account.betterplaceforests.com Open in urlscan Pro
172.67.70.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.betterplaceforests.com/
Effective URL:
https://account.betterplaceforests.com/users/sign_in
Submission: On July 11 via automatic, source certstream-suspicious (July 11th 2024, 3:27:13 pm UTC) — Scanned from US

Summary HTTP 44 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 1 countries across 14 domains to perform 44 HTTP transactions. The main IP is 172.67.70.124, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.betterplaceforests.com.
TLS certificate: Issued by WE1 on June 20th 2024. Valid for: 3 months.

This is the only time account.betterplaceforests.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 15	172.67.70.124 172.67.70.124	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:20:... 2606:4700:20::681a:6ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:247... 2600:9000:247b:c00:1c:3c23:a440:21	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 4	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::9a	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:29:1... 2620:1ec:29:1::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2602:816:5001... 2602:816:5001::39	54113 (FASTLY) (FASTLY)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	20.114.189.70 20.114.189.70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
44	17

15 172.67.70.124 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

account.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trees.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:6ab (United States)

ASN13335 (CLOUDFLARENET, US)

trees.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o617827.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:247b:c00:1c:3c23:a440:21 (United States)

ASN16509 (AMAZON-02, US)

dmrpcq96wq0sx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:816:5001::39 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.114.189.70 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

t.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	betterplaceforests.com 3 redirects account.betterplaceforests.com trees.betterplaceforests.com tracking.betterplaceforests.com analytics.betterplaceforests.com	947 KB
5	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1094 c.clarity.ms — Cisco Umbrella Rank: 1823 t.clarity.ms — Cisco Umbrella Rank: 9056	28 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 530 c.bing.com — Cisco Umbrella Rank: 379	16 KB
4	cloudfront.net dmrpcq96wq0sx.cloudfront.net	169 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	4 KB
2	google.com analytics.google.com — Cisco Umbrella Rank: 239
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 232	151 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 110	221 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 449	627 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 1449	32 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 208	254 B
1	gstatic.com fonts.gstatic.com	16 KB
1	sentry.io o617827.ingest.sentry.io	299 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 108	1017 B
44	14

	Domain	Requested by
12	trees.betterplaceforests.com	account.betterplaceforests.com trees.betterplaceforests.com
5	account.betterplaceforests.com	2 redirects account.betterplaceforests.com
4	tracking.betterplaceforests.com	1 redirects account.betterplaceforests.com
4	dmrpcq96wq0sx.cloudfront.net	trees.betterplaceforests.com
3	bat.bing.com	account.betterplaceforests.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	account.betterplaceforests.com
2	www.clarity.ms	account.betterplaceforests.com
2	analytics.google.com	account.betterplaceforests.com
2	connect.facebook.net	account.betterplaceforests.com
2	www.googletagmanager.com	account.betterplaceforests.com
1	bam.nr-data.net	account.betterplaceforests.com
1	t.clarity.ms	account.betterplaceforests.com
1	c.bing.com	1 redirects
1	js-agent.newrelic.com	account.betterplaceforests.com
1	analytics.betterplaceforests.com	account.betterplaceforests.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	o617827.ingest.sentry.io	account.betterplaceforests.com
1	fonts.googleapis.com
44	20

This site contains links to these domains. Also see Links.

Domain
www.betterplaceforests.com

Subject Issuer	Validity	Valid
betterplaceforests.com WE1	`2024-06-20` - `2024-09-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.gstatic.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-19` - `2024-07-18`	3 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 04	`2024-06-19` - `2024-12-16`	6 months	crt.sh
*.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-03-21` - `2025-04-22`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://account.betterplaceforests.com/users/sign_in
Frame ID: 6AE34A59708C30E1D2E9B7738F326D4B
Requests: 41 HTTP requests in this frame

Frame: https://account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js
Frame ID: 75D829EEAD424FDBCD4877A79E6F20E6
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Better Place Forests - Sign In

Page URL History Show full URLs

https://account.betterplaceforests.com/ HTTP 302
https://account.betterplaceforests.com/users/sign_in Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

44
Requests

93 %
HTTPS

71 %
IPv6

14
Domains

20
Subdomains

17
IPs

1
Countries

1583 kB
Transfer

3853 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.betterplaceforests.com/help
Title: Visit Help Page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.betterplaceforests.com/ HTTP 302
https://account.betterplaceforests.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://account.betterplaceforests.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js

Request Chain 22

https://tracking.betterplaceforests.com/analytics.js HTTP 302
https://tracking.betterplaceforests.com/packs/js/analytics-ebfa4dec17f2b2cec697.js

Request Chain 38

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&RedC=c.clarity.ms&MXFR=3A509C2032A6604C2EAB889936A66EF4 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&MUID=19CD3808E9E46C9A3C402CB1E8766D96

44 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request sign_in Show response
account.betterplaceforests.com/users/
Redirect Chain

https://account.betterplaceforests.com/
https://account.betterplaceforests.com/users/sign_in

70 KB
27 KB

367ms
367ms

Document
text/html

172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7420ec488967f3b39bf571baee63a53c0cc50b291598b0d57468b7761a743e15

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0, private, must-revalidate
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 8a19d0cc5b068403-LAX
content-encoding: br
content-security-policy
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 15:27:05 GMT
link: <https://trees.betterplaceforests.com/packs/js/application-efd45b0885505769f4a2.js>; rel=preload; as=script; nopush,<https://trees.betterplaceforests.com/packs/js/error_tracking-21eb3786deea012433f8.js>; rel=preload; as=script; nopush,<https://trees.betterplaceforests.com/assets/fa-icons-f5350598699834ae2392963288089ac5d26601172eec64e0a2b7634de4782b72.css>; rel=preload; as=style; nopush,<https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css>; rel=preload; as=style; nopush,<https://fonts.googleapis.com/css?family=Roboto:500&display=swap>; rel=preload; as=style; nopush
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720711625&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=HCUFILUvmZg7ZMRiwQUL5qrpPLoG8FujPv%2FTD%2FIoVXM%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720711625&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=HCUFILUvmZg7ZMRiwQUL5qrpPLoG8FujPv%2FTD%2FIoVXM%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: e2874442-5b34-4a38-a9a3-6acadd49b202
x-runtime: 0.017004
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-apo-via: origin,host
cf-cache-status: DYNAMIC
cf-ray: 8a19d0ca38698403-LAX
content-security-policy
content-type: text/html; charset=utf-8
date: Thu, 11 Jul 2024 15:27:05 GMT
location: https://account.betterplaceforests.com/users/sign_in
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720711625&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=HCUFILUvmZg7ZMRiwQUL5qrpPLoG8FujPv%2FTD%2FIoVXM%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720711625&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=HCUFILUvmZg7ZMRiwQUL5qrpPLoG8FujPv%2FTD%2FIoVXM%3D
server: cloudflare
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
via: 1.1 vegur
x-request-id: 857c26ba-09d5-4da3-819a-f1a3171d4135
x-runtime: 0.004920

GET
H2 200 application-efd45b0885505769f4a2.js Show response
trees.betterplaceforests.com/packs/js/ 951 KB
193 KB 507ms
315ms Script
application/javascript 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/packs/js/application-efd45b0885505769f4a2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cdcbdcd9dc6f27f233ccf3ac724461d3e32804a5963d58b910a99c0c72f8de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: br
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
age: 6030
alt-svc: h3=":443"; ma=86400
content-length: 197811
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D
last-modified: Mon, 01 Jul 2024 16:45:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0cfdd5d7bf1-LAX

GET
H2 200 error_tracking-21eb3786deea012433f8.js Show response
trees.betterplaceforests.com/packs/js/ 118 KB
30 KB 433ms
241ms Script
application/javascript 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/packs/js/error_tracking-21eb3786deea012433f8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7672abb72a251fd417f5a096ca5a8ce4723ee4b5b536b1b90bfd06aa2029608b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: br
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
age: 6030
alt-svc: h3=":443"; ma=86400
content-length: 30105
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D
last-modified: Mon, 01 Jul 2024 16:45:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D"}]}
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0cfdd607bf1-LAX

GET
H2 200 fa-icons-f5350598699834ae2392963288089ac5d26601172eec64e0a2b7634de4782b72.css
trees.betterplaceforests.com/assets/ 60 KB
13 KB 439ms
247ms Stylesheet
text/css 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/fa-icons-f5350598699834ae2392963288089ac5d26601172eec64e0a2b7634de4782b72.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a0006eceb413462f0630e3c13954f5882d24f55bee2bd4d32c704dca7f1d019

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
age: 6030
alt-svc: h3=":443"; ma=86400
content-length: 13387
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720646146&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=JXN3XgIX8l70cYCKUbjdN27tGFci0uJhCOr4bTWHXIQ%3D"}]}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0cfdd527bf1-LAX

GET
H2 200 dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
trees.betterplaceforests.com/assets/ 378 KB
61 KB 441ms
250ms Stylesheet
text/css 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90a2e1a38b97c7de8e414e6061fddaadbfcf7d20a98bf3d802440fc1633b7d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: gzip
via: 1.1 vegur
strict-transport-security: max-age=63072000; includeSubDomains
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
cf-cache-status: HIT
age: 6030
alt-svc: h3=":443"; ma=86400
content-length: 62535
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720646693&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=hCNjj%2BF4TZmAcwljBBfavOCfcPsojjjSeM9V1KvkXXg%3D
last-modified: Wed, 12 Jun 2024 00:04:48 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720646693&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=hCNjj%2BF4TZmAcwljBBfavOCfcPsojjjSeM9V1KvkXXg%3D"}]}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0cfdd5b7bf1-LAX

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1017 B 682ms
158ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 14:19:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jul 2024 15:27:06 GMT

GET
H2 200 bpf-logo-white-8874ee7a6992a1ce0f1c34bc14ac7fecc93a8551f8915009f3fd2d830a14db9d.svg
trees.betterplaceforests.com/assets/ 10 KB
5 KB 84ms
83ms Image
image/svg+xml 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/bpf-logo-white-8874ee7a6992a1ce0f1c34bc14ac7fecc93a8551f8915009f3fd2d830a14db9d.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94850418771633bf9d0d81ecad7b3246b978515437e46665919cdc7d9289b03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 497
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D
last-modified: Thu, 02 Feb 2023 21:33:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a19d0d0ce947bf1-LAX

GET
H2 200 bpw-logo-white-986e81f7f7702eed553e6a313a23f74cdc8118d8f5f11c3a80b558054ef3dfa2.svg
trees.betterplaceforests.com/assets/ 7 KB
2 KB 85ms
84ms Image
image/svg+xml 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/bpw-logo-white-986e81f7f7702eed553e6a313a23f74cdc8118d8f5f11c3a80b558054ef3dfa2.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a1569f15a4fdbeedb7461f2565fa6c1f263cbbcf56b3dc046e0edd33b1e42e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 497
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D
last-modified: Thu, 02 Feb 2023 21:33:30 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a19d0d0ce957bf1-LAX

GET
H2 200 google-g-logo-855e5f00daab2eed2d60e63513f5294dc8c9ec347c3df962cf4d9d6c2e507900.svg
trees.betterplaceforests.com/assets/login/ 2 KB
1018 B 140ms
139ms Image
image/svg+xml 2606:4700:20::681a:6ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/login/google-g-logo-855e5f00daab2eed2d60e63513f5294dc8c9ec347c3df962cf4d9d6c2e507900.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ab , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 497
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648628&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=rr%2BtedtQYf9FRZSDurp2fseKI1xNnVNWhRK1rW9BQVQ%3D"}]}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 8a19d0d15f1d7bf1-LAX

POST
H2 200 / Show response
o617827.ingest.sentry.io/api/5751258/envelope/ 2 B
299 B 319ms
133ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o617827.ingest.sentry.io/api/5751258/envelope/?sentry_key=7944495ba280454c80e73647c55b8cbe&sentry_version=7

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 356 KB
112 KB 657ms
369ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da2f7b61b20ca24016d4f31dd98e7e3ce9e46c563efaf171b1d8b593426f1c30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113827
x-xss-protection: 0
last-modified: Thu, 11 Jul 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jul 2024 15:27:07 GMT

GET
H3

200

main.js Show response
account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/ Frame 75D8
Redirect Chain

https://account.betterplaceforests.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js?

8 KB
4 KB

86ms
85ms

Script
application/javascript

172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js?

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7412f80a21c1edd1cc3fa8aba048a1c9ae0910b691a01943463c35b95bffa26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tWWbzvqduHXmcN6kferzilmHpowcMDeoDv8VJDtbQFM%2FDDgmJ69q4GKvYdmQd3p78Jx5lqBDHPPEi2WImxBJoysPXxIwuiolDcR2XCwb5OH0t%2BQkGc8BvdEc7mwaUZpQl570czoffu6tqWcPR%2BVyeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8a19d0d3ed538403-LAX
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Thu, 11 Jul 2024 15:27:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ShtO2DngSjbK8PmVtrViQ6P%2FnscXDE0OXFpUwL6hJ6O2ZoXA%2FTI%2FYHPNOWNgoby1IzHm2ZOrjAVkUpIZ1h7BIwxFVHslci4nr0aHoVn6yUpksu1LI3w0vPJRCXxjUoSaL%2FUpCdPOmLqvA1C3sah3Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/191f93ebdf8e/main.js?
access-control-allow-origin: *
cache-control: max-age: 300, public
cf-ray: 8a19d0d35c9a8403-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 splash-default-924dc8940b6c30bf66adec3b97b3aaf9c67e529a7952b2b7fc220cb88f8c84fe.jpg
trees.betterplaceforests.com/assets/login/ 478 KB
479 KB 231ms
231ms Image
image/jpeg 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/login/splash-default-924dc8940b6c30bf66adec3b97b3aaf9c67e529a7952b2b7fc220cb88f8c84fe.jpg

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
alt-svc: h3=":443"; ma=86400
content-length: 489809
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D
cf-bgj: h2pri
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D"}]}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0d35abc7c1b-LAX

GET
H3 200 mound-bottom-center-72ac78af65412d15e4e88503823e4665d31770f51cf97268b50402ba8271b643.png
trees.betterplaceforests.com/assets/glyphs/ 11 KB
11 KB 153ms
153ms Image
image/png 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/glyphs/mound-bottom-center-72ac78af65412d15e4e88503823e4665d31770f51cf97268b50402ba8271b643.png

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 497
alt-svc: h3=":443"; ma=86400
content-length: 11141
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D"}]}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0d35abd7c1b-LAX

GET
H3 200 leaf-top-left-a1e6f27b8a6683d432e42a77e3c132f6e95099dc1eb417a9eb0fc26a4663359a.png
trees.betterplaceforests.com/assets/glyphs/ 29 KB
29 KB 82ms
81ms Image
image/png 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/glyphs/leaf-top-left-a1e6f27b8a6683d432e42a77e3c132f6e95099dc1eb417a9eb0fc26a4663359a.png

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 378
alt-svc: h3=":443"; ma=86400
content-length: 29254
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D"}]}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8a19d0d35abf7c1b-LAX

GET
H2 200 IvarHeadline-Regular.woff
dmrpcq96wq0sx.cloudfront.net/fonts/ 40 KB
40 KB 760ms
433ms Font
application/font-woff 2600:9000:247b:c00:1c:3c23:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/IvarHeadline-Regular.woff
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c00:1c:3c23:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 958d3e1b09354b7c4a905542511e6f8565985c7d4151ba272c500216386c3d96

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 12:03:48 GMT
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 00:19:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
age: 12200
etag: "47235d42dbb4d36a4fff23d2b36ebc82"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 40592
x-amz-cf-id: fjYINYfABbgFzZRKbLi3CQC6x_55L4-gqLDhntPzzJytkEwecCLkLA==

GET
H2 200 IvarHeadline-Medium.woff
dmrpcq96wq0sx.cloudfront.net/fonts/ 40 KB
40 KB 634ms
307ms Font
application/font-woff 2600:9000:247b:c00:1c:3c23:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/IvarHeadline-Medium.woff
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c00:1c:3c23:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5864ab855fabcf14c9e8174c298293b5f186015db1a332b545b4de4173d29d14

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 23:54:54 GMT
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 00:19:43 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
age: 55934
etag: "4bb5bcefc77c9e30cd427c61bc3795d2"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 40904
x-amz-cf-id: kIuXgv_X7LQDhkOQak5dOGYZOL4dADsltqENtqt_fnkZD6t8wsHNgQ==

GET
H3 200 fa-brands-400-0639ba66f80fefd2309b4ef0b809f529df0d444c18ebb74067b8badfae2d0716.woff2
trees.betterplaceforests.com/assets/font-awesome/ 77 KB
77 KB 284ms
207ms Font
application/font-woff2 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/font-awesome/fa-brands-400-0639ba66f80fefd2309b4ef0b809f529df0d444c18ebb74067b8badfae2d0716.woff2

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/fa-icons-f5350598699834ae2392963288089ac5d26601172eec64e0a2b7634de4782b72.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://trees.betterplaceforests.com/assets/fa-icons-f5350598699834ae2392963288089ac5d26601172eec64e0a2b7634de4782b72.css
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
alt-svc: h3=":443"; ma=86400
content-length: 78460
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D
last-modified: Thu, 02 Feb 2023 21:33:31 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET, OPTIONS
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720648629&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=%2FolODoicHm%2BI%2BrR3reIqyzo2xajBHT6RDE1eZqSqpbM%3D"}]}
access-control-allow-origin: https://account.betterplaceforests.com
content-type: application/font-woff2
access-control-expose-headers
cache-control: max-age=14400
vary: Origin, Accept-Encoding
accept-ranges: bytes
cf-ray: 8a19d0d3ead9523f-LAX

GET
H2 200 DadaGrotesk-Medium.otf
dmrpcq96wq0sx.cloudfront.net/fonts/ 43 KB
43 KB 906ms
579ms Font
binary/octet-stream 2600:9000:247b:c00:1c:3c23:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/DadaGrotesk-Medium.otf
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c00:1c:3c23:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9c4610cf09b0da7ffd407728bd3d1aed506dc5f4b018375f3615ef7b6156a8d

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:48:13 GMT
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 18:08:50 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
age: 81535
etag: "c06bee5ce7045b2bf9c4cccbee32dc82"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 43668
x-amz-cf-id: yFSnlB1LwdkpFtL38GmDwe2r4HujIf5igOskpdmgPO00qLXHYV8ubw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 440ms
148ms Font
font/woff2 2607:f8b0:4006:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 18:18:04 GMT
x-content-type-options: nosniff
age: 76143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jul 2025 18:18:04 GMT

GET
H2 200 DadaGrotesk-Book.otf
dmrpcq96wq0sx.cloudfront.net/fonts/ 45 KB
45 KB 1053ms
727ms Font
binary/octet-stream 2600:9000:247b:c00:1c:3c23:a440:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/DadaGrotesk-Book.otf
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-5602b5d5b5471f4120b5fe2321f605335b433ca225eeb737fee41ac53862695f.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:247b:c00:1c:3c23:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b30d8f9c0a7cceeae8e7cd2de328d17501ffc31a81a010110a3e335c1f8377a

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Wed, 10 Jul 2024 16:48:13 GMT
via: 1.1 43504ac56caa49011c8a16d1cb156142.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 18:08:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P2
age: 81535
etag: "d320824c61f918fbc909fe91dbef0bba"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 45836
x-amz-cf-id: Um085Lq4N1kRlYMgjvYoPhKnBeSo5Hym1C7uaoErVwq3vhxEBl7N6A==

POST
H3 200 8a19d0cc5b068403 Show response
account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 75D8 0
711 B 111ms
102ms XHR
text/plain 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://account.betterplaceforests.com/cdn-cgi/challenge-platform/h/b/jsd/r/8a19d0cc5b068403
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jul 2024 15:27:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FUSYlyTsU5F9zdNUup33Ok6U5udpU20PwyV0%2FXCgkDQZEQnBZRYmrw43oH69n4iAq1bkOaHNgLBMMDWnIipEeV79jlUJrfqcgXd4EMFYj1kU5i7ytQ5ovjy6EXx%2F8quO3YOPBqp%2BkRCPSRI1dfqgzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 8a19d0d50f0f8403-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 346 KB
109 KB 190ms
189ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ND9BTWD225&l=dataLayer&cx=c

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

21532a7e827978795fec889e12e268d51cf27fd48c4317c1204965be4620bd96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111431
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jul 2024 15:27:07 GMT

GET
H3

200

analytics-ebfa4dec17f2b2cec697.js Show response
tracking.betterplaceforests.com/packs/js/
Redirect Chain

https://tracking.betterplaceforests.com/analytics.js
https://tracking.betterplaceforests.com/packs/js/analytics-ebfa4dec17f2b2cec697.js

16 KB
6 KB

82ms
82ms

Script
application/javascript

172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.betterplaceforests.com/packs/js/analytics-ebfa4dec17f2b2cec697.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H3
Server: 172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d6fd78ae533440d6eee7073bb3a915c92e0e669163ce4c137e67340ca74bf26

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:07 GMT
via: 1.1 vegur
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 66717
cf-polished: origSize=16583
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720644835&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=lnW0LSnq3QQJCJb1Bxf8npf6lDW1z2IbrnIPP1kv5J0%3D
cf-bgj: minify
last-modified: Thu, 13 Apr 2023 03:31:51 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720644835&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=lnW0LSnq3QQJCJb1Bxf8npf6lDW1z2IbrnIPP1kv5J0%3D"}]}
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 8a19d0dacdc58403-LAX

Redirect headers

date: Thu, 11 Jul 2024 15:27:07 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720711627&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=TFr1bdDgOyq2KZaKcEi%2FHmhJzwSKi%2FtPNpnsBTL8tgQ%3D
x-request-id: 470edfcb-55c2-4f2e-8f57-96de70b3fec0
x-runtime: 0.001750
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720711627&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=TFr1bdDgOyq2KZaKcEi%2FHmhJzwSKi%2FtPNpnsBTL8tgQ%3D"}]}
content-type: text/javascript; charset=utf-8
location: https://tracking.betterplaceforests.com/packs/js/analytics-ebfa4dec17f2b2cec697.js
cache-control: max-age=14400
vary: Accept-Encoding
cf-ray: 8a19d0d99c8a8403-LAX

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 223 KB
60 KB 842ms
567ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 15:27:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58653
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=135, rtx=0, c=12, mss=1297, tbw=2786, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: Gadv6qY4ijvbBInVCQngSVubc9acSkjuQoKc2q/AiVK+QvFwgBD2kC7skHs/WhTYr1t3s5IM9NUPAinuXkQ+Lw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 47 KB
14 KB 1734ms
1237ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 11 Jul 2024 15:27:09 GMT
last-modified: Mon, 08 Jul 2024 16:08:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8359B84A5B2D4B7FA21D7580EC5F1DE5 Ref B: LAX311000110047 Ref C: 2024-07-11T15:27:09Z
etag: "804a6d1951d1da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13845

OPTIONS
H3 200 page_visits
tracking.betterplaceforests.com/ Frame 0
0 349ms
349ms Preflight 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.betterplaceforests.com/page_visits
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://account.betterplaceforests.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://account.betterplaceforests.com
access-control-expose-headers
access-control-max-age: 7200
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8a19d0db5993523f-LAX
date: Thu, 11 Jul 2024 15:27:08 GMT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720711628&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ZYf3Cgg3JknFSkb1ILaP6YyOebaAN8myKlkTECiQ0fY%3D"}]}
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720711628&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ZYf3Cgg3JknFSkb1ILaP6YyOebaAN8myKlkTECiQ0fY%3D
server: cloudflare
via: 1.1 vegur

POST
H3 200 page_visits Show response
tracking.betterplaceforests.com/ 0
923 B 343ms
341ms XHR
application/json 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.betterplaceforests.com/page_visits

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Jul 2024 15:27:08 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
x-permitted-cross-domain-policies: none
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720711628&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ZYf3Cgg3JknFSkb1ILaP6YyOebaAN8myKlkTECiQ0fY%3D
x-request-id: c260ced4-da0e-49c4-aacb-0e93899fea50
x-runtime: 0.012986
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-download-options: noopen
access-control-max-age: 7200
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://account.betterplaceforests.com
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720711628&sid=e11707d5-02a7-43ef-b45e-2cf4d2036f7d&s=ZYf3Cgg3JknFSkb1ILaP6YyOebaAN8myKlkTECiQ0fY%3D"}]}
access-control-expose-headers
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
cache-control: no-cache
vary: Origin
cf-ray: 8a19d0dd89868403-LAX

POST
H2 204 collect
analytics.google.com/g/ 0
0 450ms
145ms Fetch
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ND9BTWD225&gtm=45je4790v9117656992z872287462za200zb72287462&_p=1720711626718&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1066240599.1720711628&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1720711628&sct=1&seg=0&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&dt=Better%20Place%20Forests%20-%20Sign%20In&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2902&_z=fetch
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:27:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.betterplaceforests.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 426ms
137ms Ping
text/plain 2607:f8b0:4004:c1f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ND9BTWD225&cid=1066240599.1720711628&gtm=45je4790v9117656992z872287462za200zb72287462&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ND9BTWD225&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:27:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.betterplaceforests.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 150320322048178 Show response
connect.facebook.net/signals/config/ 293 KB
91 KB 779ms
778ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/150320322048178?v=2.9.161&r=stable&domain=account.betterplaceforests.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f5c6f255b188211da9fc9a193305f0b7cb0f0068902bf3ca117dd5a8657c314

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 11 Jul 2024 15:27:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=142, rtx=3, c=32, mss=1297, tbw=64166, tp=-1, tpl=-1, uplat=646, ullat=0
pragma: public
x-fb-debug: b1vDRCM1p6jasL3WEBqcl6tk4nYAJDVSP9bpbkgptCuAO69JJ+DSomI63CErhZm3Q7KjnmCGivKJ8UHlumyRAQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 187072500.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 100ms
100ms Script
application/javascript 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/187072500.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a54eed2abc7740fa02a5e5a9a3e2b0d7ab31299398f5a7fe1d888a9ee3ccd2f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Thu, 11 Jul 2024 15:27:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A2AD8749809740C2BE7FE1DBED25605D Ref B: LAX311000110047 Ref C: 2024-07-11T15:27:09Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
361 B 167ms
166ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=187072500&Ver=2&mid=c1c0d3f9-ed5a-460f-ae6c-1664a590bdf8&sid=09f100803f9a11ef9487419f0e79f5a7&vid=09f0ef403f9a11efac1063177c412a6b&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Better%20Place%20Forests%20-%20Sign%20In&p=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&r=&lt=1551&evt=pageLoad&sv=1&cdb=AQAA&rn=965522

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 11 Jul 2024 15:27:09 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: FF07797E0FC04514AB309A004F4160D6 Ref B: LAX311000110047 Ref C: 2024-07-11T15:27:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 187072500 Show response
www.clarity.ms/tag/uet/ 980 B
1 KB 1017ms
763ms Script
application/x-javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/187072500
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ce88627cb0707ede45b0f987ffc03d3da4b92869f099a68b8d2d25d6cedb482

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires: -1
date: Thu, 11 Jul 2024 15:27:10 GMT
x-azure-ref: 20240711T152709Z-164f99fcc6bl7x6pwvu1ru09ng000000020g000000001xmd
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 980
request-context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 /
www.facebook.com/tr/ 0
270 B 410ms
129ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=150320322048178&ev=PageView&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&rl=&if=false&ts=1720711630173&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720711630171.714826945418158600&eid=ob3_plugin-set_5f83a16f8f7e40ad6398081c0c092f86ee72b5a2eec6cdac7a98c52a6a0abcf1&ler=empty&cdl=API_unavailable&it=1720711629057&coo=false&rqm=GET

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: GOOD; q=0.7, rtt=128, rtx=0, c=10, mss=1297, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 11 Jul 2024 15:27:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 486ms
205ms Image
image/png 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=150320322048178&ev=PageView&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&rl=&if=false&ts=1720711630173&sw=1600&sh=1200&v=2.9.161&r=stable&ec=0&o=4126&fbp=fb.1.1720711630171.714826945418158600&eid=ob3_plugin-set_5f83a16f8f7e40ad6398081c0c092f86ee72b5a2eec6cdac7a98c52a6a0abcf1&ler=empty&cdl=API_unavailable&it=1720711629057&coo=false&rqm=FGET

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5b947042bac6cb7c","source_keys":["1","2"]},{"key_piece":"0x848a3f2a76db2c43","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Thu, 11 Jul 2024 15:27:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7390400178808270527", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=128, rtx=0, c=10, mss=1297, tbw=3105, tp=-1, tpl=-1, uplat=74, ullat=0
pragma: no-cache
x-fb-debug: UB54lPyM0jE+zRfdyfTeH0aoqtN9FjfigQDPB2p9lFuGJLzbYhtlOwg3EmwSb05wBcfZP8hcOYiPXgBTA+6jIw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7390400178808270527"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 15e461837fe2f0d0407b14b0eb90a577bb8f020a2a80278a497f43848c772c76 Show response
analytics.betterplaceforests.com/events/ 0
659 B 137ms
122ms XHR
text/plain 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.betterplaceforests.com/events/15e461837fe2f0d0407b14b0eb90a577bb8f020a2a80278a497f43848c772c76

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 11 Jul 2024 15:27:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wB%2BL3b8YA61Tzq56TThjg9QdJjRlzSktJmdsC%2BJzSKa3XPQyRq%2B1%2BGI2pMh9Bp88Jol5e7SuA6xYEG2vS8PJHTcvk95MP0ib5klDBpn4oamks9lK1onZzgdhX1TL3YzC8Mhr8%2B6uCOKxUoIUZJFIdRxZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://account.betterplaceforests.com
access-control-allow-credentials: true
cf-ray: 8a19d0e8ffa38403-LAX
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 280ms
279ms Script
application/javascript 2620:1ec:29:1::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:10 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240711T152710Z-164f99fcc6bl7x6pwvu1ru09ng000000020g000000001xmm
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 401c9d66-101e-0028-3aa8-d24f73000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 0

GET
H2 200 nr-spa-1.262.0.min.js Show response
js-agent.newrelic.com/ 109 KB
32 KB 234ms
67ms Script
application/javascript 2602:816:5001::39
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.262.0.min.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2602:816:5001::39 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9546427f825622e50dc3d6bd6c65be7ebb0649215eacef802f422b346c396687

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://account.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id: RG5iPFMSu457Xt7fHoW7tXUk2YVVZc91
content-encoding: br
via: 1.1 varnish
date: Thu, 11 Jul 2024 15:27:11 GMT
strict-transport-security: max-age=300
x-amz-request-id: ZZNKRBDA5KSY3EFP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 31887
x-amz-id-2: lT3vD2Jki+eOcEJmyIuOzp6BKJH4JeN5Aaf1/WVBkAzZ51EbkPclfurDY1Mrk5EPjGc9B0nAvVJkucvOK/UNf0OnfqMWMFYcxMhD8EH/eEM=
x-served-by: cache-lax-kwhp1940055-LAX
last-modified: Wed, 10 Jul 2024 15:59:13 GMT
server: AmazonS3
etag: "98080d9e1ffb0418a12fd97832d4a298"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 22416

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&RedC=c.clarity.ms&MXFR=3A509C2032A6604C2EAB889936A66EF4
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&MUID=19CD3808E9E46C9A3C402CB1E8766D96

42 B
465 B

417ms
417ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&MUID=19CD3808E9E46C9A3C402CB1E8766D96
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:27:11 GMT
last-modified: Tue, 25 Jun 2024 19:54:30 GMT
server: Microsoft-IIS/10.0
etag: "df9747e39c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:27:11 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 38B6B2B361044828B0484C4898DE0FFB Ref B: LAX311000110047 Ref C: 2024-07-11T15:27:11Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=7DE83FEE21FB454788B03CB9097760E8&MUID=19CD3808E9E46C9A3C402CB1E8766D96
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H3 200 favicon.ico
trees.betterplaceforests.com/ 15 KB
3 KB 102ms
101ms Other
image/vnd.microsoft.icon 172.67.70.124
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.124 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c410516006b267d7b50ef7c6c577c564bd1915d15c7fed5e2f8cf0c2e79366f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 11 Jul 2024 15:27:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
via: 1.1 vegur
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 5066
content-encoding: br
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1720647706&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FRmIeDF6O1JNOX0zVfb6CR9en9WI1YlOHyCZ%2Bv7jCgc%3D
last-modified: Mon, 01 Jul 2024 16:40:40 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1720647706&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=FRmIeDF6O1JNOX0zVfb6CR9en9WI1YlOHyCZ%2Bv7jCgc%3D"}]}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 8a19d0eedfb97c1b-LAX

POST
H/1.1 204
No Content collect Show response
t.clarity.ms/ 0
294 B 954ms
680ms XHR
text/plain 20.114.189.70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.clarity.ms/collect
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://account.betterplaceforests.com
Date: Thu, 11 Jul 2024 15:27:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d

POST
H/1.1 200 NRJS-97d5b27c82082bb4b40 Show response
bam.nr-data.net/1/ 150 B
627 B 574ms
396ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-97d5b27c82082bb4b40?a=501669247&v=1.262.0&to=dlZXR0QNVA0ERElERVBLShxFB0sSCFkIQhlbXE4%3D&rst=6223&ck=0&s=a6746eff0d12aedf&ref=https://account.betterplaceforests.com/users/sign_in&ptid=4800f22cdab7190c&af=err,spa,xhr,stn,ins&qt=2&ap=15&be=793&fe=5151&dc=758&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1720711625190,%22n%22:0,%22r%22:0,%22re%22:427,%22f%22:427,%22dn%22:427,%22dne%22:427,%22c%22:427,%22s%22:427,%22ce%22:427,%22rq%22:428,%22rp%22:793,%22rpe%22:1142,%22di%22:1549,%22ds%22:1549,%22de%22:1551,%22dc%22:5941,%22l%22:5941,%22le%22:5944%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1542&fcp=1579
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 38f2f33efc346be98373f68e22e6c36fe6277f251016519357737432f9b7cbe8

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 11 Jul 2024 15:27:11 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://account.betterplaceforests.com
access-control-expose-headers: Date
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://account.betterplaceforests.com
Content-Length: 150
x-served-by: cache-lax-kwhp1940089-LAX

POST
H2 204 collect
analytics.google.com/g/ 0
0 146ms
145ms Fetch
text/plain 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-ND9BTWD225&gtm=45je4790v9117656992za200zb72287462&_p=1720711626718&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1066240599.1720711628&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EEA&_s=2&sid=1720711628&sct=1&seg=0&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&dt=Better%20Place%20Forests%20-%20Sign%20In&en=scroll&epn.percent_scrolled=90&_et=11&tfd=7916&_z=fetch
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jul 2024 15:27:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.betterplaceforests.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.analytics.betterplaceforests.com/events/15e461837fe2f0d0407b14b0eb90a577bb8f020a2a80278a497f43848c772c76	1970-01-21 00:08:07	Name: cee Value: L815CkJggJhsDALVI%2BHN7FZFy6vexXPjQy75%2F0lektQ%3D.%7B%7D
.betterplaceforests.com/	1969-12-31 23:59:59	Name: _trees_session_1 Value: H5Bb7mx9z7mPHY95vo7JHKYmqlVTcYTPLJ74CRKefEEVE18hRtaMicz2qy4qwJCPDFF%2BSbBfuHOGnPD3FzNhRFV7M86mdwb5fk%2BgUnTju99Zd7bO%2BkdRQszbX92I3D2qCQE9ZRhy1DV%2BfcC0AemvKSuTx9jtADxPAQfd7usMpCqGV5SEuJtskjtZKKqNBXB637evBxYL6NUNU%2BNmzr%2BIclv5t%2F6aOdUz2s1sMiZs4xQQESggVO8R1oYJ8CEBx4MIHEFeq4hxCAYjGR9EhGCQQ3YE8VibsHaKu2Gk5QlEiJnXbEUfksbbrlg%2B1Sa%2F2fK%2Bu%2BIYjA%3D%3D--DgFacCi%2F8YiE7PkQ--NXCmDLdpMPytQGz026BEPQ%3D%3D
.betterplaceforests.com/	1970-01-21 06:44:07	Name: cf_clearance Value: HFDTEqXUNafDb6XpO4bHojxJzGfSyROOmdNkST7rWl4-1720711627-1.0.1.1-096_E3cFm2oU6r6cx_YmAbhVyw4G6slXGO8iCzlNJhIlrUXjXmVfGKLybG9vJUKW5QSDwX9Tcio_CkVVazjWKg
.betterplaceforests.com/	1970-01-21 00:08:07	Name: _gcl_au Value: 1.1.1979947589.1720711628
.betterplaceforests.com/	1970-01-21 07:34:31	Name: _ga Value: GA1.1.1066240599.1720711628
.betterplaceforests.com/	1970-01-21 07:34:31	Name: _ga_ND9BTWD225 Value: GS1.1.1720711628.1.0.1720711628.60.0.0
.betterplaceforests.com/	1970-01-21 07:34:31	Name: pid Value: 33962f74-7273-488e-9623-74907b92660b
.betterplaceforests.com/	1969-12-31 23:59:59	Name: sid Value: 2614f36f-8fb6-4e54-9bd2-7392be6c6eab
.betterplaceforests.com/	1970-01-20 21:59:58	Name: _uetsid Value: 09f100803f9a11ef9487419f0e79f5a7
.betterplaceforests.com/	1970-01-21 07:20:07	Name: _uetvid Value: 09f0ef403f9a11efac1063177c412a6b
.bing.com/	1970-01-21 07:20:07	Name: MUID Value: 19CD3808E9E46C9A3C402CB1E8766D96
.bat.bing.com/	1970-01-20 22:08:36	Name: MR Value: 0
.betterplaceforests.com/	1970-01-21 00:08:07	Name: _fbp Value: fb.1.1720711630171.714826945418158600
www.clarity.ms/	1970-01-21 06:44:07	Name: CLID Value: a37d3085ba22415cb06d52c5c7b64ef0.20240711.20250711
.betterplaceforests.com/	1970-01-21 06:44:07	Name: _clck Value: 10mjzb5%7C2%7Cfnd%7C0%7C1653
.c.bing.com/	1970-01-20 22:08:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:20:07	Name: SRM_B Value: 19CD3808E9E46C9A3C402CB1E8766D96
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:20:07	Name: MUID Value: 19CD3808E9E46C9A3C402CB1E8766D96
.c.clarity.ms/	1970-01-20 22:08:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:58:32	Name: ANONCHK Value: 0
.betterplaceforests.com/	1970-01-20 21:59:58	Name: _clsk Value: 2pfayn%7C1720711632178%7C1%7C1%7Ct.clarity.ms%2Fcollect

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://account.betterplaceforests.com/users/sign_in(Line 12) Message: Listener added for a 'DOMNodeInserted' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.betterplaceforests.com
analytics.betterplaceforests.com
analytics.google.com
bam.nr-data.net
bat.bing.com
c.bing.com
c.clarity.ms
connect.facebook.net
dmrpcq96wq0sx.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
o617827.ingest.sentry.io
stats.g.doubleclick.net
t.clarity.ms
tracking.betterplaceforests.com
trees.betterplaceforests.com
www.clarity.ms
www.facebook.com
www.googletagmanager.com
162.247.243.29
172.67.70.124
20.110.205.119
20.114.189.70
2600:9000:247b:c00:1c:3c23:a440:21
2602:816:5001::39
2606:4700:20::681a:6ab
2607:f8b0:4004:c1f::9a
2607:f8b0:4006:806::200e
2607:f8b0:4006:809::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2008
2620:1ec:29:1::40
2620:1ec:c11::237
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.120.195.249
0f5c6f255b188211da9fc9a193305f0b7cb0f0068902bf3ca117dd5a8657c314
21532a7e827978795fec889e12e268d51cf27fd48c4317c1204965be4620bd96
2a1569f15a4fdbeedb7461f2565fa6c1f263cbbcf56b3dc046e0edd33b1e42e3
38f2f33efc346be98373f68e22e6c36fe6277f251016519357737432f9b7cbe8
3cdcbdcd9dc6f27f233ccf3ac724461d3e32804a5963d58b910a99c0c72f8de2
3ce88627cb0707ede45b0f987ffc03d3da4b92869f099a68b8d2d25d6cedb482
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a0006eceb413462f0630e3c13954f5882d24f55bee2bd4d32c704dca7f1d019
4b30d8f9c0a7cceeae8e7cd2de328d17501ffc31a81a010110a3e335c1f8377a
4d6fd78ae533440d6eee7073bb3a915c92e0e669163ce4c137e67340ca74bf26
5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc
5864ab855fabcf14c9e8174c298293b5f186015db1a332b545b4de4173d29d14
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a
7420ec488967f3b39bf571baee63a53c0cc50b291598b0d57468b7761a743e15
7672abb72a251fd417f5a096ca5a8ce4723ee4b5b536b1b90bfd06aa2029608b
7c410516006b267d7b50ef7c6c577c564bd1915d15c7fed5e2f8cf0c2e79366f
90a2e1a38b97c7de8e414e6061fddaadbfcf7d20a98bf3d802440fc1633b7d59
94850418771633bf9d0d81ecad7b3246b978515437e46665919cdc7d9289b03b
9546427f825622e50dc3d6bd6c65be7ebb0649215eacef802f422b346c396687
958d3e1b09354b7c4a905542511e6f8565985c7d4151ba272c500216386c3d96
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a54eed2abc7740fa02a5e5a9a3e2b0d7ab31299398f5a7fe1d888a9ee3ccd2f2
a97bc8ec679a82ec782bd76c7302c0ca394c1ad672450f86f87bee5e0ec06b19
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410
c4832b19dd5406ac0855426096610e532861e94c65819651ada45299002455de
d7412f80a21c1edd1cc3fa8aba048a1c9ae0910b691a01943463c35b95bffa26
d84708b189c2eaa665ae431f8bcbdd7f160172491d7c97ed095b7fb7f3df3937
da2f7b61b20ca24016d4f31dd98e7e3ce9e46c563efaf171b1d8b593426f1c30
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9c4610cf09b0da7ffd407728bd3d1aed506dc5f4b018375f3615ef7b6156a8d

account.betterplaceforests.com Open in urlscan Pro 172.67.70.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

44 Requests

93 %HTTPS

71 %IPv6

14 Domains

20 Subdomains

17 IPs

1 Countries

1583 kBTransfer

3853 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account.betterplaceforests.com Open in urlscan Pro
172.67.70.124 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

93 %
HTTPS

71 %
IPv6

14
Domains

20
Subdomains

17
IPs

1
Countries

1583 kB
Transfer

3853 kB
Size

22
Cookies

44 HTTP transactions
0 data transactions