7f883b
fd4fccf91983ebb9cef26cb4719dc82a7088fdd5c9ed470e0eda2cb2dc4fd0de
feb77df2b9d662851af32759b39c683616c3b27e1f545b713619f178b7eefdf0

www.planttherapy.com Open in urlscan Pro 2606:4700:10::6816:c02 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

152 Requests

99 %HTTPS

47 %IPv6

36 Domains

57 Subdomains

51 IPs

7 Countries

2948 kBTransfer

10133 kBSize

3 Cookies

10 Outgoing links

Page URL History

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.planttherapy.com Open in urlscan Pro
2606:4700:10::6816:c02 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

99 %
HTTPS

47 %
IPv6

36
Domains

57
Subdomains

51
IPs

7
Countries

2948 kB
Transfer

10133 kB
Size

3
Cookies

152 HTTP transactions
1 data transactions