account.betterplaceforests.com Open in urlscan Pro
172.67.130.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://account.betterplaceforests.com/
Effective URL:
https://account.betterplaceforests.com/users/sign_in
Submission: On September 17 via automatic, source certstream-suspicious (September 17th 2021, 5:21:05 am UTC) — Scanned from DE

Summary HTTP 88 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 50 IPs in 5 countries across 39 domains to perform 88 HTTP transactions. The main IP is 172.67.130.188, located in United States and belongs to CLOUDFLARENET, US. The main domain is account.betterplaceforests.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.

This is the only time account.betterplaceforests.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 15	172.67.130.188 172.67.130.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
2	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
1	142.250.185.232 142.250.185.232	15169 (GOOGLE) (GOOGLE)
3	143.204.101.62 143.204.101.62	16509 (AMAZON-02) (AMAZON-02)
2	104.21.3.134 104.21.3.134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.99 142.250.185.99	15169 (GOOGLE) (GOOGLE)
2	142.250.185.174 142.250.185.174	15169 (GOOGLE) (GOOGLE)
4	104.19.147.8 104.19.147.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	31.13.92.14 31.13.92.14	32934 (FACEBOOK) (FACEBOOK)
4	104.21.4.14 104.21.4.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	87.248.118.23 87.248.118.23	203220 (YAHOO-DEB) (YAHOO-DEB)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	50.19.227.64 50.19.227.64	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
1	44.229.7.188 44.229.7.188	16509 (AMAZON-02) (AMAZON-02)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
4	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	74.125.206.154 74.125.206.154	15169 (GOOGLE) (GOOGLE)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	18.66.112.59 18.66.112.59	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.164 142.250.186.164	15169 (GOOGLE) (GOOGLE)
2	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.33.220.244 185.33.220.244	29990 (ASN-APPNEX) (ASN-APPNEX)
2	18.144.24.3 18.144.24.3	16509 (AMAZON-02) (AMAZON-02)
1 2	31.13.92.36 31.13.92.36	32934 (FACEBOOK) (FACEBOOK)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	143.204.98.47 143.204.98.47	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	35.83.45.36 35.83.45.36	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	104.16.19.94 104.16.19.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.73.172.176 54.73.172.176	16509 (AMAZON-02) (AMAZON-02)
2	54.146.248.82 54.146.248.82	14618 (AMAZON-AES) (AMAZON-AES)
1	172.67.180.171 172.67.180.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.24.245.7 52.24.245.7	16509 (AMAZON-02) (AMAZON-02)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	31.13.92.2 31.13.92.2	32934 (FACEBOOK) (FACEBOOK)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
88	50

15 172.67.130.188 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

account.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trees.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o617827.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-62.fra50.r.cloudfront.net

dmrpcq96wq0sx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.3.134 (None, )

ASN13335 (CLOUDFLARENET, US)

trees.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.147.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.14 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frt3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.21.4.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.useproof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

a.optmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.248.118.23 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.227.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-227-64.compute-1.amazonaws.com

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.229.7.188 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-7-188.us-west-2.compute.amazonaws.com

ads.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

utt.impactcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.21.141.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.59 (United States)

ASN16509 (AMAZON-02, US)

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.220.244 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.144.24.3 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-144-24-3.us-west-1.compute.amazonaws.com

analytics.betterplaceforests.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.13.92.36 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frt3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-47.fra50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.83.45.36 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-83-45-36.us-west-2.compute.amazonaws.com

flask.nextdoor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.172.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.146.248.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-248-82.compute-1.amazonaws.com

live-visitor-counts.herokuapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.180.171 (United States)

ASN13335 (CLOUDFLARENET, US)

analytics.proofapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.24.245.7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-245-7.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.13.92.2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-atlas-shv-01-frt3.facebook.com

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	betterplaceforests.com 2 redirects account.betterplaceforests.com trees.betterplaceforests.com tracking.betterplaceforests.com analytics.betterplaceforests.com	927 KB
5	crazyegg.com script.crazyegg.com tracking.crazyegg.com	25 KB
4	pinterest.com ct.pinterest.com	2 KB
4	doubleclick.net pubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	26 KB
4	useproof.com cdn.useproof.com api.useproof.com	602 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	bing.com bat.bing.com	10 KB
3	cloudfront.net dmrpcq96wq0sx.cloudfront.net	129 KB
2	herokuapp.com live-visitor-counts.herokuapp.com	200 B
2	facebook.com 1 redirects www.facebook.com	446 B
2	google.com www.google.com	676 B
2	nextdoor.com ads.nextdoor.com flask.nextdoor.com	3 KB
2	adnxs.com acdn.adnxs.com ib.adnxs.com	4 KB
2	ubembed.com e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com assets.ubembed.com	48 KB
2	yimg.com s.yimg.com	7 KB
2	facebook.net connect.facebook.net	115 KB
2	pinimg.com s.pinimg.com	18 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	130 KB
2	sentry.io o617827.ingest.sentry.io	361 B
1	atdmt.com cx.atdmt.com	581 B
1	nr-data.net bam-cell.nr-data.net	921 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	amplitude.com api.amplitude.com	168 B
1	proofapi.com analytics.proofapi.com	816 B
1	cloudflare.com cdnjs.cloudflare.com	2 KB
1	jsdelivr.net cdn.jsdelivr.net	19 KB
1	yahoo.com sp.analytics.yahoo.com	964 B
1	omappapi.com api.omappapi.com	827 B
1	t.co t.co	454 B
1	twitter.com analytics.twitter.com	659 B
1	impactcdn.com utt.impactcdn.com	13 KB
1	ipify.org api.ipify.org	216 B
1	optmnstr.com a.optmnstr.com	58 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	googletagmanager.com www.googletagmanager.com	71 KB
1	googleapis.com fonts.googleapis.com	1 KB
88	39

	Domain	Requested by
11	trees.betterplaceforests.com	account.betterplaceforests.com trees.betterplaceforests.com
4	ct.pinterest.com	trees.betterplaceforests.com account.betterplaceforests.com
4	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
4	tracking.betterplaceforests.com	1 redirects account.betterplaceforests.com trees.betterplaceforests.com
3	bat.bing.com	account.betterplaceforests.com bat.bing.com
3	cdn.useproof.com	www.googletagmanager.com cdn.useproof.com
3	dmrpcq96wq0sx.cloudfront.net	trees.betterplaceforests.com
2	trc-events.taboola.com	trees.betterplaceforests.com
2	live-visitor-counts.herokuapp.com	cdn.useproof.com
2	www.facebook.com	1 redirects account.betterplaceforests.com
2	analytics.betterplaceforests.com	trees.betterplaceforests.com
2	tr.outbrain.com	amplify.outbrain.com account.betterplaceforests.com
2	www.google.com	account.betterplaceforests.com
2	pubads.g.doubleclick.net	account.betterplaceforests.com
2	s.yimg.com	account.betterplaceforests.com trees.betterplaceforests.com
2	connect.facebook.net	account.betterplaceforests.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.google-analytics.com	www.googletagmanager.com account.betterplaceforests.com
2	o617827.ingest.sentry.io	trees.betterplaceforests.com
2	account.betterplaceforests.com	1 redirects
1	cx.atdmt.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	account.betterplaceforests.com
1	api.amplitude.com	trees.betterplaceforests.com
1	analytics.proofapi.com	cdn.useproof.com
1	tracking.crazyegg.com	script.crazyegg.com
1	cdnjs.cloudflare.com	connect.facebook.net
1	cdn.jsdelivr.net	connect.facebook.net
1	flask.nextdoor.com	account.betterplaceforests.com
1	api.useproof.com	cdn.useproof.com
1	www.gstatic.com	cdn.useproof.com
1	assets.ubembed.com	e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com
1	sp.analytics.yahoo.com	account.betterplaceforests.com
1	trc.taboola.com	cdn.taboola.com
1	ib.adnxs.com	account.betterplaceforests.com
1	api.omappapi.com	trees.betterplaceforests.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	trees.betterplaceforests.com
1	t.co	account.betterplaceforests.com
1	analytics.twitter.com	static.ads-twitter.com
1	utt.impactcdn.com	account.betterplaceforests.com
1	ads.nextdoor.com	account.betterplaceforests.com
1	acdn.adnxs.com	account.betterplaceforests.com
1	amplify.outbrain.com	account.betterplaceforests.com
1	api.ipify.org	www.googletagmanager.com
1	e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com	www.googletagmanager.com
1	cdn.taboola.com	account.betterplaceforests.com
1	a.optmnstr.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	account.betterplaceforests.com
1	fonts.googleapis.com	account.betterplaceforests.com
88	53

This site contains links to these domains. Also see Links.

Domain
www.betterplaceforests.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.ingest.sentry.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-07-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-09` - `2021-12-08`	3 months	crt.sh
a.optmnstr.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-06` - `2021-10-27`	2 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.ipify.org Sectigo RSA Domain Validation Secure Server CA	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
nextdoor.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
utt.impactcdn.com GTS CA 1D4	`2021-08-22` - `2021-11-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
analytics.betterplaceforests.com R3	`2021-08-16` - `2021-11-14`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.herokuapp.com Amazon	`2021-06-01` - `2022-06-30`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
*.newrelic.com R3	`2021-07-19` - `2021-10-17`	3 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-08-22` - `2021-11-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.betterplaceforests.com/users/sign_in
Frame ID: 4A82EFAD646CEACF9AEBE06454070B96
Requests: 77 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 915D933B9417E4BDB3D6E99E2CDCFAE3
Requests: 6 HTTP requests in this frame

Frame: https://script.crazyegg.com/pages/data-scripts/0069/0448.json?t=1
Frame ID: F6D4A103689D8010E75107DE82BA93EE
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Better Place Forests

Page URL History Show full URLs

https://account.betterplaceforests.com/ HTTP 302
https://account.betterplaceforests.com/users/sign_in Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

88
Requests

100 %
HTTPS

0 %
IPv6

39
Domains

53
Subdomains

50
IPs

5
Countries

2273 kB
Transfer

4544 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.betterplaceforests.com/help
Title: Visit Help Page

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://account.betterplaceforests.com/ HTTP 302
https://account.betterplaceforests.com/users/sign_in Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://tracking.betterplaceforests.com/analytics.js HTTP 302
https://tracking.betterplaceforests.com/packs/js/analytics-8deb0b7c14380b07a8f8.js

Request Chain 84

https://www.facebook.com/tr/?id=150320322048178&ev=Microdata&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&rl=&if=false&ts=1631856060572&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Better%20Place%20Forests%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631856059064.251542864&eid=ob2_v.0.3.11_d344d6e00ef1eace5c9869666486f4ba9d5efbc612dd57d0089db614b35d52f7&it=1631856058903&coo=false&es=automatic&tm=3&exp=p1&rqm=GET HTTP 302
https://cx.atdmt.com/?c=5626401182732436221&f=AYz0zmrzqt18-gtRrmWA3O77nZtjGleOThEG5LNTOKf56Zdwp11-W56O80xiJvB2e8kPgJUCcM0AsdldktCaMk4B&id=150320322048178&l=3&v=0

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sign_in Show response
account.betterplaceforests.com/users/
Redirect Chain

https://account.betterplaceforests.com/
https://account.betterplaceforests.com/users/sign_in

16 KB
7 KB

121ms
120ms

Document
text/html

172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fab7339b7fec3d6347ddbb0a606849191eb50bc678866865364539d45fecc8dc

Security Headers

Name	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: account.betterplaceforests.com
:scheme: https
:path: /users/sign_in
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
cookie: _trees_session=qZQfur6XmUMt7EpXWlUtRv127Sdv5v932Cr%2FnywJsRH4K1AXrE2F1tl4X3DrR3aof2%2FjpcJHNMb4Q75WSgsAXN3HnpkOEJMxY31QtLIE33nFQD2394txTZb00ihRddnUz2Q9POKzHLGucr0op3fmYlNV4mc%3D--3ZgT%2FwwC0YCsWIuX--%2B78zj6mTUwyiD2rKVIyCNw%3D%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=0, private, must-revalidate
content-security-policy
set-cookie: _trees_session=1cJ%2B6vWbdCzpC7g7%2BN%2FWHCZwlonUIMb9cntV0ilfKSe%2BKKQbRzFCl%2B3Grx5RkDpoo9b%2F8i06nIMQNnIyJY%2B67dgAGkE0zQNqUaRZXPOZ72Pr%2FB86Q0vEs%2BmJkU%2BnyYb6yQKK4TEvpqhYnXEfdgXLeDzofBAbK29PlZKWelKmacwVWw%3D%3D--HsFudQ0YPm8hh4Ha--fgIABDaLcko9DcLkbAsAkw%3D%3D; path=/; secure; HttpOnly
x-request-id: a2c055a5-73ff-4b1d-b5a8-2722b45255bc
x-runtime: 0.007481
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C3BOCgfAu2ckOguQDZS0TKt%2B3mxzuXJl3zvgLE5NsIYpV5J06kAbvn897Q78Y8aGNpOjLJu8rfzTu43iorBQ2wuwHOWT4pX%2Fc5mWxU2g9IiGdnU1KwSeRuG5fsIFHhS94JkZcC8zkvjlSO2OShot8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ffe36aaacc2b1a-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-type: text/html; charset=utf-8
location: https://account.betterplaceforests.com/users/sign_in
cache-control: no-cache
content-security-policy
set-cookie: _trees_session=qZQfur6XmUMt7EpXWlUtRv127Sdv5v932Cr%2FnywJsRH4K1AXrE2F1tl4X3DrR3aof2%2FjpcJHNMb4Q75WSgsAXN3HnpkOEJMxY31QtLIE33nFQD2394txTZb00ihRddnUz2Q9POKzHLGucr0op3fmYlNV4mc%3D--3ZgT%2FwwC0YCsWIuX--%2B78zj6mTUwyiD2rKVIyCNw%3D%3D; path=/; secure; HttpOnly
x-request-id: 5a19c9fd-7dfb-4378-a34c-41f94f8f7368
x-runtime: 0.003735
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6SzcbslApOfKHQC2hWh9NVitdr4QrYG5nB9qTJLA9zd9hO%2Bjl%2BIKp9teUiubh3Fe5fQHO%2Fj5aj9KrccupsMJbMZyD6UWPPMGaXQHN8KYia9Igqe9EeyJyWNEejnoAKvl6%2FOaTAQWDHw7GjSEbm9G7U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ffe3689fba2b1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 fa-icons-35a46193ead0b7717012b7f1f66bd9aaf37134512d9e51bcba3cef651fd29d62.css
trees.betterplaceforests.com/assets/ 59 KB
13 KB 30ms
16ms Stylesheet
text/css 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/fa-icons-35a46193ead0b7717012b7f1f66bd9aaf37134512d9e51bcba3cef651fd29d62.css

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b04240f8846475dbae72e4b37ddcdb070f7ba0da202e5bbbf50e426b79589555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4366
cf-polished: origSize=60654
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 16 Oct 2020 21:44:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dSwNlREudytONkHZoaiZYzrSlkVZISIoaRChLkBLZogLI1mv%2FN8RErEVS57aHUCk%2BlxF%2F4g0GTBTpgaD8LZWOmtAPXwCMMNoF2Em3su%2BX7tZWrbsi2yVPXOFJZA940Nw57tsVvSUv9yuFHVcO0t0"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 68ffe36b9be62b1a-FRA
cf-bgj: minify

GET
H2 200 dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
trees.betterplaceforests.com/assets/ 271 KB
47 KB 529ms
515ms Stylesheet
text/css 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68ffe36b9be52b1a-FRA
date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 04:43:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPO1U7V6QNciN2LtaP4E%2FSLK%2BzHUs%2FsIeXiDivt2toED3a8EGfHAwmIUeu0B7QOgNhr4hdH9WQi1jjpQurjvz59O9D2JzrB2QzelJ9pvip1CC0k25ZZhmZH3ET7cy3VA0YytVANiVH%2BATec2%2BJMp"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 58ms
23ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500&display=swap

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

4a6ce8ee6ce904a9b590e3e458d3332b7ef3a17f53153d31cc2aa30821ebb46f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 04:42:56 GMT
server: ESF
date: Fri, 17 Sep 2021 05:20:58 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 Sep 2021 05:20:58 GMT

GET
H2 200 application-8c68e6022ce433e35460.js Show response
trees.betterplaceforests.com/packs/js/ 698 KB
190 KB 57ms
44ms Script
application/javascript 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/packs/js/application-8c68e6022ce433e35460.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e40e172bcc420d98dc7ce020d41875d0d1ce78c53b084c88ec2bc4a5bac4e6d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4365
cf-polished: origSize=714465
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 04:48:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H2wzaeq9DGsoRzalMijP5Ulklr%2BrSr0mPJ%2BOuDL%2B88TYETAlHmT%2F48Nl7eaTiWCO6tHO0Fx78Ud43zU4u2awCeoTIFlbKLt2a2s4jbqFrQUjUJABu5YgDI9WaYouJaCQFUoqeKVtH5AxXg6rGc7Q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 68ffe36b9be72b1a-FRA
cf-bgj: minify

GET
H3 200 error_tracking-85dc23fee0bbe89186dd.js Show response
trees.betterplaceforests.com/packs/js/ 143 KB
36 KB 299ms
299ms Script
application/javascript 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be3cb3ee2e24a0d52a714294f4ec0a212b7be23140d195d779c84ecfa4175592

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=146784
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 16 Sep 2021 04:48:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Bbz8RqHISOENgUkUFI%2BBEOkXD3eYDCddHKV8I7lAqeGyDqiwZ%2BxvDwyqtIu%2FCQiF4dfftCmY6Df5NQzjX81gRrPb%2Fi%2Bj0RJj%2BhQiXS7Khm9mwcBi8QNAO3%2FueABmVB59lxPubNeZZ9s9yMiyuxM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 68ffe36bfcd24e61-FRA
cf-bgj: minify

GET
H3 200 logo-white-c2086eceb44948754113be86ea71da3c26f6bd5659e1e0b61a46f2b34a078b1d.svg
trees.betterplaceforests.com/assets/ 2 KB
2 KB 283ms
282ms Image
image/svg+xml 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/logo-white-c2086eceb44948754113be86ea71da3c26f6bd5659e1e0b61a46f2b34a078b1d.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2086eceb44948754113be86ea71da3c26f6bd5659e1e0b61a46f2b34a078b1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68ffe36e0f264e61-FRA
date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8HYw6P%2F1Uh3ScLfzw7dwwya1jqpfTnlkBg996OsSZjC7084QU%2BynZwZreOPqmBm1rdK8nfjX3GQz%2B7HQtIhdCG0Ev2oAvKgNRmbjYWcMmli8u9Hy%2BMTjnwsEL6PcRATBh%2F9Tl9%2FTTK%2FlvgOV45f"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 logo-light-green-97340a01471ead4e30791167d83394abe236a44c2b00401369febd6474ecb2dc.svg
trees.betterplaceforests.com/assets/ 2 KB
2 KB 288ms
287ms Image
image/svg+xml 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/logo-light-green-97340a01471ead4e30791167d83394abe236a44c2b00401369febd6474ecb2dc.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97340a01471ead4e30791167d83394abe236a44c2b00401369febd6474ecb2dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68ffe36ed82d4e61-FRA
date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ygmAKR3j7au3tALKMDBjZRZze9lX9dD0u2HrC3ap9qXtk15GUTnRZe1JBadvVgQy6r6dIGQaVDeoWRQEUih9ntYk28Vw0srilVdQ6FRY8oO4ERrQixCmX3fSs%2Bx3lp8i1K14qp9%2BJSjEs44T6jRA"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 google-g-logo-5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc.svg
trees.betterplaceforests.com/assets/login/ 2 KB
2 KB 311ms
310ms Image
image/svg+xml 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/login/google-g-logo-5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc.svg

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cf-ray: 68ffe36f38ac4e61-FRA
date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhbNck2Uqx3xZ0d6nAYooUWecQbB%2FvpNM2fzNt%2Bx7iolfxnU5vfiJLZ8efScJw6NjrHui6rUWtoEIfU3kUuFwULDL%2F0OC7p%2FIOaLKznCdAgOhth5K0T%2FTJ9W9FTU30L0x4NPDbv4BbP3qEXiVSgK"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H2 200 / Show response
o617827.ingest.sentry.io/api/5751258/envelope/ 2 B
254 B 77ms
16ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o617827.ingest.sentry.io/api/5751258/envelope/?sentry_key=cbd63a2cf11746b381bb2442a76f8092&sentry_version=7

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://account.betterplaceforests.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
71 KB 65ms
42ms Script
application/javascript 142.250.185.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

079cc1acaa73fe484093f318344ae9b718fb4a90e11b5749510012434499364a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72487
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 Sep 2021 05:20:58 GMT

GET
H3 200 splash-default-73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a.jpg
trees.betterplaceforests.com/assets/login/ 478 KB
479 KB 505ms
505ms Image
image/jpeg 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/login/splash-default-73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a.jpg

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 489809
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=og60sMpgg4bjq%2F6s34HamP1FwDicJ6rQI%2FvklYVrCL34M6HpvlefgbZFpyMeqnVcRetHFq9ukfYDmCDtN4ASQAHnCpwC5h%2BRDeVt1wCU3GS5sDzUjpcn2rVXGJr7OEdKCewYn2pXoAWD6O3TTmQS"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68ffe36f48b74e61-FRA

GET
H3 200 mound-bottom-center-6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407.png
trees.betterplaceforests.com/assets/glyphs/ 11 KB
11 KB 282ms
282ms Image
image/png 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/glyphs/mound-bottom-center-6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407.png

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11141
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJ1FSwOI0mb403R1o5srJ0708gohDav9JETobjj8olI%2Fan1TW7urjOe9%2BfDS7SGw1kgRYjREhpz55TE2D9A4Z8IAE%2BjcUvbyhZQgTMVNg7qsnL8BRGjGRCqgu5P6l0cg7iwGdiHD5AIXNWzHCJXD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68ffe36f48b84e61-FRA

GET
H3 200 leaf-top-left-b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410.png
trees.betterplaceforests.com/assets/glyphs/ 29 KB
29 KB 503ms
502ms Image
image/png 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trees.betterplaceforests.com/assets/glyphs/leaf-top-left-b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410.png

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29254
last-modified: Fri, 25 Sep 2020 17:31:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VUZg2S5tjYuEtAYVUVjqfrjkg5%2B7BJBkY7eV06UqlGQC4KbWDLl9edI8hgiMY7gxmD1Fa2PvVRNzZ4vwqpRYa2keVN7R5RkAFvEjV0pPofOtY6HesvMJ0M3CZ9dDkbSQHBQFYVoM%2FctwYzUHTmOV"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68ffe36f48b94e61-FRA

GET
H2 200 IvarHeadline-Medium.woff
dmrpcq96wq0sx.cloudfront.net/fonts/ 40 KB
40 KB 437ms
400ms Font
application/font-woff 143.204.101.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/IvarHeadline-Medium.woff
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5864ab855fabcf14c9e8174c298293b5f186015db1a332b545b4de4173d29d14

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:21:00 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Thu, 26 Mar 2020 00:19:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "4bb5bcefc77c9e30cd427c61bc3795d2"
access-control-allow-methods: GET
content-type: application/font-woff
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
accept-ranges: bytes
content-length: 40904
x-amz-cf-id: yYxSu3RIH9CmuP_8UaPAcAP-iDDN97D6lodhuJ07siEazaYJdOlKyA==

GET
H3 200 fa-brands-400-5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29.woff2
trees.betterplaceforests.com/assets/font-awesome/ 75 KB
76 KB 521ms
510ms Font
application/font-woff2 104.21.3.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://trees.betterplaceforests.com/assets/font-awesome/fa-brands-400-5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29.woff2

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/fa-icons-35a46193ead0b7717012b7f1f66bd9aaf37134512d9e51bcba3cef651fd29d62.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.3.134 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://trees.betterplaceforests.com/assets/fa-icons-35a46193ead0b7717012b7f1f66bd9aaf37134512d9e51bcba3cef651fd29d62.css
Origin: https://account.betterplaceforests.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
vary: Origin, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET, OPTIONS
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 76612
last-modified: Fri, 25 Sep 2020 17:36:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2I6bjiqb52yiJIJUV3NsMuTJg0KP4m9L4mFgyw02ERxP0ZlJxS747TWgA3m3bCGXIp0F3jndeNh4rKWG3yzdseBUpjmB4yjxXFOErPdV2%2BPOIm%2BkC6tWqG5u9OT6Xj8ZrO%2Bljj9CgOhu%2FZqK%2BVh"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff2
access-control-allow-origin: https://account.betterplaceforests.com
access-control-expose-headers
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 68ffe36f5d5a2b22-FRA

GET
H2 200 DadaGrotesk-Medium.otf
dmrpcq96wq0sx.cloudfront.net/fonts/ 43 KB
43 KB 68ms
31ms Font
binary/octet-stream 143.204.101.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/DadaGrotesk-Medium.otf
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9c4610cf09b0da7ffd407728bd3d1aed506dc5f4b018375f3615ef7b6156a8d

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:08:15 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 18:08:50 GMT
server: AmazonS3
age: 4363
etag: "c06bee5ce7045b2bf9c4cccbee32dc82"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 43668
x-amz-cf-id: TWYmCN2c5Lz2COmT5JCJNFJdSrghgtEwBAIbwGQNfb-F6cqkm5R0Vw==

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 57ms
16ms Font
font/woff2 142.250.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f3.1e100.net

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://account.betterplaceforests.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:55:08 GMT
x-content-type-options: nosniff
age: 426350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 06:55:08 GMT

GET
H2 200 DadaGrotesk-Book.otf
dmrpcq96wq0sx.cloudfront.net/fonts/ 45 KB
45 KB 48ms
12ms Font
binary/octet-stream 143.204.101.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmrpcq96wq0sx.cloudfront.net/fonts/DadaGrotesk-Book.otf
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/assets/dashboard-b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-62.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b30d8f9c0a7cceeae8e7cd2de328d17501ffc31a81a010110a3e335c1f8377a

Request headers

Referer: https://trees.betterplaceforests.com/
Origin: https://account.betterplaceforests.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 04:08:16 GMT
via: 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 18:08:48 GMT
server: AmazonS3
age: 4363
etag: "d320824c61f918fbc909fe91dbef0bba"
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 45836
x-amz-cf-id: c7qMlMS9zwUe_9ZgGj0IpN_4bgEpsYtTDxKWinJJcggNd30UA4hd9A==

GET
H3

200

analytics-8deb0b7c14380b07a8f8.js Show response
tracking.betterplaceforests.com/packs/js/
Redirect Chain

https://tracking.betterplaceforests.com/analytics.js
https://tracking.betterplaceforests.com/packs/js/analytics-8deb0b7c14380b07a8f8.js

93 KB
30 KB

17ms
17ms

Script
application/javascript

172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.betterplaceforests.com/packs/js/analytics-8deb0b7c14380b07a8f8.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83b89751f365049deeff0a9a0bbf7bd901c71bbea41d204a7efd229c6502fa45

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7951
cf-polished: origSize=95771
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 14 Sep 2021 21:15:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hic7bBF2O%2BcraK6gIaNYnGEXL6rboB5QzKscjp1sANK9Qn6nFKAfbEdMT3Cf38lleoydtP6GkN9Ya5syA9Y7y56Peaz1af3puAwFEcMylkSH%2FmZufe9%2Bgad79p8wOXb5molm%2F5GOk688mUglXskJuv37"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31556952
cf-ray: 68ffe371ebe94e61-FRA
cf-bgj: minify

Redirect headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BiYqKR2fseWX60r4v61ig%2FBZ2sfuasKejq%2BGxbq0Xu8rPo1njonRFT%2FPimngTSA1d6I4kv2RDZjOsCJpcKc9SjszpUn2g43kGDJXEZxceOdw6XCDlrSvhO62fhCLoCzo81%2F7adNtqXOK7GmKiCmpQMUJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 85245a1e-d8cf-4431-aece-236a12431894
x-runtime: 0.001473
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
location: https://tracking.betterplaceforests.com/packs/js/analytics-8deb0b7c14380b07a8f8.js
cache-control: max-age=14400
cf-ray: 68ffe36ff9362b1a-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 57ms
16ms Script
text/javascript 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2041
date: Fri, 17 Sep 2021 04:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 17 Sep 2021 06:46:57 GMT

GET
H2 200 0448.js Show response
script.crazyegg.com/pages/scripts/0069/ 5 KB
2 KB 372ms
341ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0069/0448.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7a24c56428c3bed55e8e94082df46da3949f6309ba129ab7bc27161152583d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 68ffe3702bdd27bc-PRG
ce-version: 11.1.331
content-length: 1856
last-modified: Fri, 17 Sep 2021 05:20:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 75ms
34ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14047
x-xss-protection: 0
server: cafe
etag: 13691176309111193505
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 17 Sep 2021 05:20:58 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 36ms
6ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: gzip
fastly-restarts: 1
last-modified: Wed, 25 Aug 2021 16:20:44 GMT
etag: "934b8997f9fc81b2d0e16fca4cd0b8bb+gzip"
vary: Accept-Encoding,Host
x-tw-cdn: FT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-geo-cc_and_ra: DE-NW
cache-control: no-cache
x-cache: HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2119
x-served-by: cache-fra19182-FRA

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
875 B 41ms
7ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-check-cacheable: YES
x-cdn: akamai
x-akamai-pragma-client-ip: 10.86.102.155, 80.155.7.50
etag: "57947439b864e017feed0d94316d5a8c"
x-serial: 6449
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 22ms
7ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: jOk7j2Wt+87yOIB2md21fxY5VljwMB9YzMLUysHIe2jsNpK9oNFTUkerq3NrosPPIToKc4o2r5zvUPct/m8PFg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 17 Sep 2021 05:20:58 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 proof.js Show response
cdn.useproof.com/ 486 KB
487 KB 42ms
15ms Script
application/javascript 104.21.4.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proof.js?acc=gO3thKtwhTUusGvkLBPaO9C46Np1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15408559
cf-ray: 68ffe3701eb71f51-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 497733
x-amz-id-2: H6ZIkpihwD2NWJAmkNq/mx8uBgwQVsnR4HeMriixdJ7+y9Z5MBq6CTVi0htNuiAnVtjEeIcxm2I=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "0426397a9b31146729ac86c5be8595d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R8i7YZNDvNsl8ikZy4Xm227hMc0jr2JKCSqOGEdIJpVAw89fWyUiZFnnlge%2B4JRm28cH3eSSX2JQ9Nqm9qRAe24eun9oFmMvWhnCvETXNPycsUMrRBFB%2BpTSxeQptRAJYUZ4"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: G7YP0C5YWHNJMG64
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges: bytes
content-type: application/javascript
cf-bgj: minify

GET
H2 200 api.min.js Show response
a.optmnstr.com/app/js/ 206 KB
58 KB 66ms
6ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.optmnstr.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 09/16/2021 03:41:28
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 17:44:22 GMT
cdn-proxyver: 1.0
cdn-fileserver: 188
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: f4708eafd5a48433a044e7abd4e692e3
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1183282/ 74 KB
25 KB 134ms
112ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1183282/tfa.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 526c63fb1c51d884acdf719cfb347948e80f24cde37d74965dc64128c336fe47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: JY9EyD0._MlRIHUVoCOHkcMc7wFMzO5x
content-encoding: gzip
etag: "8ff97fb1fb487ce509c0a99f8a4f7044"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 24765
x-amz-id-2: ZWciswpHjM1dKLvR0D2Rzw5iS0/5dczmhBpgXmfK6PmqlIuaSVPwGJobrZjBB3VfENl4+/9/DXM=
x-served-by: cache-hhn4029-HHN
last-modified: Mon, 09 Aug 2021 10:17:08 GMT
server: AmazonS3
x-timer: S1631856059.900240,VS0,VE106
date: Fri, 17 Sep 2021 05:20:59 GMT
vary: Accept-Encoding
x-amz-request-id: CHGDM96TJFDFJMHN
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 64
x-cache-hits: 1

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 136ms
7ms Script
application/javascript 87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Fri, 17 Sep 2021 04:39:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2519
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: SSMYKI2Pxj6sDijbsD7N0slhlXbyth2vHHWdRpaxlbLJE4zlHEZ+YCtsewEh4yC7YSH41tw7a4c=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: FNYTHT666Y8KDPJV
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 / Show response
e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com/ 480 B
761 B 155ms
104ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 288fd98ecd0bffe5929a7c01e4ef844614d4a67c172caa9a8e1645fc3f8f5dcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: f4c14c86217cb94f98de9beb8d234d90-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: FyrVPF7BDoEFjxQ=

GET
H2 200 bat.js Show response
bat.bing.com/ 34 KB
10 KB 105ms
44ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref: Ref A: A421198ED7F347B986577F04384D564B Ref B: PRG01EDGE0706 Ref C: 2021-09-17T05:20:58Z
etag: "80386a5f63aad71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9827

GET
H/1.1 200
OK / Show response
api.ipify.org/ 32 B
216 B 465ms
112ms Script
application/javascript 50.19.227.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GP5B8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.227.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-227-64.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: 14fe203f63388f9c452deba057a3f09e058116b01d4ed188650cc566617b9877

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 32
Vary: Origin
Content-Type: application/javascript

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 49ms
13ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Jun 2021 09:47:31 GMT
Server: AkamaiNetStorage
ETag: "fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3100
Expires: Fri, 17 Sep 2021 05:40:58 GMT

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ 9 KB
4 KB 62ms
20ms Script
application/javascript 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
Content-Encoding: gzip
Age: 2427
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21982-LGA, cache-fra19172-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.13.10
X-Timer: S1631856059.004712,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 10 Jun 2021 04:37:09 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 264

GET
H2 200 ndp.js Show response
ads.nextdoor.com/public/pixel/ 6 KB
3 KB 558ms
168ms Script
application/javascript 44.229.7.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.nextdoor.com/public/pixel/ndp.js

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.229.7.188 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-229-7-188.us-west-2.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

54e739d94e2c019350cffd867c30450beb4eb8e876f6ff6645bdf4f807cba063

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
last-modified: Thu, 16 Sep 2021 23:46:12 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6143d744-197d"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=0

GET
H2 200 A2948395-5f3d-4c29-b5a9-4af02c9457d71.js Show response
utt.impactcdn.com/ 41 KB
13 KB 177ms
128ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://utt.impactcdn.com/A2948395-5f3d-4c29-b5a9-4af02c9457d71.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0b8b36190ab69387913d084dff06c7d16a8eee34faa98f73ae31291c5b2c2491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ADPycdvGpofMu8FboJiT_3ImbnFy-_mlFAwwIRYNAsxhsq-K3Nnsm-Wp3LyvRisG9iMKaBaJJbhfDHqK806M5ud4wc97lXcg1w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 12929
last-modified: Fri, 10 Sep 2021 17:30:59 GMT
server: UploadServer
etag: "a1e1ca3493211365366f2ba2502544a3"
vary: Accept-Encoding
x-goog-hash: crc32c=NCvfJw==, md5=oeHKNJMhE2U2byuiUCVEow==
x-goog-generation: 1631295058907852
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 12929
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Fri, 17 Sep 2021 05:25:59 GMT

GET
H2 200 activity;xsp=4724872;ord=4722370292714.195
pubads.g.doubleclick.net/ 42 B
656 B 58ms
18ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4724872;ord=4722370292714.195?

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DFPAudiencePixel;ord=9390054662151.344;dc_seg=6519067624
pubads.g.doubleclick.net/activity;dc_iu=/423686928/ 42 B
209 B 91ms
53ms Image
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/423686928/DFPAudiencePixel;ord=9390054662151.344;dc_seg=6519067624?

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 150320322048178 Show response
connect.facebook.net/signals/config/ 317 KB
89 KB 128ms
119ms Script
application/x-javascript 31.13.92.14
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/150320322048178?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

31.13.92.14 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-frt3.fbcdn.net

Software

Resource Hash

c8efcc7f905eb72c36aac41396bf532388175d9bac6377ac8c3c66812fbe805b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: /CjS1fBbmua92Jbb9JuAOK9c6J5fs1AzXUS9aYje4SJR8QN6x6Df3OYhxAtIIYYTP/r7LxDlm/ZeL8bOlUUcKQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 17 Sep 2021 05:20:59 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
659 B 129ms
113ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o3f63&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 17 Sep 2021 05:20:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 5fc9dc751b51fab0b9d70f117d97f5599d4a3447c5bc394bc053f59aaf353739
x-transaction: f70f84625282af73
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 137ms
119ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=2.0.3&p_id=Twitter&p_user_id=0&txn_id=o3f63&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Fri, 17 Sep 2021 05:20:59 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: d42992d399e888177e45e3e7137d25a6b836dd6041d3eb5e6323f303e4d8729f
x-transaction: e1ba6e34cceed7fd
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 main.c6ca189a.js Show response
s.pinimg.com/ct/lib/ 50 KB
17 KB 7ms
6ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.c6ca189a.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "6ed3b8d9c0f104e8bf55431013d34078"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 17534
access-control-expose-headers: X-CDN

GET
H2 200 / Show response
ct.pinterest.com/user/ 493 B
833 B 61ms
33ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2614155927391&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1631856058925

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.4599645f.1631856058.5883fe6d
x-envoy-upstream-service-time: 2
x-pinterest-rid: 3481559943774183
pin-unauth: dWlkPVltTmhPV0kyWXpJdFl6Z3dZaTAwWkdReUxXSXhNelF0TURjM09XRm1aR00xWlRNeA
access-control-allow-origin: https://account.betterplaceforests.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 342
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 31ms
31ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614155927391&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1631856058927

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4599645f.1631856059.5883fea3
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1288969723849077
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 34ms
33ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2614155927391&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22c6ca189a%22%2C%22floc_enabled%22%3Afalse%2C%22ecm_enabled%22%3Afalse%7D&cb=1631856058928

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4599645f.1631856059.5883fea5
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1317875760810086
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
441 B 42ms
14ms XHR
text/plain 74.125.206.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-76462120-1&cid=1582788820.1631856059&jid=1381161831&gjid=1058334299&_gid=794522063.1631856059&_u=YGBAiAABBAAAAE~&z=1365863544

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 17 Sep 2021 05:20:58 GMT
content-type: text/plain
access-control-allow-origin: https://account.betterplaceforests.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
14ms Image
image/gif 142.250.185.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1083597155&t=pageview&_s=1&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&ul=en-us&de=UTF-8&dt=Better%20Place%20Forests&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABB~&jid=1381161831&gjid=1058334299&cid=1582788820.1631856059&tid=UA-76462120-1&_gid=794522063.1631856059&gtm=2wg9f05GP5B8&z=646834585

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.174 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 17:42:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41914
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/671627565/ 2 KB
2 KB 42ms
19ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/671627565/?random=1631856058958&cv=9&fst=1631856058958&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&tiba=Better%20Place%20Forests&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e7b76c6022e19b73ec666006c73e88df8158dceb5fe9d2fcc640594157d1a44d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1001
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 55519 Show response
api.omappapi.com/v2/embed/ 227 B
827 B 189ms
159ms XHR
application/json 18.66.112.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/55519?d=account.betterplaceforests.com
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Pagely Gateway/1.5.1 /
Resource Hash: 5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
x-cache-config: 0 0
x-amz-cf-pop: FRA56-P5
x-cache-status: MISS
x-cache: Miss from cloudfront
content-length: 227
x-optinmonster-account: 62491
x-user-agent: standard--
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: Pagely Gateway/1.5.1
etag: "b91e5dc54e033e761837b7b846da520f"
vary: Accept-Encoding, User-Agent
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-headers: X-CSRF-Token
x-amz-cf-id: CXrchOmHXXgxRTTeSqCwv_vE4ITQ7vLF6XGmWMBJ_uCCGWyMHPeNrg==
expires: Fri, 17 Sep 2021 05:21:29 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
275 B 56ms
37ms XHR
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.4599645f.1631856059.5883fe9d
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 7547123089958891
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 40ms
18ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-76462120-1&cid=1582788820.1631856059&jid=1381161831&_u=YGBAiAABBAAAAE~&z=1654751257

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 350ms
88ms Script
application/javascript 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00c26e051cf62b22145a882bd98bed99eb
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
X-TraceId: e74b7b4a52be71e4be110297cd73082d
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 349ms
87ms Image
image/gif 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00c26e051cf62b22145a882bd98bed99eb&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&optOut=false&bust=09030355617879944
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
Cache-Control: no-cache
X-TraceId: df23be4d55281ca29bb2a34a1342d709
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK pixie
ib.adnxs.com/ 42 B
339 B 41ms
12ms Image
image/gif 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=2c0bab20-6ab3-4250-b339-741f1f0b6456&it=1631856059010&v=0.0.20&u=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&st=1631856059010&et=1631856059010&if=0
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 731.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: nginx/1.17.9 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.17.9
Connection: keep-alive
X-Proxy-Origin: 216.131.114.169; 216.131.114.169; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H2 200 json Show response
trc.taboola.com/1183282/trc/3/ 2 KB
1 KB 28ms
21ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1183282/trc/3/json?tim=1631856059021&data=%7B%22id%22%3A512%2C%22ii%22%3A%22%2Fusers%2Fsign_in%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1631856059017%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-chasebetterplaceforestscom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1631856059021%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A100%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1183282/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dcb15d9706d2d98992ec24247b53335f7a569cb5f5d45cf7798ae7f2d10d6ae6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 16
date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
server: nginx
x-timer: S1631856059.155338,VS0,VE16
x-served-by: cache-hhn4029-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 204 26183508.js Show response
bat.bing.com/p/action/ 0
110 B 184ms
183ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/26183508.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 05:20:58 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: D2C0EBE20ED54D1A9E813A415144DDFA Ref B: PRG01EDGE0706 Ref C: 2021-09-17T05:20:59Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
151 B 44ms
44ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26183508&Ver=2&mid=dd1920d8-a980-4b77-9f87-68a71929e459&sid=0abc6460177711ec8d5fc50e3ebdd785&vid=0abc8470177711ec821c97cbcf3c2ae3&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Better%20Place%20Forests&p=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&r=&lt=1120&evt=pageLoad&msclkid=N&sv=1&rn=218987
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 17 Sep 2021 05:20:58 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: CBFE8071B99E4267A38D827A9C3CA9A4 Ref B: PRG01EDGE0706 Ref C: 2021-09-17T05:20:59Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10076483.json Show response
s.yimg.com/wi/config/ 2 B
485 B 124ms
110ms XHR
application/json 87.248.118.23
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10076483.json

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

e2.ycpi.vip.deb.yahoo.com

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 2GXXYJRDDKAKY5WM
x-amz-id-2: Dz79w113jOiJVQSz3yQU0Hb90lsyBt3E9tcFmGkt/BFvVtNxobPWrZ69r+5Yw6fd1Fp+NIib26o=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 config Show response
analytics.betterplaceforests.com/.open-bridge/ 684 B
864 B 510ms
166ms XHR
application/json 18.144.24.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.betterplaceforests.com/.open-bridge/config?pixel_id=150320322048178
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.144.24.3 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-144-24-3.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6b91856412395479038df49a920941eb82db22e2aec188fe39a1db40aa23f665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

via: kong/2.4.1
x-kong-proxy-latency: 0
vary: origin
content-type: application/json
access-control-allow-origin: https://account.betterplaceforests.com
x-kong-upstream-latency: 1
access-control-allow-credentials: true
content-length: 684

GET
H2 200 /
www.facebook.com/tr/ 44 B
426 B 22ms
7ms Image
image/gif 31.13.92.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=150320322048178&ev=PageView&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&rl=&if=false&ts=1631856059067&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631856059064.251542864&eid=ob2_plugin-set_295ce9c34a6cc8156c862809c759402acfe1a7f8a7406d0c7bfa69bb3c621721&it=1631856058903&coo=false&exp=p1&rqm=GET

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.36 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frt3.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 17 Sep 2021 05:20:59 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/671627565/ 42 B
154 B 18ms
18ms Image
image/gif 142.250.186.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/671627565/?random=1631856058958&cv=9&fst=1631854800000&num=1&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg9f0&sendb=1&frm=0&url=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&tiba=Better%20Place%20Forests&async=1&fmt=3&is_vtc=1&random=2667810926&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:20:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sp.pl
sp.analytics.yahoo.com/ 43 B
964 B 117ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2017%20Sep%202021%2005%3A20%3A59%20GMT&n=0&b=Better%20Place%20Forests&.yp=10076483&f=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&enc=UTF-8&yv=1.10.1&tagmgr=gtm

Requested by

Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:20:59 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Fri, 17 Sep 2021 05:20:59 GMT

OPTIONS
H3 200 page_visits
tracking.betterplaceforests.com/ Frame 0
0 320ms
319ms Preflight 104.21.3.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.betterplaceforests.com/page_visits
Protocol: H3
Server: 104.21.3.134 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://account.betterplaceforests.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
access-control-allow-origin: https://account.betterplaceforests.com
access-control-allow-methods: POST
access-control-expose-headers
access-control-max-age: 7200
access-control-allow-credentials: true
access-control-allow-headers: content-type
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Au6pIu7ex7rNVp8pkiJufzVv1LjJ2fzS7Fh6eGmy5jjTYNey4Iu1uS5R3V8HDRrLJ3XepEQZOV9Z5Vm%2FGq7wiAfmG5gOhdsnayCg9xsJbjBYBoyU4VhiT2GcnkjXVh10YxcL5%2B9%2Bep7jhkEWQqvt6I8a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ffe37218d12b22-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

POST
H3 200 page_visits Show response
tracking.betterplaceforests.com/ 0
904 B 325ms
325ms XHR
application/json 172.67.130.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.betterplaceforests.com/page_visits

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.130.188 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
cf-ray: 68ffe3741ece4e61-FRA
access-control-allow-methods: POST
content-encoding: br
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 713cf404-2f27-420d-8c14-d0633414bc9c
x-runtime: 0.013723
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YGHKceID64j01H%2Fe0xQpecUQ2AT6ujH8jYH6zJ7xFV7wRireEFoy7xeAEIYNfnDjztHcp1ENRSuybo7ZLyqvsyCoEcvu6q2dWL3Smr1157ux%2BDHpBu38b9tSnNui4pkCCaywbG%2BV0LFTZkUel4utKyOi"}],"group":"cf-nel","max_age":604800}
x-download-options: noopen
access-control-allow-origin: https://account.betterplaceforests.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-expose-headers
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 index.html Show response
cdn.useproof.com/proxy/ Frame 915D 325 B
795 B 155ms
139ms Document
text/html 104.21.4.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/index.html
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=gO3thKtwhTUusGvkLBPaO9C46Np1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

:method: GET
:authority: cdn.useproof.com
:scheme: https
:path: /proxy/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.betterplaceforests.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-type: text/html
content-length: 325
x-amz-id-2: Zrb5g/PHGrW+h43N3B2H8TLt/iuWtYu65nIzhBpsZqou9pg1ulXl853KvZVkLU8jYDsEP8e3fLo=
x-amz-request-id: 2GXYQRA3B0JXRQ0Y
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
etag: "f92252b1f21fd30ac52b59395971ecdb"
cache-control: max-age=315360000, no-transform, public
x-amz-version-id: 6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges: bytes
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVfGtWS9xNMxIETbREFNpl0zbLFelTzdGH5p5t4nEH3dgDj43Yr3miHRep1xmxlANd9cINSwkggKl4or07HhmFiR7ypE8Xo4FQ5r14eHj2oVMCbGJ9yMYkaofWPsOtdYTkxg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 68ffe37268811f51-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 32ms
7ms Script
application/javascript 143.204.98.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com
URL: https://e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-47.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:54:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 3846366
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ad46d498157a92ab1076f74db460670d.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: X31Bht_lHIsdoRDgh9MCUPmJifXbfXxCygjh-wcTp-7o7oJ2PFPVKg==

GET
H2 200 0448.json Show response
script.crazyegg.com/pages/data-scripts/0069/ Frame F6D4 8 KB
2 KB 196ms
162ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0069/0448.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0069/0448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820c043ebb768a2f07db85e439d64c07f562af46868196875d39455266c00819

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 68ffe372cd3cf9e2-PRG
ce-version: 11.1.331
content-length: 1510
last-modified: Fri, 17 Sep 2021 05:20:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.5.0/ Frame 915D 389 KB
114 KB 30ms
8ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.5.0/firebase.js

Requested by

Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 04:05:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116073
x-xss-protection: 0
last-modified: Tue, 03 Oct 2017 14:56:39 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 04:05:01 GMT

GET
H2 200 proxy.js Show response
cdn.useproof.com/proxy/ Frame 915D 112 KB
112 KB 13ms
13ms Script
application/javascript 104.21.4.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.useproof.com/proxy/proxy.js
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.useproof.com/proxy/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15408557
cf-ray: 68ffe373594d1f51-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 114404
x-amz-id-2: 5/9ljZ7zvso1tKgr2uUjGG0wYyTFt7319aXsf5sMbUgzD/ozDN82XQLnlr5kT1FHpC0gZcdYGgQ=
last-modified: Mon, 29 Jun 2020 14:15:25 GMT
server: cloudflare
etag: "9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1xMT0dEKh%2B2rB7MI1y%2FV5%2BQMdkUqzaHQWNY4tDGfes5VuhrTKnRW84rE%2F61Fj1KjonVrX4FVsnl49GKjtxB1jANh4AY3h8%2BrpURV0pDl3rrqeOVMX3YYeIZncYgZusAxT8p"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: AKJNGBSW6PDMDT22
cache-control: public, max-age=315360000, no-transform
x-amz-version-id: FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges: bytes
content-type: application/javascript
cf-bgj: minify

GET
H2 200 11.1.331.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 64 KB
21 KB 19ms
18ms Script
text/javascript 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0069/0448.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 25 Aug 2021 14:00:21 GMT
server: cloudflare
age: 645462
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 68ffe373efbc27bc-PRG
content-length: 21512

GET
H2 200 gO3thKtwhTUusGvkLBPaO9C46Np1 Show response
api.useproof.com/pixel/ Frame 915D 178 B
1 KB 352ms
311ms XHR
application/json 104.21.4.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.useproof.com/pixel/gO3thKtwhTUusGvkLBPaO9C46Np1?url=https:%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.4.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3da9f9ce183abed31a6f36cbe160650524f58b49be5cae34b42e06aa3b29ac0

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 178
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date: Fri, 17 Sep 2021 05:20:59 GMT
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 8afbf9e4-276e-4999-96bc-ee6d618ae15a
surrogate-control: no-store
x-cache: Miss from cloudfront
cf-cache-status: DYNAMIC
content-encoding: br
x-amz-apigw-id: FyrVXHUWoAMFYfw=
pragma: no-cache
server: cloudflare
etag: W/"b2-0rTfF3btUY5YHABD6+4cUp+zRk4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7daPgPtreGLQMxmRZqvsuEApX6NzVEgaUj%2F%2FY%2B2L%2BleOiWKNZbE5UbJ1IlGQ3vn5NPc%2BD%2FxwWxW4A%2Fu5dyhLB445GFyR%2Bj0ws5TMZhUZi2i52iuvMFriYvO2skYJtUTkNda"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 68ffe3742ad05c1a-FRA
x-amz-cf-id: oN5KdKiU5VrvKVXtMuyUziF7BpLVEZIs6qz5Bt7cWnueD4AvaYsyBQ==
x-amzn-remapped-connection: keep-alive
expires: 0

GET
H2 204 pixel
flask.nextdoor.com/ 0
112 B 610ms
171ms Image
text/plain 35.83.45.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flask.nextdoor.com/pixel?pid=aa8a6efd-e15b-4abf-af44-aacb9e3f4b4a&ev=PAGE_VIEW&pl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&ndclid=&rf=&sem=&tm=0
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.83.45.36 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-83-45-36.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:21:00 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
context-id: 68d1d66d-68f3-4d21-ab9b-9c26e83e8943

GET
H2 200 0448.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0069/ Frame F6D4 46 B
129 B 145ms
145ms XHR
application/json 104.19.147.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0069/0448.json?t=453293
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.147.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: gzip
cf-cache-status: MISS
cf-ray: 68ffe3740e58f9e2-PRG
ce-version: 11.1.331
content-length: 65
last-modified: Fri, 17 Sep 2021 05:20:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 sockjs.min.js Show response
cdn.jsdelivr.net/npm/sockjs-client@1/dist/ 63 KB
19 KB 22ms
6ms Script
application/javascript 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sockjs-client@1/dist/sockjs.min.js

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/150320322048178?v=2.9.45&r=stable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa5f20976c7544e011c06991f4a817cb545dba0fbc31f3bf29b142da2c3cc0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 6833
x-jsd-version: 1.5.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 19454
etag: W/"fb03-SldsqCf8VrMnD+GJZuiSqb7qf+Q"
x-served-by: cache-fra19182-FRA, cache-hhn4046-HHN
x-jsd-version-type: version
date: Fri, 17 Sep 2021 05:20:59 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 vertx-eventbus.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vertx/3.9.1/ 4 KB
2 KB 58ms
24ms Script
application/javascript 104.16.19.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vertx/3.9.1/vertx-eventbus.min.js

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/150320322048178?v=2.9.45&r=stable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeb793f6c13305a36c4da93535930d186edfcdb701d964db8ebadb2e9ddaacf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 545009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1338
timing-allow-origin: *
last-modified: Sat, 30 May 2020 00:52:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed1ae3b-118e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAAIFN1TQ0kdpoB%2Br56qUxFFu1PBxHVJ8GESkG%2BTj5Z53VTyWiuZM2cRgN22%2BKQI99TM5wZex5iMDzEddSAIOs1FKdr9KwmnZU7%2FjJaaLLouiS0%2F3G3LNvIRdPA1mLd1tT9W7ql3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68ffe374ccc3f9e6-PRG
expires: Wed, 07 Sep 2022 05:20:59 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ Frame F6D4 29 B
136 B 114ms
39ms XHR
text/plain 54.73.172.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1631856059691
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.331.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.172.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: dfa1d7251ae6d0aa683403cdf10a7598c8e51b99e10e467ed35aaf99ae31e80b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 05:20:59 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
H2 200 info Show response
analytics.betterplaceforests.com/eventbus/ 78 B
311 B 165ms
165ms XHR
application/json 18.144.24.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.betterplaceforests.com/eventbus/info?session_id=abb8fc288fbe87a305e6ea4cee11ec24452e11b95d77f129ac6660bdd4ec05c1&t=1631856059695
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.144.24.3 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-144-24-3.us-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2155c13804da25aa0ecdd87c159ab50843472aab861688f6b960b5c7c16f572d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

via: kong/2.4.1
x-kong-proxy-latency: 1
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://account.betterplaceforests.com
x-kong-upstream-latency: 0
cache-control: no-store, no-cache, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 78

POST
H2 200 / Show response
o617827.ingest.sentry.io/api/5751258/envelope/ 41 B
107 B 28ms
28ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o617827.ingest.sentry.io/api/5751258/envelope/?sentry_key=cbd63a2cf11746b381bb2442a76f8092&sentry_version=7

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e86ac39626402502741cd9f09b19db7d1233129786927bcc36bd3d58719e90d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 Sep 2021 05:20:59 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://account.betterplaceforests.com
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

OPTIONS
H/1.1 204
No Content register
live-visitor-counts.herokuapp.com/lvc/ Frame 0
0 401ms
100ms Preflight 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Protocol: HTTP/1.1
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://cdn.useproof.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Headers: Origin,Content-Length,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin: https://cdn.useproof.com
Access-Control-Max-Age: 43200
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Date: Fri, 17 Sep 2021 05:21:00 GMT
Via: 1.1 vegur

POST
H/1.1 200
OK register Show response
live-visitor-counts.herokuapp.com/lvc/ Frame 915D 0
200 B 102ms
102ms XHR
text/plain 54.146.248.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://live-visitor-counts.herokuapp.com/lvc/register
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-146-248-82.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://cdn.useproof.com
Date: Fri, 17 Sep 2021 05:21:00 GMT
Via: 1.1 vegur
Server: Cowboy
Connection: keep-alive
Content-Length: 0
Vary: Origin

GET
H2 200 track Show response
analytics.proofapi.com/ Frame 915D 66 B
816 B 240ms
216ms XHR
application/json 172.67.180.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522gO3thKtwhTUusGvkLBPaO9C46Np1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%25228908a5a4-3e4a-4d91-8e35-76ca102d0da0%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Faccount.betterplaceforests.com%252Fusers%252Fsign_in%2522%252C%2522cleanUrl%2522%253A%2522account.betterplaceforests.com%252Fusers%252Fsign_in%2522%252C%2522domain%2522%253A%2522account.betterplaceforests.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Faccount.betterplaceforests.com%252Fusers%252Fsign_in%2522%257D
Requested by: Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.180.171 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 041a65b5e6aac923f11a2ebc19a1dbfebbe35b1d5aacac24495394ea62d8284c

Request headers

Accept: application/json, text/plain, */*
Referer: https://cdn.useproof.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 17 Sep 2021 05:21:00 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
etag: W/"42-B87r7woujXASqmSUtd/fCQmeUUA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKT5lx%2BbqrFaL04bHWiv4y9itFSQbzx%2FTJsYIibz1NU2bEOmMq3z9LMfspeocRbvYBGFp0GVOYinF%2B%2FWJmh1oTuuZKUoDDDcCQPPexoMH7WHzP6yAePw7ZZZ3B8wsU7AyQwubpO9vuoz"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn.useproof.com
access-control-allow-credentials: true
cf-ray: 68ffe37658422b1e-FRA
access-control-allow-headers: X-Requested-With,content-type

POST
H2 200 / Show response
api.amplitude.com/ 7 B
168 B 507ms
170ms XHR
text/html 52.24.245.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.245.7 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-245-7.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://account.betterplaceforests.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 17 Sep 2021 05:21:00 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 23ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: account.betterplaceforests.com
URL: https://account.betterplaceforests.com/users/sign_in
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: VW8CCHGKR4ZK6Z03
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: MncX4xvX6G/3ZCVU9xhgX1JCQw12l3nC4XnJi5uFxOrjvkq6VeBL/9/vLuSPh4OyPAeJ00ESZNY=
x-served-by: cache-fra19169-FRA
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1631856060.145960,VS0,VE0
date: Fri, 17 Sep 2021 05:21:00 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2330

GET
H/1.1 200
OK NRJS-97d5b27c82082bb4b40 Show response
bam-cell.nr-data.net/1/ 49 B
921 B 602ms
572ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/NRJS-97d5b27c82082bb4b40?a=501669247&v=1210.e2a3f80&to=dlZXR0QNVA0ERElERVBLShxFB0sSCFkIQhlbXE4%3D&rst=2492&ck=1&ref=https://account.betterplaceforests.com/users/sign_in&qt=1&ap=8&be=1083&fe=2462&dc=1120&perf=%7B%22timing%22:%7B%22of%22:1631856057664,%22n%22:0,%22r%22:0,%22re%22:357,%22f%22:357,%22dn%22:357,%22dne%22:357,%22c%22:357,%22ce%22:357,%22rq%22:358,%22rp%22:478,%22rpe%22:573,%22dl%22:482,%22di%22:1119,%22ds%22:1119,%22de%22:1120,%22dc%22:2462,%22l%22:2462,%22le%22:2463%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1128&fcp=1128&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 17 Sep 2021 05:21:00 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRSAQEIUFlbFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoHA1ULVnRMB05WAhtDV1IJUAACUFsPA1FTAgQGUUBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 68ffe37838a3f9de-PRG

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=150320322048178&ev=Microdata&dl=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in&rl=&if=false&ts=1631856060572&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22titl...
https://cx.atdmt.com/?c=5626401182732436221&f=AYz0zmrzqt18-gtRrmWA3O77nZtjGleOThEG5LNTOKf56Zdwp11-W56O80xiJvB2e8kPgJUCcM0AsdldktCaMk4B&id=150320322048178&l=3&v=0

43 B
581 B

66ms
28ms

Image
image/gif

31.13.92.2
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=5626401182732436221&f=AYz0zmrzqt18-gtRrmWA3O77nZtjGleOThEG5LNTOKf56Zdwp11-W56O80xiJvB2e8kPgJUCcM0AsdldktCaMk4B&id=150320322048178&l=3&v=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.92.2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-atlas-shv-01-frt3.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: pXJEFWKFQWIEZp0oKx8TUuHfM+y0yIymsLteMfzQvrUjho6jtiOfFUZKug1NZ3GD0HZuuCqF5lhDWceSQ8C2UQ==
content-encoding: br
x-content-type-options: nosniff
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 17 Sep 2021 05:21:00 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 17 Sep 2021 05:21:00 GMT
server: proxygen-bolt
content-type: text/plain
location: https://cx.atdmt.com/?c=5626401182732436221&f=AYz0zmrzqt18-gtRrmWA3O77nZtjGleOThEG5LNTOKf56Zdwp11-W56O80xiJvB2e8kPgJUCcM0AsdldktCaMk4B&id=150320322048178&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1183282/log/3/ 0
256 B 43ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1183282/log/3/unip?en=pre_d_eng_tb&tos=1555&scd=100&ssd=1&est=1631856059019&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1631856060575&vi=1631856059017&ri=7719dea3c99636944d4226ebf3a5a1bc&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://account.betterplaceforests.com
pragma: no-cache
date: Fri, 17 Sep 2021 05:21:00 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1183282/log/3/ 0
255 B 14ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1183282/log/3/unip?en=pre_d_eng_tb&tos=4557&scd=100&ssd=1&est=1631856059019&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1631856063577&vi=1631856059017&ri=7719dea3c99636944d4226ebf3a5a1bc&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Faccount.betterplaceforests.com%2Fusers%2Fsign_in
Requested by: Host: trees.betterplaceforests.com
URL: https://trees.betterplaceforests.com/packs/js/error_tracking-85dc23fee0bbe89186dd.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.betterplaceforests.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://account.betterplaceforests.com
pragma: no-cache
date: Fri, 17 Sep 2021 05:21:03 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
account.betterplaceforests.com/	1969-12-31 23:59:59	Name: _trees_session Value: 1cJ%2B6vWbdCzpC7g7%2BN%2FWHCZwlonUIMb9cntV0ilfKSe%2BKKQbRzFCl%2B3Grx5RkDpoo9b%2F8i06nIMQNnIyJY%2B67dgAGkE0zQNqUaRZXPOZ72Pr%2FB86Q0vEs%2BmJkU%2BnyYb6yQKK4TEvpqhYnXEfdgXLeDzofBAbK29PlZKWelKmacwVWw%3D%3D--HsFudQ0YPm8hh4Ha--fgIABDaLcko9DcLkbAsAkw%3D%3D
.betterplaceforests.com/	1970-01-19 23:27:12	Name: _gcl_au Value: 1.1.642329198.1631856059
.betterplaceforests.com/	1970-01-20 14:48:48	Name: _ga Value: GA1.2.1582788820.1631856059
.betterplaceforests.com/	1970-01-19 21:19:02	Name: _gid Value: GA1.2.794522063.1631856059
.betterplaceforests.com/	1970-01-19 21:17:36	Name: _dc_gtm_UA-76462120-1 Value: 1
account.betterplaceforests.com/	1970-01-23 21:16:09	Name: _omappvp Value: PDa7Zd83JLYJWt3UiQIUVCPHBVND3tm4LackIAp1EzaRtWdjYzQPBJasd8GxzZYRBgVSxhmt5LdTdUCdtxqfzacZUjk19iTJ
account.betterplaceforests.com/	1970-01-19 21:17:37	Name: _omappvs Value: 1631856058980
.account.betterplaceforests.com/	1970-01-20 06:03:12	Name: _pin_unauth Value: dWlkPVltTmhPV0kyWXpJdFl6Z3dZaTAwWkdReUxXSXhNelF0TURjM09XRm1aR00xWlRNeA
.bing.com/	1970-01-20 06:39:12	Name: MUID Value: 25372EE9D68368413D6B3E5CD7C669B4
.betterplaceforests.com/	1970-01-19 21:19:02	Name: _uetsid Value: 0abc6460177711ec8d5fc50e3ebdd785
.betterplaceforests.com/	1970-01-20 06:39:12	Name: _uetvid Value: 0abc8470177711ec821c97cbcf3c2ae3
.ct.pinterest.com/	1970-01-20 06:03:12	Name: _pinterest_ct_ua Value: "TWc9PSZnbXViY1BuSGV6cVAraHN4cHBRaDI3eS81ZXNSQXFpbGhPY2gyNjZBVXFnRU5oSUVEeENNSFp3bVV0b0hNVkt4cHdPTmdYZlZtS25xWFR2ZmlJZmRtZXhqa21sbnZHdkIxRTF4bjJzam1zbz0mRHpmTFhDWjQwYlBkMDVMb1NiZUtReEkxbndZPQ=="
.betterplaceforests.com/	1970-01-19 23:27:12	Name: _fbp Value: fb.1.1631856059064.251542864
.doubleclick.net/	1970-01-19 21:17:36	Name: test_cookie Value: CheckForPermission
.twitter.com/	1970-01-20 14:48:48	Name: personalization_id Value: "v1_60Yvop8vFcF0sVMmIbVdCQ=="
.betterplaceforests.com/	1969-12-31 23:59:59	Name: IR_gbd Value: betterplaceforests.com
.betterplaceforests.com/	1969-12-31 23:59:59	Name: IR_14294 Value: 1631856059172%7C0%7C1631856059172%7C%7C
.yahoo.com/	1970-01-20 06:03:33	Name: A3 Value: d=AQABBLslRGECEEAsUYlN9PiWl7oHo2o3vy4FEgEBAQF3RWFOYQAAAAAA_SMAAA&S=AQAAAqzBsRxTBcMvRXm3lbMSGSQ
account.betterplaceforests.com/	1970-01-19 21:17:36	Name: outbrain_cid_fetch Value: true
.betterplaceforests.com/	1970-01-23 12:56:28	Name: pid Value: 926bf301-3626-46c7-a1d5-b2724b89df98
.betterplaceforests.com/	1969-12-31 23:59:59	Name: sid Value: 0e1866c3-7d63-404a-bab1-9086207f809d
.betterplaceforests.com/	1970-01-20 06:03:12	Name: amp_ff1078 Value: sa71gUiYCUc50S0MWcaPud...1ffp36pf4.1ffp36pf5.1.0.1
.facebook.com/	1970-01-19 23:27:12	Name: fr Value: 0iAjZD7lx75k1lNww..BhRCW7..GFE.1.0.BhRCW7.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.optmnstr.com
account.betterplaceforests.com
acdn.adnxs.com
ads.nextdoor.com
amplify.outbrain.com
analytics.betterplaceforests.com
analytics.proofapi.com
analytics.twitter.com
api.amplitude.com
api.ipify.org
api.omappapi.com
api.useproof.com
assets.ubembed.com
bam-cell.nr-data.net
bat.bing.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.useproof.com
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
cx.atdmt.com
dmrpcq96wq0sx.cloudfront.net
e1d28d49b3f64399b33b909f0ce5bd0a.js.ubembed.com
flask.nextdoor.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
js-agent.newrelic.com
live-visitor-counts.herokuapp.com
o617827.ingest.sentry.io
pubads.g.doubleclick.net
s.pinimg.com
s.yimg.com
script.crazyegg.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
tracking.betterplaceforests.com
tracking.crazyegg.com
trc-events.taboola.com
trc.taboola.com
trees.betterplaceforests.com
utt.impactcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
104.16.19.94
104.19.147.8
104.21.3.134
104.21.4.14
104.244.42.133
104.244.42.195
104.75.88.209
13.107.21.200
141.226.228.48
142.250.185.174
142.250.185.226
142.250.185.232
142.250.185.234
142.250.185.67
142.250.185.99
142.250.186.164
142.250.186.66
143.204.101.62
143.204.98.47
151.101.12.157
151.101.193.108
151.101.193.131
151.101.194.137
151.101.65.229
151.101.65.44
162.247.243.147
172.217.23.98
172.67.130.188
172.67.180.171
18.144.24.3
18.66.112.59
185.33.220.244
2.18.234.190
2.21.141.169
212.82.100.181
31.13.92.14
31.13.92.2
31.13.92.36
34.120.195.249
35.186.249.72
35.83.45.36
44.229.7.188
50.19.227.64
52.24.245.7
54.146.248.82
54.73.172.176
64.202.112.159
74.125.206.154
87.248.118.23
89.187.169.47
041a65b5e6aac923f11a2ebc19a1dbfebbe35b1d5aacac24495394ea62d8284c
079cc1acaa73fe484093f318344ae9b718fb4a90e11b5749510012434499364a
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b8b36190ab69387913d084dff06c7d16a8eee34faa98f73ae31291c5b2c2491
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14fe203f63388f9c452deba057a3f09e058116b01d4ed188650cc566617b9877
1882996e48b3b800108df06670df431af4a6f9b18eb54f4a74c0d601af52c641
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
2155c13804da25aa0ecdd87c159ab50843472aab861688f6b960b5c7c16f572d
288fd98ecd0bffe5929a7c01e4ef844614d4a67c172caa9a8e1645fc3f8f5dcc
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a6ce8ee6ce904a9b590e3e458d3332b7ef3a17f53153d31cc2aa30821ebb46f
4b30d8f9c0a7cceeae8e7cd2de328d17501ffc31a81a010110a3e335c1f8377a
503f17f1ead39e733bbf304e686d367d5c7051a5df079f15b7e251b479959b13
526c63fb1c51d884acdf719cfb347948e80f24cde37d74965dc64128c336fe47
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5495f1c9998b6f980363335c7f0baeb9893aaec2038682a2a7908343a3ca54bc
54e739d94e2c019350cffd867c30450beb4eb8e876f6ff6645bdf4f807cba063
5864ab855fabcf14c9e8174c298293b5f186015db1a332b545b4de4173d29d14
5aa4142a40b5a1e0cdee8d5416c145c0e3d8b785254a566b5393069dcd2e0de8
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5d9190292acdd48ba0fc35080f7e7448f3cdf0d79199a4d23f0f49b5341fdf29
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
6a6899d2c2168d8de19166755ea4589c45ddd941677e85432b104c9b0fc8f407
6b91856412395479038df49a920941eb82db22e2aec188fe39a1db40aa23f665
6e68c7f596671913cde21ea0a5c4367b743a79422d87b0659e22f00673c5aeb8
73e4a5d9139c76c87be9e6a334452d9ef3d16673800c1b2c4af5429468d86c8a
7e8ee8f9d56ca7e35629a7c16b9f1c09fbb1e7d19fe922833a2f4edec48bfeea
820c043ebb768a2f07db85e439d64c07f562af46868196875d39455266c00819
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b89751f365049deeff0a9a0bbf7bd901c71bbea41d204a7efd229c6502fa45
97340a01471ead4e30791167d83394abe236a44c2b00401369febd6474ecb2dc
980492bbf045d8206f17ebd8c3663da75806353a3cc4958b63dd35ba7fcb2c51
a5feea0a78c0027e0565b6f0cb360b65e67d24c4300defb266fa9ff1dc89e4a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b04240f8846475dbae72e4b37ddcdb070f7ba0da202e5bbbf50e426b79589555
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b289b7315501f9ae788830ac25d50914b0eda0367a8349ea467ff734735af4fe
b6e41760921490d9f9338ca5facd9f37a2e1e2b91a5ee98005f5f037842d7410
b7a24c56428c3bed55e8e94082df46da3949f6309ba129ab7bc27161152583d6
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
be3cb3ee2e24a0d52a714294f4ec0a212b7be23140d195d779c84ecfa4175592
c2086eceb44948754113be86ea71da3c26f6bd5659e1e0b61a46f2b34a078b1d
c8efcc7f905eb72c36aac41396bf532388175d9bac6377ac8c3c66812fbe805b
dcb15d9706d2d98992ec24247b53335f7a569cb5f5d45cf7798ae7f2d10d6ae6
ddeb793f6c13305a36c4da93535930d186edfcdb701d964db8ebadb2e9ddaacf
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
dfa1d7251ae6d0aa683403cdf10a7598c8e51b99e10e467ed35aaf99ae31e80b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3da9f9ce183abed31a6f36cbe160650524f58b49be5cae34b42e06aa3b29ac0
e40e172bcc420d98dc7ce020d41875d0d1ce78c53b084c88ec2bc4a5bac4e6d9
e7b76c6022e19b73ec666006c73e88df8158dceb5fe9d2fcc640594157d1a44d
e86ac39626402502741cd9f09b19db7d1233129786927bcc36bd3d58719e90d8
e9c4610cf09b0da7ffd407728bd3d1aed506dc5f4b018375f3615ef7b6156a8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
fa5f20976c7544e011c06991f4a817cb545dba0fbc31f3bf29b142da2c3cc0cf
fab7339b7fec3d6347ddbb0a606849191eb50bc678866865364539d45fecc8dc
fcf7342ac0f25805477906cca75be1f284a00b5a973eb70c8011ca60d49dc5ce
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

account.betterplaceforests.com Open in urlscan Pro 172.67.130.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

0 %IPv6

39 Domains

53 Subdomains

50 IPs

5 Countries

2273 kBTransfer

4544 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

account.betterplaceforests.com Open in urlscan Pro
172.67.130.188 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

0 %
IPv6

39
Domains

53
Subdomains

50
IPs

5
Countries

2273 kB
Transfer

4544 kB
Size

23
Cookies

88 HTTP transactions
0 data transactions