urlscan.io logo urlscan.io
SecurityTrails logo

wwws.betterment.com Open in urlscan Pro
104.20.13.36  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wwws.betterment.com/app/documents
Effective URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Submission: On December 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 41 HTTP transactions. The main IP is 104.20.13.36, located in and belongs to CLOUDFLARENET, US. The main domain is wwws.betterment.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 26th 2021. Valid for: a year.
This is the only time wwws.betterment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

11    104.20.13.36 (None, )

ASN13335 (CLOUDFLARENET, US)
wwws.betterment.com
1    107.21.45.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-45-130.compute-1.amazonaws.com
app.quovo.com
1    18.66.110.125 (United States)

ASN16509 (AMAZON-02, US)
cdn.segment.com
1    35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:1901:0:498c:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
2    18.66.248.4 (United States)

ASN16509 (AMAZON-02, US)
cdn.betterment.com
2    35.161.21.238 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-21-238.us-west-2.compute.amazonaws.com
api.segment.io
1    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
4    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.de
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
2    52.44.14.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-14-88.compute-1.amazonaws.com
trkn.us
3    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Domain Requested by
11 wwws.betterment.com 1 redirects wwws.betterment.com
3 www.google.de
3 www.google.com
3 tr.snapchat.com 1 redirects
3 www.google-analytics.com wwws.betterment.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 pixel.tapad.com 2 redirects
2 trkn.us 1 redirects
2 api.segment.io wwws.betterment.com
2 cdn.betterment.com wwws.betterment.com
1 stats.g.doubleclick.net wwws.betterment.com
1 ampcid.google.de wwws.betterment.com
1 ampcid.google.com wwws.betterment.com
1 sp.analytics.yahoo.com
1 insight.adsrvr.org
1 www.googleadservices.com www.googletagmanager.com
1 api-js.mixpanel.com wwws.betterment.com
1 cdn.mxpnl.com cdn.segment.com
1 www.googletagmanager.com wwws.betterment.com
1 sentry.io wwws.betterment.com
1 cdn.segment.com wwws.betterment.com
1 app.quovo.com wwws.betterment.com
41 22

This site contains links to these domains. Also see Links.

Domain
www.betterment.com
Subject Issuer Validity Valid
www.betterment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-26 -
2022-05-27		 a year crt.sh
app.quovo.com
R3		 2021-10-25 -
2022-01-23		 3 months crt.sh
*.segment.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-19 -
2022-08-09		 a year crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2020-06-02 -
2022-06-07		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.mxpnl.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-07-15 -
2022-07-28		 a year crt.sh
*.betterment.com
Amazon		 2021-04-13 -
2022-05-12		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Frame ID: 357F4B4611AD43EA38A9EAF95678847E
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Log in to Betterment | BettermentBetterment

Page URL History Show full URLs

  1. https://wwws.betterment.com/app/documents HTTP 302
    https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments Page URL

Page Statistics

41
Requests

93 %
HTTPS

38 %
IPv6

18
Domains

22
Subdomains

21
IPs

5
Countries

1219 kB
Transfer

4186 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wwws.betterment.com/app/documents HTTP 302
    https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://trkn.us/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840 HTTP 302
  • https://trkn.us/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840;ip=185.213.155.165;cuidchk=1
Request Chain 26
  • https://tr.snapchat.com/cm/s?pnid=140 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1638460055595%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1638460055595%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://tr.snapchat.com/cm/p?rand=1638460055595&pnid=140&pcid=96e22fbe-d046-4d25-85bf-6a2961952302

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
wwws.betterment.com/app/
Redirect Chain
  • https://wwws.betterment.com/app/documents
  • https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
59 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea1f5ae2006850c6525ceaef420b86ddd429ecac3a6b41a736561ef41e6e521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-type
text/html; charset=utf-8
content-length
13782
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
etag
W/"8ea1f5ae2006850c6525ceaef420b86d"
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
14143ff4c0b73a9e1f930e4e2d8ad0b5
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b7de3400c3f05b7-FRA

Redirect headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-type
text/html; charset=utf-8
content-length
132
location
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
cache-control
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-request-id
b7b36caa6144d9994f52203edeab10e0
x-xss-protection
1; mode=block
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6b7de33f0a9005b7-FRA
application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
wwws.betterment.com/assets/ 		474 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/assets/application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3de056586df0c7cafa5f8dfd3167ae6ec12372063f5d7f867137e09129a582bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 15:36:07 GMT
server
cloudflare
age
257214
etag
W/"5ffc07af400e1e5c3140fa3b8d12ed9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
cf-ray
6b7de3419fe905b7-FRA
expires
Tue, 07 Dec 2021 16:12:31 GMT
application-815d5018c66d82af8a2eb841ace2d4958feaf172b068dfb05c089b7efbf7d4da.js
wwws.betterment.com/assets/ 		457 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/assets/application-815d5018c66d82af8a2eb841ace2d4958feaf172b068dfb05c089b7efbf7d4da.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815d5018c66d82af8a2eb841ace2d4958feaf172b068dfb05c089b7efbf7d4da

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 16 Nov 2021 01:49:48 GMT
server
cloudflare
age
290422
etag
W/"c50b9d20a2abdc3274650bc21dc327e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
cf-ray
6b7de3419fea05b7-FRA
expires
Tue, 07 Dec 2021 06:59:04 GMT
runtime~application-03ac8e5a9262ee4b5a27.js
wwws.betterment.com/packs/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/packs/js/runtime~application-03ac8e5a9262ee4b5a27.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92077e0795070015f46918f55ec3f712d90729aac5888a362c9226dd6e296ae6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 03 Dec 2021 15:34:04 GMT
server
cloudflare
etag
W/"8470258dfd992e82e9146779a20e11b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
6b7de3419fec05b7-FRA
content-length
3623
expires
Fri, 10 Dec 2021 15:39:26 GMT
5-cf2c09085df44b63668a.chunk.js
wwws.betterment.com/packs/js/ 		2 MB
587 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7f0b5a0e8ed36c6536f6e97d477db25eb4bef444ca315caea1481c40791f3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:33:09 GMT
server
cloudflare
age
225072
etag
W/"2350a5319aeb9da18045d6bb26b7afff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
cf-ray
6b7de3419ff005b7-FRA
expires
Wed, 08 Dec 2021 01:08:14 GMT
48-4c4577bef5be682fe4ac.chunk.js
wwws.betterment.com/packs/js/ 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/packs/js/48-4c4577bef5be682fe4ac.chunk.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3fa8e51798e3dded7d7006ac523793cfb82d176bf501ecb681731e50ec78b2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 18 Nov 2021 21:05:09 GMT
server
cloudflare
age
65619
etag
W/"0c54257861e6d1bdb7498e30c92a494c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
6b7de3419ff105b7-FRA
content-length
29256
expires
Thu, 09 Dec 2021 21:25:47 GMT
application-352d2f821ae6d539ab86.chunk.js
wwws.betterment.com/packs/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/packs/js/application-352d2f821ae6d539ab86.chunk.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6404594f69cda3356883302be7bf0f3803d36836eb73b71ed75305491a33bac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:33:11 GMT
server
cloudflare
age
225071
etag
W/"b901c0e02538488a7a4a5ff1ba7b0da4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
6b7de3419ff305b7-FRA
content-length
2698
expires
Wed, 08 Dec 2021 01:08:15 GMT
5-74659f2d.chunk.css
wwws.betterment.com/packs/css/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/packs/css/5-74659f2d.chunk.css
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a2373d77905a335928a8f8a0e90fca72f5412b85863548fac0ed7fb8a2314cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Dec 2021 00:33:07 GMT
server
cloudflare
age
225072
etag
W/"315240d8b5f00eb39168b47e1221911d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
6b7de3419fed05b7-FRA
content-length
2650
expires
Wed, 08 Dec 2021 01:08:14 GMT
ui.js
app.quovo.com/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.quovo.com/ui.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.21.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-21-45-130.compute-1.amazonaws.com
Software
nginx/1.19.1 /
Resource Hash
83faa04d8b2fe85c12806dfbd56a2eb7653d7bfe44d76a94d0761d0434dfb4cb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
server
nginx/1.19.1
etag
"d1b1e9ac4f7355f4a4081b7f0b6749d78b148e29"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
content-disposition
inline; filename="ui.js"
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
analytics.min.js
cdn.segment.com/analytics.js/v1/U4px15EFnbiaUtS3KNGnfD7cRLLWcUWw/ 		359 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/U4px15EFnbiaUtS3KNGnfD7cRLLWcUWw/analytics.min.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.110.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3a211d2ece5448923e6bead12c1cbf48235c25ab6558be75753ead34e9bb77c4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
iDIWfc3qZN.RL_dVS3bxIEJWjvUGVVas
content-encoding
gzip
etag
W/"7111ddec98b914ba21c5f41ff6ea19bb"
age
27
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 23 Nov 2021 21:39:27 GMT
server
AmazonS3
date
Fri, 03 Dec 2021 15:39:00 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 eb6e5773d654b9aeadbed8169564506d.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
hN3F4m3wBwiLe9eTIU5nkVPx5aT3wwm8hO4VC8rqPWgfye2NPOE8Pg==
/
sentry.io/api/1290105/envelope/ 		2 B
409 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1290105/envelope/?sentry_key=d3a3f7294d7940beb81f140a3a0f2f5b&sentry_version=7
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 03 Dec 2021 15:39:27 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://wwws.betterment.com
access-control-expose-headers
x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
2
gtm.js
www.googletagmanager.com/ 		240 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5RSQL7
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7035d807e984c7bae799ee0fb18f2af8079ee75253b6a135b1d962aa5c3d570
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74329
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Dec 2021 15:39:26 GMT
8f4ea17a-fe0d-4be3-ac33-da14f75d84df
https://wwws.betterment.com/ 		513 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wwws.betterment.com/8f4ea17a-fe0d-4be3-ac33-da14f75d84df
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb6b9f467a7f2105fe0c533d0d7a2765059fc004b6d545173f4ffa67c7c89097

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length
513
Content-Type
text/javascript
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/U4px15EFnbiaUtS3KNGnfD7cRLLWcUWw/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:498c:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 19:32:23 GMT
content-encoding
gzip
age
72423
x-guploader-uploadid
ADPycdul93EKRc2WX8fDMIERhuOGX7Bqtc4GAL4wjvtjEtZ-pmYg9CGY3KT3aFFMAOnW47qtJd_ownYzMChl-a3h4VC-J1hkzA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
25483
last-modified
Tue, 16 Nov 2021 18:27:30 GMT
server
UploadServer
etag
"77c5050453dd79be695c9d3979443265"
vary
Accept-Encoding
x-goog-hash
crc32c=Jbujhw==, md5=d8UFBFPdeb5pXJ05eUQyZQ==
x-goog-generation
1637087250642836
access-control-allow-origin
*
cache-control
public,max-age=86400
x-goog-stored-content-length
25483
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 03 Dec 2021 19:32:23 GMT
GT-America-Standard-Regular-803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c.woff
wwws.betterment.com/assets/gt-america/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/assets/gt-america/GT-America-Standard-Regular-803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c.woff
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/assets/application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c

Request headers

Referer
https://wwws.betterment.com/assets/application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
Origin
https://wwws.betterment.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
286090
last-modified
Tue, 16 Nov 2021 01:49:53 GMT
server
cloudflare
etag
W/"869eb9e5904708d2b3f3109319f72194"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6b7de3444ddf05b7-FRA
expires
Tue, 07 Dec 2021 08:11:16 GMT
GT-America-Standard-Medium-418843d2cf161331d08cf4406ed5f935776e7efd3003dc907dee3298a35b6310.woff
wwws.betterment.com/assets/gt-america/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wwws.betterment.com/assets/gt-america/GT-America-Standard-Medium-418843d2cf161331d08cf4406ed5f935776e7efd3003dc907dee3298a35b6310.woff
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/assets/application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.36 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418843d2cf161331d08cf4406ed5f935776e7efd3003dc907dee3298a35b6310

Request headers

Referer
https://wwws.betterment.com/assets/application-rebrand-b91bb5fd81eaa12c7b1ea6508cb26e36352c423fa73208f2e9334d7932bc1502.css
Origin
https://wwws.betterment.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
content-encoding
gzip
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
age
286090
last-modified
Tue, 16 Nov 2021 01:49:53 GMT
server
cloudflare
etag
W/"a8e5167033694be0bd086b9cb7a7b345"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
6b7de3444de305b7-FRA
expires
Tue, 07 Dec 2021 08:11:16 GMT
retail-status.json
cdn.betterment.com/ 		19 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.betterment.com/retail-status.json
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79de476ac6d4a252fe28cee169525324599762788dc04bbf5af813ab9c74861a

Request headers

Accept
*/*
Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
5Ho123mLadTvjxchDhUoPjg16605RLdr
Via
1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
ETag
"b8e220c49a3a6adcd9cf22c7266980e7"
X-Amz-Cf-Pop
DUS51-P1
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
19
Last-Modified
Sun, 13 Jun 2021 05:48:43 GMT
Server
AmazonS3
Date
Fri, 03 Dec 2021 15:39:28 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Accept-Ranges
bytes
X-Amz-Cf-Id
7FXtGkVc_MWyLav7dWrJcdw2i_ptYG2c-XyDP6Yp90dQdPpn6CJliA==
retail-status.json
cdn.betterment.com/ 		19 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.betterment.com/retail-status.json
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79de476ac6d4a252fe28cee169525324599762788dc04bbf5af813ab9c74861a

Request headers

Accept
*/*
Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id
5Ho123mLadTvjxchDhUoPjg16605RLdr
Via
1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
ETag
"b8e220c49a3a6adcd9cf22c7266980e7"
X-Amz-Cf-Pop
DUS51-P1
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
19
Last-Modified
Sun, 13 Jun 2021 05:48:43 GMT
Server
AmazonS3
Date
Fri, 03 Dec 2021 15:39:28 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
Accept-Ranges
bytes
X-Amz-Cf-Id
Ink6TZTyM7GZro18EIvHZT9zl2iXhGIQI1zvzxIQjlS77qDkM8NqUQ==
i
api.segment.io/v1/ 		21 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/i
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.21.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-21-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wwws.betterment.com
date
Fri, 03 Dec 2021 15:39:27 GMT
content-length
21
vary
Origin
content-type
application/json
/
api-js.mixpanel.com/decide/ 		65 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=3&lib=web&token=0523d4f8e034a64484dae3b08a396342&distinct_id=a31b02f1-a248-4e7e-8317-1bc1f77a2c58&ip=1&_=1638545966861
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:26 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://wwws.betterment.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
p
api.segment.io/v1/ 		21 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.21.238 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-161-21-238.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wwws.betterment.com
date
Fri, 03 Dec 2021 15:39:27 GMT
content-length
21
vary
Origin
content-type
application/json
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5RSQL7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 15:39:27 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/app/login?return_to=%2Fapp%2Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2300
date
Fri, 03 Dec 2021 15:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Dec 2021 17:01:07 GMT
/
insight.adsrvr.org/track/pxl/ 		70 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=hl9mtwl&ct=0:yh9e6lc&fmt=3&gtmcb=2081312436
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
spp.pl
sp.analytics.yahoo.com/ 		43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/spp.pl?a=10000&.yp=10169215&ea=site&gtmcb=473334668
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Fri, 03 Dec 2021 15:39:27 GMT
ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840
  • https://trkn.us/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840;ip=185.213.155.165;cuidchk=1
42 B
780 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trkn.us/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840;ip=185.213.155.165;cuidchk=1
Protocol
HTTP/1.1
Server
52.44.14.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-14-88.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Dec 2021 15:39:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Fri, 03 Dec 2021 15:39:27 GMT
X-Content-Type-Options
nosniff
Server
Apache
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location
/pixel/conv/ppt=17373;g=sitewide;gid=40356;ord=zfisww4nw3jlbmnj4k40l?gtmcb=909059840;ip=185.213.155.165;cuidchk=1
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
0
p
tr.snapchat.com/ 		68 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=595066e0-2318-4064-a009-3347c5f421bf&ev=PAGE_VIEW&v=2.3&rand=buyt1oo6zjl5rmiazayq1s&pl=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:27 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
p
tr.snapchat.com/cm/
Redirect Chain
  • https://tr.snapchat.com/cm/s?pnid=140
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1638460055595%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1638460055595%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
  • https://tr.snapchat.com/cm/p?rand=1638460055595&pnid=140&pcid=96e22fbe-d046-4d25-85bf-6a2961952302
68 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/cm/p?rand=1638460055595&pnid=140&pcid=96e22fbe-d046-4d25-85bf-6a2961952302
Protocol
H2
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 15:39:27 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68

Redirect headers

location
https://tr.snapchat.com/cm/p?rand=1638460055595&pnid=140&pcid=96e22fbe-d046-4d25-85bf-6a2961952302
date
Fri, 03 Dec 2021 15:39:27 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
publisher:getClientId
ampcid.google.com/v1/ 		74 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Dec 2021 15:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wwws.betterment.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/972418855/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/972418855/?random=1638545967137&cv=9&fst=1638545967137&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
231d774ef8773d1cd5ee0642548e28d27199f90c21a4d29a3e0b53d3e42b640d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1037
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/934899002/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/934899002/?random=1638545967140&cv=9&fst=1638545967140&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8663f5c51bd98259cb9b310e9a118657ee0d67a7f349fe5a8f621d24c20dff70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1035
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publisher:getClientId
ampcid.google.de/v1/ 		3 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 03 Dec 2021 15:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://wwws.betterment.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/972418855/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/972418855/?random=1638545967137&cv=9&fst=1638543600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&async=1&fmt=3&is_vtc=1&random=4037762383&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/972418855/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/972418855/?random=1638545967137&cv=9&fst=1638543600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&async=1&fmt=3&is_vtc=1&random=4037762383&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/934899002/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/934899002/?random=1638545967140&cv=9&fst=1638543600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&async=1&fmt=3&is_vtc=1&random=3366198118&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/934899002/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/934899002/?random=1638545967140&cv=9&fst=1638543600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&tiba=Log%20in%20to%20Betterment%20%7C%20Betterment&async=1&fmt=3&is_vtc=1&random=3366198118&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10133968-1&cid=181593389.1638545967&jid=382659041&gjid=1868435916&_gid=1944168345.1638545967&_u=YGBAiAABBAQCAE~&z=801877676
Requested by
Host: wwws.betterment.com
URL: https://wwws.betterment.com/packs/js/5-cf2c09085df44b63668a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://wwws.betterment.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 03 Dec 2021 15:39:27 GMT
content-type
text/plain
access-control-allow-origin
https://wwws.betterment.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=533536462&t=pageview&_s=1&dl=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&ul=en-us&de=UTF-8&dt=Log%20in%20to%20Betterment%20%7C%20Betterment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiAABBAQC~&jid=382659041&gjid=1868435916&cid=181593389.1638545967&tid=UA-10133968-1&_gid=1944168345.1638545967&cd1=normal&z=39860600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 10:01:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20282
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=533536462&t=timing&_s=2&dl=https%3A%2F%2Fwwws.betterment.com%2Fapp%2Flogin%3Freturn_to%3D%252Fapp%252Fdocuments&ul=en-us&de=UTF-8&dt=Log%20in%20to%20Betterment%20%7C%20Betterment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1073&pdt=1&dns=0&rrt=209&srt=227&tcp=0&dit=913&clt=913&_gst=1087&_gbt=1255&_cst=767&_cbt=1071&_u=YGBAiAABBAQCAE~&jid=&gjid=&cid=181593389.1638545967&tid=UA-10133968-1&_gid=1944168345.1638545967&cd1=normal&z=78598452
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 10:01:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
20282
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10133968-1&cid=181593389.1638545967&jid=382659041&_u=YGBAiAABBAQCAE~&z=126970510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10133968-1&cid=181593389.1638545967&jid=382659041&_u=YGBAiAABBAQCAE~&z=126970510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://wwws.betterment.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 15:39:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler string| TT object| BMT function| $ function| jQuery function| simplify function| _ object| Modernizr object| d3 object| BMTSessionManager object| Turbolinks object| Calendly object| webpackJsonp object| __SENTRY__ object| regeneratorRuntime object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate boolean| _babelPolyfill function| createMask object| analytics object| dataLayer object| mixpanel object| Quovo function| normalize object| google_tag_manager object| google_tag_data string| pixelDensity string| GoogleAnalyticsObject function| ga object| gaplugins function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaGlobal object| gaData

17 Cookies

Domain/Path Name / Value
.betterment.com/ Name: tt_visitor_id
Value: a31b02f1-a248-4e7e-8317-1bc1f77a2c58
wwws.betterment.com/ Name: _retail_session
Value: 2zGQdwNgRVdwSyuVDyjnsVQlKvsyhnlMK%2FeuSn1TUKhC7mgC5dNo3jigi0D%2BrtM67yRG5mHHFMTokvWpdQ%2Fo28%2Fehpb8e9S4h6DIIJ0gwUL2%2BG9LA6kxjsK1LttUWrWefllK3OP3oeaeWXIvIW4ZVhLBX93rNCyCXSED0VageqRDMaWcuny00peKp%2F7gT82h5TRA4YboZ0EEzn1VNAi%2BGE7xqmNYkuwH%2BlnEv9THwuDP%2BEcvNbn20jX2G49fALi0ZeRnUNBiz4qzND8kWdsnFKv%2FkARJzrM%3D--ek0gKngiCchxyykm--coNOZcDYRP86QSf0gPEE8w%3D%3D
.betterment.com/ Name: ajs_user_id
Value: %22a31b02f1-a248-4e7e-8317-1bc1f77a2c58%22
.betterment.com/ Name: ajs_anonymous_id
Value: %22122c5616-c950-4aee-a942-618338d6a10e%22
.betterment.com/ Name: mp_0523d4f8e034a64484dae3b08a396342_mixpanel
Value: %7B%22distinct_id%22%3A%20%22a31b02f1-a248-4e7e-8317-1bc1f77a2c58%22%2C%22%24device_id%22%3A%20%2217d80f346fb4cc-01e3c5a77abd92-978183a-1d4c00-17d80f346fc6eb%22%2C%22mp_lib%22%3A%20%22Segment%3A%20web%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22%24user_id%22%3A%20%22a31b02f1-a248-4e7e-8317-1bc1f77a2c58%22%2C%22mp_name_tag%22%3A%20%22a31b02f1-a248-4e7e-8317-1bc1f77a2c58%22%2C%22id%22%3A%20%22a31b02f1-a248-4e7e-8317-1bc1f77a2c58%22%7D
.betterment.com/ Name: _gcl_au
Value: 1.1.640477526.1638545967
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAA3EyREAIAgEsIqYUTkWyvGiCorXPJLWdPg6lIlO4iEU2/x3Jzhjg1HVjV1Fw1DtAZlguJ8yAAAA
.tapad.com/ Name: TapAd_TS
Value: 1638545967060
.tapad.com/ Name: TapAd_DID
Value: 96e22fbe-d046-4d25-85bf-6a2961952302
.yahoo.com/ Name: A3
Value: d=AQABBC86qmECEPfgm0esvkrQ1ey6OI9HPqIFEgEBAQGLq2G0YQAAAAAA_eMAAA&S=AQAAAnlKf6No0XNU_xh9bEqnWPA
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.trkn.us/ Name: barometric[cuid]
Value: cuid_1fa1e1aa-12c5-4752-9831-6df18d883777
.betterment.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.betterment.com/ Name: _ga
Value: GA1.2.181593389.1638545967
.betterment.com/ Name: _gid
Value: GA1.2.1944168345.1638545967
.betterment.com/ Name: _gat
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ampcid.google.com
ampcid.google.de
api-js.mixpanel.com
api.segment.io
app.quovo.com
cdn.betterment.com
cdn.mxpnl.com
cdn.segment.com
googleads.g.doubleclick.net
insight.adsrvr.org
pixel.tapad.com
sentry.io
sp.analytics.yahoo.com
stats.g.doubleclick.net
tr.snapchat.com
trkn.us
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
wwws.betterment.com
104.20.13.36
107.21.45.130
142.250.186.34
18.66.110.125
18.66.248.4
212.82.100.181
2600:1901:0:498c::
2a00:1450:4001:802::2004
2a00:1450:4001:808::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9a
35.161.21.238
35.186.226.184
35.186.241.51
35.188.42.15
35.227.248.159
52.223.40.198
52.44.14.88
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
231d774ef8773d1cd5ee0642548e28d27199f90c21a4d29a3e0b53d3e42b640d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
3a211d2ece5448923e6bead12c1cbf48235c25ab6558be75753ead34e9bb77c4
3de056586df0c7cafa5f8dfd3167ae6ec12372063f5d7f867137e09129a582bc
418843d2cf161331d08cf4406ed5f935776e7efd3003dc907dee3298a35b6310
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5d3fa8e51798e3dded7d7006ac523793cfb82d176bf501ecb681731e50ec78b2
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
79de476ac6d4a252fe28cee169525324599762788dc04bbf5af813ab9c74861a
7a2373d77905a335928a8f8a0e90fca72f5412b85863548fac0ed7fb8a2314cb
803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c
815d5018c66d82af8a2eb841ace2d4958feaf172b068dfb05c089b7efbf7d4da
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83faa04d8b2fe85c12806dfbd56a2eb7653d7bfe44d76a94d0761d0434dfb4cb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8663f5c51bd98259cb9b310e9a118657ee0d67a7f349fe5a8f621d24c20dff70
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea1f5ae2006850c6525ceaef420b86ddd429ecac3a6b41a736561ef41e6e521
92077e0795070015f46918f55ec3f712d90729aac5888a362c9226dd6e296ae6
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a6404594f69cda3356883302be7bf0f3803d36836eb73b71ed75305491a33bac
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6b9f467a7f2105fe0c533d0d7a2765059fc004b6d545173f4ffa67c7c89097
d041681ad7b48ebd3e8eaf22937c7235b8c1ea0cf9069ec2fb88dcd42d3f9588
e7035d807e984c7bae799ee0fb18f2af8079ee75253b6a135b1d962aa5c3d570
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f0b5a0e8ed36c6536f6e97d477db25eb4bef444ca315caea1481c40791f3b