account.joinroot.com Open in urlscan Pro
2600:9000:2490:e000:5:92a4:1fc0:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=da...
Submission: On April 21 via api (April 21st 2023, 3:27:53 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 19 domains to perform 60 HTTP transactions. The main IP is 2600:9000:2490:e000:5:92a4:1fc0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is account.joinroot.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 20th 2023. Valid for: 7 months.

This is the only time account.joinroot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:249... 2600:9000:2490:e000:5:92a4:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:1600:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	54.205.169.234 54.205.169.234	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::396	54113 (FASTLY) (FASTLY)
7	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.232.20.22 18.232.20.22	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.231.39.24 34.231.39.24	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b900:b765:a9d2:87:ebeb	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	54.82.238.3 54.82.238.3	14618 (AMAZON-AES) (AMAZON-AES)
2 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
60	25

16 2600:9000:2490:e000:5:92a4:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

account.joinroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:1600:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.205.169.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-169-234.compute-1.amazonaws.com

app.joinroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.16.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f6.1e100.net

11668718.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.232.20.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-20-22.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.39.24 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-39-24.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.21 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

jelly-v6.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:b765:a9d2:87:ebeb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.238.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-238-3.compute-1.amazonaws.com

data.adxcel-ec2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	joinroot.com account.joinroot.com app.joinroot.com — Cisco Umbrella Rank: 416646	315 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 794	107 KB
7	doubleclick.net 3 redirects 11668718.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 166 ad.doubleclick.net — Cisco Umbrella Rank: 201	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	387 KB
6	google.com www.google.com — Cisco Umbrella Rank: 16 region1.analytics.google.com — Cisco Umbrella Rank: 2930 adservice.google.com — Cisco Umbrella Rank: 130	29 KB
2	adnxs.com 1 redirects secure.adnxs.com — Cisco Umbrella Rank: 604	2 KB
2	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
2	mdhv.io 1 redirects jelly.mdhv.io — Cisco Umbrella Rank: 4119 jelly-v6.mdhv.io — Cisco Umbrella Rank: 15539	453 B
2	trkn.us 1 redirects trkn.us — Cisco Umbrella Rank: 3278	1 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1180	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	175 KB
1	adxcel-ec2.com data.adxcel-ec2.com — Cisco Umbrella Rank: 4847	131 B
1	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9302
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1867	157 B
1	quora.com q.quora.com — Cisco Umbrella Rank: 4667	420 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1749	8 KB
1	sentry.io sentry.io — Cisco Umbrella Rank: 324	442 B
1	osano.com cmp.osano.com — Cisco Umbrella Rank: 6829	84 KB
60	19

	Domain	Requested by
16	account.joinroot.com	account.joinroot.com cmp.osano.com
7	analytics.tiktok.com	www.googletagmanager.com account.joinroot.com analytics.tiktok.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	11668718.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.google.com	account.joinroot.com cmp.osano.com www.google.com
2	secure.adnxs.com	1 redirects 11668718.fls.doubleclick.net
2	ad.doubleclick.net	2 redirects
2	adservice.google.com	11668718.fls.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	trkn.us	1 redirects account.joinroot.com
2	unpkg.com	1 redirects account.joinroot.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	account.joinroot.com www.googletagmanager.com
2	fonts.gstatic.com	www.google.com
2	app.joinroot.com	account.joinroot.com
1	data.adxcel-ec2.com	11668718.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	rum-http-intake.logs.datadoghq.com	account.joinroot.com
1	www.google.de	account.joinroot.com
1	region1.analytics.google.com	www.googletagmanager.com
1	alb.reddit.com	account.joinroot.com
1	jelly-v6.mdhv.io	account.joinroot.com
1	jelly.mdhv.io	1 redirects
1	q.quora.com	account.joinroot.com
1	www.redditstatic.com	www.googletagmanager.com
1	sentry.io	account.joinroot.com
1	cmp.osano.com	account.joinroot.com
60	27

This site contains links to these domains. Also see Links.

Domain
www.joinroot.com
quote.joinroot.com
policies.google.com

Subject Issuer	Validity	Valid
account.joinroot.com Amazon RSA 2048 M02	`2023-02-20` - `2023-09-12`	7 months	crt.sh
cmp.osano.com Amazon RSA 2048 M02	`2023-02-21` - `2023-09-30`	7 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-07-04`	a year	crt.sh
app.joinroot.com Amazon RSA 2048 M02	`2023-03-01` - `2023-07-19`	5 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2023-03-13` - `2024-04-12`	a year	crt.sh
*.quora.com R3	`2023-04-16` - `2023-07-15`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
adxcel-ec2.com Amazon RSA 2048 M02	`2023-02-24` - `2023-11-16`	9 months	crt.sh

This page contains 6 frames:

Primary Page: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Frame ID: D42D08999A5847FF195EAA87B632AE6D
Requests: 23 HTTP requests in this frame

Frame: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&referrer=
Frame ID: 28F57EF88F0C95AF9DD27EDCD6C4D88C
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&cb=qhoyeq6kda2m
Frame ID: 02E97E56F1D5DC4B32EA24DD37CBA073
Requests: 7 HTTP requests in this frame

Frame: https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal
Frame ID: 55C22C76908D375D68BCFCDE6488D859
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal
Frame ID: AB57A16EE398C50DC2FADCAB7DD89FE7
Requests: 1 HTTP requests in this frame

Frame: https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal
Frame ID: 542B8B5555D81343A092B0F9500E4841
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Root Insurance

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

60
Requests

87 %
HTTPS

59 %
IPv6

19
Domains

27
Subdomains

25
IPs

3
Countries

1134 kB
Transfer

3213 kB
Size

15
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.joinroot.com/
Title: Root Insurance logo

Search URL Search Domain Scan URL

URL: https://quote.joinroot.com/
Title: Sign up

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

Request Chain 28

https://11668718.fls.doubleclick.net/activityi;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal HTTP 302
https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Request Chain 35

https://trkn.us/pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342 HTTP 302
https://trkn.us/pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342;ip=217.64.151.4;cuidchk=1

Request Chain 36

https://jelly.mdhv.io/v1/star.gif?pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&evt=hi HTTP 307
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&tx=b3e35201-e4fa-4b94-bfbd-b475fc45bf7e

Request Chain 52

https://adservice.google.de/ddm/fls/i/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal HTTP 302
https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Request Chain 57

https://ad.doubleclick.net/ddm/activity/src=11965234;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20' HTTP 302
https://ad.doubleclick.net/ddm/activity/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20' HTTP 302
https://adservice.google.com/ddm/fls/z/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20'

Request Chain 58

https://secure.adnxs.com/px?id=1583549&seg=30030312&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1583549%26seg%3D30030312%26t%3D2

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request password Show response
account.joinroot.com/login/ 4 KB
2 KB 1119ms
1052ms Document
text/html 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

dbefc7c689ac72a507009827c002e030c2cbe95e9b1a11119dfc811866b7606a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 21 Apr 2023 15:27:48 GMT
etag: W/"9710b295952bdc7b3fde1ee24f45e123"
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-id: MOrE9iHta2X_J9Eahn7UF-DKhGO187s2YK83J7vM7plD_G-vTzIa9Q==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: c2awevtfqNsYEoaTm5vw2oZzSOXqGi2c
x-cache: Miss from cloudfront

GET
H2 200 base.css
account.joinroot.com/ 15 KB
3 KB 7ms
7ms Stylesheet
text/css 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/base.css

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d100dc4a38f9a4574b588dc16b0ab057f2610de2eec71ecdeb23eed75e41a9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: Ioyvmj5cslCkHdb64GdSuFFerSubu2g6
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"e0d44d76b098b4e4d22c6ba7832e26c2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 577926
x-amz-cf-id: ejpxNOrH3pA1KdwdjF_hRVLQ9iopk5BYrvax9yR1b47DHc9zHdu1HA==

GET
H2 200 osano-styles.css
account.joinroot.com/ 180 B
625 B 8ms
8ms Stylesheet
text/css 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/osano-styles.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efcd2700eed7a55611ccd882e4493e96c36c1d2c96bfda64e344e17941bfded5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: 1h6aAzr3Hbc3tzYJqzbdTNZxpz0mbt60
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 577925
etag: "80ee5a77914e146e03f5588f06722c22"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 180
x-amz-cf-id: zVm9U0WQSG23R8sjQt2wgu2aZ2ucfuLrrwlymn0jjEwtsWgzbOZC6w==

GET
H2 200 osano.js Show response
cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/ 318 KB
84 KB 43ms
8ms Script
application/javascript 2600:9000:211e:1600:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:1600:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

9088dcfc20c69b36f5dee93eca9bb3fac64c2ee3c482d5acfdfc92729e67ec19

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:22 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 26
x-cache: Hit from cloudfront
content-length: 85730
x-xss-protection: mode=block
last-modified: Fri, 30 Dec 2022 19:24:05 GMT
server: CloudFront
etag: "d08aa96c24239707dac762bdafdea034"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: H3bLlksKFtJwVaGw0waLmeEm3KeG5uaG3jfu19DfIu4xzZAyLhulDg==

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
939 B 40ms
19ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

736c909fc56b7e9061ae8a95e8f07e3b4e217ea2cb5cdc2f23562181eee1e588

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 620
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 15:27:48 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ 411 KB
165 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff4271d2d0ee30878a4805694667aa650e27b8b89653a0a2564b1f8a6960537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.joinroot.com/
Origin: https://account.joinroot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168608
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 08:12:28 GMT

GET
H2 200 runtime.88a51a3d5a27f3b9a19b.bundle.js Show response
account.joinroot.com/ 5 KB
3 KB 8ms
7ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/runtime.88a51a3d5a27f3b9a19b.bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2accfa5346b616ed56e3ec6570e055d0bb939dbba37363ca10096ffc373e6423

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: xiT8aLgdXeMusv.bGA3zO9.1.4Cmr98q
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"ea1ed6922b9a84d4538874ece39bd742"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577926
x-amz-cf-id: lvQylhdpS0lO5b3rGjcU6tZi2UyQ6j1pTj1kkEMoUxa94cdJeHlDRg==

GET
H2 200 vendors.37db5e0c34c547634599.bundle.js Show response
account.joinroot.com/ 137 KB
47 KB 19ms
18ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/vendors.37db5e0c34c547634599.bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2487ea0c4e57a67e1038bf20b95ddd3a153b1112d489665402f7bdb8a5e5af5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: gobBugn6amqSE.V..yob3JNeK5Ucep55
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"b9877a7b047e9a9a60780c67e0bfe0e9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577925
x-amz-cf-id: XBsXw-Q-1AJXaAJBHWbwwtjWGTFfQSq9YHU63znVgxnHj38mUR0o2w==

GET
H2 200 316.ca2410d9f3cdf9cc06d1.bundle.js Show response
account.joinroot.com/ 127 KB
42 KB 21ms
20ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/316.ca2410d9f3cdf9cc06d1.bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ac3f4840423571fa6268686f41265d2186105a9c780b1350b81a7e9debb11d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: fu_TlBr7fVXo3lVuEV7NZsKL9Tik.8sn
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:35 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"5516e6e58232bcda730a6f44b297f62c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577925
x-amz-cf-id: 8ZFvveO-8O-Wbzf4r2OHgBBDXdylYn_62Q1v3QllCnEJsr201qLhcw==

GET
H2 200 main.eab6f9522ba348aab9ed.bundle.js Show response
account.joinroot.com/ 521 KB
143 KB 9ms
9ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/main.eab6f9522ba348aab9ed.bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

171e272bf8af1939d8b8a928a6f676640348e7138f19d906218b00f9148f8245

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: kZ97Qhz3DWSUAAoEe1rm.l1lLPJaFYFR
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"5c28bd70a51a16d014412ea41b9abea5"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577925
x-amz-cf-id: UAMO7hyb4fOLV53psPIGOGYl1M2yFSOcGFUrBEKyOfY8zuMGQf42VA==

GET
H2 200 react.e4b05660571e7bbd88c7.bundle.js Show response
account.joinroot.com/ 191 B
650 B 25ms
25ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/react.e4b05660571e7bbd88c7.bundle.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f0d0fec87df70880b5907ed5b0291f2d59684b5ad2fb6ebd6c4da4a116df1c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:43 GMT
x-amz-version-id: IPhXhKW8VWD0oxYOCIOMC2pTRaA6GNkT
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 577926
etag: "89f60feca6a39bea7ecc485f753b9cba"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 191
x-amz-cf-id: 3cJSPkOgKJUIp0tuTbC2CMvmwI3ZaHSRQcGMGpIqSlvAs0AERvDrrw==

GET
H2 200 tracking-iframe.html Show response
account.joinroot.com/ Frame 28F5 839 B
1 KB 474ms
474ms Document
text/html 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&referrer=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78593afb41e988a7afe6f38f05aa0d4043dfe2df674d000f18a7b6e26fbc8df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://account.joinroot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 839
content-type: text/html
date: Fri, 21 Apr 2023 15:27:49 GMT
etag: "7678ff31db3d70bd7d12ef25cadb4e29"
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-id: wQwMRnHvl44yiwYeJ9nm-B013s3ThWe4TlzXxwLlHKargy9teB7X_A==
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-amz-version-id: cZDTjo.E2w0pfuSHPWyHkivQSlm8FUNz
x-cache: Miss from cloudfront

GET
BLOB 200
OK 14cd55ac-5b1a-41e3-97bd-c90fcbaceff4
https://account.joinroot.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://account.joinroot.com/14cd55ac-5b1a-41e3-97bd-c90fcbaceff4
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H/1.1 200
OK / Show response
sentry.io/api/1773325/envelope/ 2 B
442 B 469ms
116ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1773325/envelope/?sentry_key=f88e6f2759c44f34ae333175f79063b4&sentry_version=7

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 21 Apr 2023 15:27:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: nginx
vary: origin,access-control-request-method,access-control-request-headers
Content-Type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 2

GET
BLOB 200
OK 0ff56840-c69a-4db9-9572-368b2b0556ef
https://account.joinroot.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://account.joinroot.com/0ff56840-c69a-4db9-9572-368b2b0556ef
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1314e2406805dcf08768dfbcec6babf83eddd6b615bb3eabca907b636ac5b80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 25465
Content-Type

OPTIONS
H2 200 validate_token
app.joinroot.com/web_api/login/ Frame 0
0 332ms
104ms Preflight 54.205.169.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.joinroot.com/web_api/login/validate_token
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.205.169.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-205-169-234.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: appetize-simulation,client-api-version,client-app-name,client-device,client-framework,content-type,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
Access-Control-Request-Method: GET
Origin: https://account.joinroot.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: appetize-simulation,client-api-version,client-app-name,client-device,client-framework,content-type,x-datadog-origin,x-datadog-parent-id,x-datadog-sampled,x-datadog-sampling-priority,x-datadog-trace-id
access-control-allow-methods: GET, POST, DELETE, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 0
date: Fri, 21 Apr 2023 15:27:48 GMT

GET
H2 200 validate_token Show response
app.joinroot.com/web_api/login/ 15 B
626 B 132ms
132ms Fetch
application/json 54.205.169.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joinroot.com/web_api/login/validate_token

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/main.eab6f9522ba348aab9ed.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.205.169.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-205-169-234.compute-1.amazonaws.com

Software

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

client-api-version: 7
client-device: Browser
client-framework: React
accept-language: de-DE,de;q=0.9
x-datadog-origin: rum
appetize-simulation: false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
x-datadog-sampling-priority: 1
content-type: application/json
accept: application/json
client-app-name: Root Web
Referer: https://account.joinroot.com/
x-datadog-parent-id: 3396700015375548669
x-datadog-trace-id: 135291195324718401
x-datadog-sampled: 1

Response headers

x-rack-cors: hit
date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4879bc4b-db60-4752-b3f0-1c85c27071e3
x-runtime: 0.027558
referrer-policy: strict-origin-when-cross-origin
etag: W/"af5fd803088fcdc627e5cd97fb88d7fc"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 0
access-control-allow-methods: GET, POST, DELETE, PATCH, PUT, OPTIONS, HEAD
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 02E9 49 KB
27 KB 30ms
30ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&cb=qhoyeq6kda2m

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0b7b6b394bab8e65a8beeaf44f5ecbc92fe3497c9ff9b863c3b760335414567c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8YidSg4JTUuPO_wxXqu_BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.joinroot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 27043
content-security-policy: script-src 'report-sample' 'nonce-8YidSg4JTUuPO_wxXqu_BQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:48 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 320cd0fb-bf7b-42f9-9474-68727f1c659b
https://account.joinroot.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://account.joinroot.com/320cd0fb-bf7b-42f9-9474-68727f1c659b
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ Frame 02E9 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&cb=qhoyeq6kda2m

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 13:39:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6474
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 13:39:54 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/ Frame 02E9 411 KB
165 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cff4271d2d0ee30878a4805694667aa650e27b8b89653a0a2564b1f8a6960537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 08:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 168608
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 02:01:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 20 Apr 2024 08:12:28 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 02E9 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/vkGiR-M4noX1963Xi_DB0JeI/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:40:03 GMT
x-content-type-options: nosniff
age: 114465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Apr 2023 07:40:03 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 02E9 15 KB
16 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:13:19 GMT
x-content-type-options: nosniff
age: 101669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 11:13:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 02E9 15 KB
15 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:09:16 GMT
x-content-type-options: nosniff
age: 191912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 10:09:16 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 02E9 102 B
134 B 15ms
15ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=vkGiR-M4noX1963Xi_DB0JeI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2d0fafda182c4de4d7d6b7f4c61bcba449abb660bc7359ceffebc370de53fa38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=vkGiR-M4noX1963Xi_DB0JeI&size=invisible&cb=qhoyeq6kda2m
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 21 Apr 2023 15:27:48 GMT

GET
H2 200 tracking.js Show response
account.joinroot.com/ Frame 28F5 811 B
1 KB 7ms
7ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/tracking.js?v=1

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4fb681be4d53c22c49f0bf920dc10c1d3f0033239eccf4c7c90f5b98c7ea8b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:45 GMT
x-amz-version-id: SLM1YEh.Qd1bCE_M.4gl4y.vKZJceaE0
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 577924
etag: "39660e6e228f1bc95e34bc65a61cf6b5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 811
x-amz-cf-id: ryRlh4ES5w33HkU3ZFJtycnHPLATyh3x50_p8cnUz6X-u_AV_b_O3w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 28F5 323 KB
98 KB 52ms
31ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e79de76d21e4aabd765816c77e87be9cde7ae6f6ffe4f339c34633c59c29642c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100127
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 15:27:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 28F5 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 14:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 16:27:45 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.3.1/dist/ Frame 28F5
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

7 KB
3 KB

15ms
15ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.3.1/dist/web-vitals.iife.js

Requested by

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 679590
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GXXYR13CVZMMCYF1KR3F59CJ-fra
server: cloudflare
etag: W/"1b8b-2Pht765cKB7+cupYL/A9I7DYa+A"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7bb6a73a3b69bba9-FRA

Redirect headers

date: Fri, 21 Apr 2023 15:27:48 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GYJ6D1D5EQCKGF562TV96KRS-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 473
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.3.1/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7bb6a73a2b52bba9-FRA

GET
H2

200

activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpasswor... Show response
11668718.fls.doubleclick.net/ Frame 55C2
Redirect Chain

https://11668718.fls.doubleclick.net/activityi;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpass...
https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Fa...

692 B
534 B

46ms
45ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

48b82b87ab3ab33a3b618f70768e68dffb6d736078df099f978477cca2360727

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.joinroot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 358
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ Frame 28F5 23 KB
8 KB 27ms
7ms Script
application/javascript 2a04:4e42:400::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 23 Jan 2023 21:56:14 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "03d5db9dfd00a5719bb4c9261e6fa1bb"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7356

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 28F5 4 KB
2 KB 212ms
121ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C9JH09BC77UB7GEAP9QG
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: d678a79597325671192529baca3278d6b46b2ea872b5c7306e0800edf924689a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: c27f5f3.28e57f0
date: Fri, 21 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 94,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=6, inner; dur=3
content-length: 1619
pragma: no-cache
server: nginx
x-tt-logid: 20230421152748E58C1AB39A551A9CB314
x-cache-remote: TCP_MISS from a23-220-104-21.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.21
x-tt-trace-host: 015bcd1024ed780df571c2acd76bdae76c508476e9d2a6470c888f13dceee1c7ac655ab5b305a922c58accd84f70045de521c1b6b98d0157925f4b955a1aa8d476bd41158a8923bf4aad5e56bdff1f377a198a93c377a8b4fd3bfd764f2e4b031a2978574831c0695c61a807b8cb87bdaa
expires: Fri, 21 Apr 2023 15:27:49 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 28F5 4 KB
2 KB 215ms
125ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C9PBGSJC77U4P674QF0G
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f31d71659454ea26e31859246e0c2dc9048cf4425e9fe006c792c27279b0ca83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 117ea026.28e57f1
date: Fri, 21 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 98,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=88, origin; dur=10, inner; dur=2
content-length: 1619
pragma: no-cache
server: nginx
x-tt-logid: 202304211527480D520034A5FB5D9E6A65
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 10,23.220.104.11
x-tt-trace-host: 015bcd1024ed780df571c2acd76bdae76c508476e9d2a6470c888f13dceee1c7ac7ab0d37ad7704c491fec6a3423c3255765025475528c95b6295ec6b13cd6b3e6210e515bd40783c73ef520d7596c95f1ca4316aa68260455c5184a4fddb4697d52653ed1a502ebde0a3de9ceec455a3e
expires: Fri, 21 Apr 2023 15:27:49 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ Frame 28F5 3 KB
2 KB 210ms
122ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C9PBGSJC77U4P674QF0G&lib=ttq
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c85a5cc3591a05bf6ab1f14232daa398e5a1c5a4f00b72e22c008df51fc83535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 117e8058.28e57f2
date: Fri, 21 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 95,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=89, origin; dur=6, inner; dur=3
content-length: 1221
pragma: no-cache
server: nginx
x-tt-logid: 20230421152748404F35B4FEDD1092C0EE
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 6,23.220.104.11
x-tt-trace-host: 015bcd1024ed780df571c2acd76bdae76c508476e9d2a6470c888f13dceee1c7ac7ab0d37ad7704c491fec6a3423c325571e6d74b456689433831e61227fa9bd11dde64aa6679710d767cad061ff538a19e542f23e91fb7b7564576f42f615f575799f8b845acc25fd21246c9d4178b644
expires: Fri, 21 Apr 2023 15:27:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 28F5 222 KB
77 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5ffb76a34fe859eb15429618417cc16f0ca34b09a922464be5f983017618c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78902
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Apr 2023 15:27:48 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/9b5fdab753ee4f6485f159914629b6ea/ Frame 28F5 43 B
420 B 413ms
102ms Image
image/gif 18.232.20.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/9b5fdab753ee4f6485f159914629b6ea/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.232.20.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-232-20-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 15:27:49 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,e53fbe835eea319b9b59760403680517,10.0.0.166,21634,217.64.151.4,,252191162855,1,1682090869.172,0.002,,.,0,0,0.000,0.004,-,0,0,197,84,42,10,26847,,,,,,-,
Content-Type: image/gif

GET
H/1.1

200
OK

ppt=3322;g=website;gid=16220;ord=undefined
trkn.us/pixel/conv/ Frame 28F5
Redirect Chain

https://trkn.us/pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342
https://trkn.us/pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342;ip=217.64.151.4;cuidchk=1

42 B
780 B

975ms
975ms

Image
image/gif

34.231.39.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342;ip=217.64.151.4;cuidchk=1

Requested by

Protocol

HTTP/1.1

Server

34.231.39.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-39-24.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 15:27:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
Content-Type: image/gif
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 15:27:49 GMT
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/html; charset=UTF-8
Location: /pixel/conv/ppt=3322;g=website;gid=16220;ord=undefined?gtmcb=1416649342;ip=217.64.151.4;cuidchk=1
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
Content-Length: 0

GET
H2

200

starV6.gif
jelly-v6.mdhv.io/v1/ Frame 28F5
Redirect Chain

https://jelly.mdhv.io/v1/star.gif?pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&evt=hi
https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&tx=b3e35201-e4fa-4b94-bfbd-b475fc45bf7e

43 B
235 B

170ms
118ms

Image
image/gif

2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&tx=b3e35201-e4fa-4b94-bfbd-b475fc45bf7e
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: H2
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:49 GMT
server: Google Frontend
content-type: image/gif
x-cloud-trace-context: 92ee7a8f823e7cfb3a4669f3dd3c0a65
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

Redirect headers

location: https://jelly-v6.mdhv.io/v1/starV6.gif?evt=hi&pid=LmRp7Qq4ESTPS0j3z1WFh6jG7qb5&src=mh&tx=b3e35201-e4fa-4b94-bfbd-b475fc45bf7e
x-cloud-trace-context: 67e723db1faee67d5d505bb84ca87eb5
date: Fri, 21 Apr 2023 15:27:48 GMT
server: Google Frontend
content-length: 173
content-type: text/html; charset=utf-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 28F5 4 B
212 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=60300443&t=pageview&_s=1&dl=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YGBACEABBAAAACAAI~&jid=11287859&gjid=469207089&cid=1479917868.1682090869&tid=UA-147611765-1&_gid=369691035.1682090869&_r=1&_slc=1&gtm=45He34j0n81K6HV2KF&z=891364271

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ Frame 28F5 42 B
157 B 127ms
106ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1682090868838&id=t2_4rygsu1n&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&uuid=286b6bf8-1d99-415b-92cc-7711da6ea29f&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_65e23bc4
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 15:27:48 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 28F5 1 B
349 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-147611765-1&cid=1479917868.1682090869&jid=11287859&gjid=469207089&_gid=369691035.1682090869&_u=YGBACEAABAAAACAAI~&z=2084617165

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 21 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame 28F5 0
257 B 61ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-36Q9N6NZ6P&gtm=45je34j0&_p=60300443&_gaz=1&cid=1479917868.1682090869&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682090868&sct=1&seg=0&dl=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal&dt=&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 28F5 0
47 B 23ms
20ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-36Q9N6NZ6P&cid=1479917868.1682090869&gtm=45je34j0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 28F5 42 B
408 B 60ms
39ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-36Q9N6NZ6P&cid=1479917868.1682090869&gtm=45je34j0&aip=1&z=1405515882

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 565.7d93272007dbc8e47d50.bundle.js Show response
account.joinroot.com/ 5 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/565.7d93272007dbc8e47d50.bundle.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

37f22199f4d6cb7f0a08343901284f25fdb8360a2c197e80d7ca85fb0c6dc786

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:44 GMT
x-amz-version-id: MMKPFl26YempEpec_7r1T2SZnS05iRMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:36 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"fdd3a2e816f2689632e2e92135ce31d3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577924
x-amz-cf-id: jHiqEPQ6PmzAuIZqb9S8bawSPj0A6HO3gKYuyr3-HXYxkjYxtp-QSw==

GET
H2 200 554.4bccbbf8e08733cec8a1.bundle.js Show response
account.joinroot.com/ 10 KB
4 KB 7ms
6ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/554.4bccbbf8e08733cec8a1.bundle.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0fcc4994d4a13fecec790b29cb4aec5e232146f9ddcaa25c5de33e875712da3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:44 GMT
x-amz-version-id: gYLFDyDV6Y4BrUi5rqCUHzqV7qUExQ.r
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:36 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"5ccbefb29d1ad3ac2b027ffdefd1292f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577924
x-amz-cf-id: wQwuNRubK20wpCY0r6p3bAz4QKeSmuXlz0ru2FlKA_P9qhm5TcDZLQ==

GET
H2 200 449.ab95b9f4e9755db7f2c9.bundle.js Show response
account.joinroot.com/ 11 KB
5 KB 8ms
7ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/449.ab95b9f4e9755db7f2c9.bundle.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

daeba13be16e064b28857b37b04987012972a38e44e76be5111fb5bd03e82e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:44 GMT
x-amz-version-id: d0iyyaAcki8F1PASa94dl2u5BL7CqZfk
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:35 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"5d3d2142c3463df3766ab6ffce2feb20"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577924
x-amz-cf-id: WAAhIx9cLltYTFeTuibomFezYs_nPKm7FrUVy3aQ2OI1bVuwnqD80g==

GET
H2 200 login.7ede679d8b2c3bd8b995.bundle.js Show response
account.joinroot.com/ 15 KB
6 KB 7ms
7ms Script
application/javascript 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/login.7ede679d8b2c3bd8b995.bundle.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/AzqbuzTNOOCxi1wEZ/ae2a2b40-2884-46e4-a532-67fb3ccc3446/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0ba41202c46c067b95fdbad7408489208873946ae8bbfa6d5f6a59bac8b5f3bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:45 GMT
x-amz-version-id: fjz0iFL7vaTsveWVFKqVmLAdBawpcEXn
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
etag: W/"238b9ceca171cfea2be5b04fc58d1693"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 577924
x-amz-cf-id: ZHCvtZXlUbuSshlCINRHjp894w-YjKh68TT-UEoBhB2Lnq_nf5EfdQ==

POST
H2 200 pubf87dedfdc102c3e3d45817e70b266077
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0 430ms
219ms Ping
application/json 2600:1f18:24e6:b900:b765:a9d2:87:ebeb
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pubf87dedfdc102c3e3d45817e70b266077?ddsource=browser&ddtags=sdk_version%3A3.11.0%2Cenv%3Aproduction%2Cservice%3Aaccount.joinroot.com%2Cversion%3Abc9235c52062739c2d62bf0c651823dbab530132&batch_time=1682090868920
Requested by: Host: account.joinroot.com
URL: https://account.joinroot.com/main.eab6f9522ba348aab9ed.bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:b765:a9d2:87:ebeb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 5e30732e3d1eb736da94.woff2
account.joinroot.com/ 27 KB
28 KB 7ms
6ms Font
font/woff2 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/5e30732e3d1eb736da94.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cbc052644815e2f2ac9e089e65ad03050b81892ab408cbc0b6605816b7180c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Origin: https://account.joinroot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:45 GMT
x-amz-version-id: xywXm8Qcu6vgfvx4zizfo0ejYjtWgSQW
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 577924
etag: "f5a06a7f60efb2c82c5cf9ae18e9a80f"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 28072
x-amz-cf-id: wzBVSzglK77mkODIpBmus-gGNEv7RTwZYSVR6BV-XyUbLuyEA5mkrA==

GET
H2 200 e1f0023e2d87e261f9a7.woff2
account.joinroot.com/ 25 KB
26 KB 8ms
7ms Font
font/woff2 2600:9000:2490:e000:5:92a4:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/e1f0023e2d87e261f9a7.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2490:e000:5:92a4:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c4aaed2fcfd461ea5b16366ff5d42c5edc9e828cdea71a6cad3151cdae7b8b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

Referer: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal
Origin: https://account.joinroot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 22:55:45 GMT
x-amz-version-id: WNuu3DhtZRfq5HrbBd9UpyNagVCjnWvY
via: 1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
strict-transport-security: max-age=63072000; includeSubdomains; preload
last-modified: Fri, 14 Apr 2023 14:39:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 577924
etag: "70f85e3ca4cda5862e4d640ce1b45581"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: font/woff2
accept-ranges: bytes
content-length: 26040
x-amz-cf-id: 2OmUwuCJcGK0IXAIewDYVxd2iSy1-Ztjtw1ysYUFChg32cct5JvWLg==

GET
H2 200 dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_so... Show response
adservice.google.com/ddm/fls/i/ Frame AB57 691 B
734 B 66ms
45ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Requested by

Host: 11668718.fls.doubleclick.net
URL: https://11668718.fls.doubleclick.net/activityi;dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b766bfc5e9c2f3aacd9955ad497a17841c62769713ad37d24c14684ee88a87a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11668718.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 main.MTFlZGFkNDkwMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 28F5 256 KB
69 KB 27ms
27ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=C9JH09BC77UB7GEAP9QG
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 28e5847
date: Fri, 21 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202304181345564D338736EABF9EA5E65F
vary: Accept-Encoding
x-cache: TCP_HIT from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f3b2aa023f691b51fd012907ff3edf0ab37ebcfcd3318a35ace05ea74d93bb336dd483ffd9b3e3530db327e1df69285b7f7f6c6ef0e239ff8706a645787eb352fb70153cdb7435c0ff641d7be20f69b17c5585eff901711d19ccdc771da3115b
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 69550

GET
H3

200

dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_so... Show response
11668718.fls.doubleclick.net/ddm/fls/r/ Frame 542B
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.jo...
https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Fa...

730 B
384 B

45ms
45ms

Document
text/html

172.217.16.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f6.1e100.net

Software

cafe /

Resource Hash

9ebac8b10f2d42314371b01e3c9223a23863bdbc64670098e34798b0130ce62c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 359
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:49 GMT
expires: Fri, 21 Apr 2023 15:27:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 15:27:49 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 identify_d1af3.js Show response
analytics.tiktok.com/i18n/pixel/static/ Frame 28F5 114 KB
31 KB 28ms
28ms Script
application/javascript 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_d1af3.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-akamai-request-id: 28e5881
date: Fri, 21 Apr 2023 15:27:49 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230418134557EC1AA2550F5EA91789AB
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f3b2aa023f691b51fd012907ff3edf0ab37ebcfcd3318a35ace05ea74d93bb331f6c5280cffdf1e733fe6871018f1bb318f2737de06983bbc06f2939a90ebde37dc253634b8ab22987d4b07019baada1d3db7cce92618cf7b32a1a28544cba42
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 30728

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 28F5 0
689 B 169ms
169ms Ping
text/plain 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 34d7b5ef.28e58a7
date: Fri, 21 Apr 2023 15:27:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 133,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=33, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202304211527493C144FFC34FB95935015
x-cache-remote: TCP_MISS from a23-220-104-7.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 33,23.220.104.7
x-tt-trace-host: 015bcd1024ed780df571c2acd76bdae76c508476e9d2a6470c888f13dceee1c7aca864a0fb7ec7aad516f7919f29d292260068310cf9394cd4efccc3c8e92034508cbd037d229e01e5c5c34b77fe9fd8f5b9ea041c9ba6b6ae500aa5d31102b1fd0f92fae0cede8ffb120677e14f650a6a
expires: Fri, 21 Apr 2023 15:27:49 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ Frame 28F5 0
690 B 169ms
169ms Ping
text/plain 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTFlZGFkNDkwMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-234.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.joinroot.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 117eac3a.28e58a8
date: Fri, 21 Apr 2023 15:27:49 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a2-16-186-230.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
x-parent-response-time: 122,2.16.186.230
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=29, inner; dur=25
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20230421152749B47F35A54492ED95F5E3
x-cache-remote: TCP_MISS from a23-220-104-11.deploy.akamaitechnologies.com (AkamaiGHost/11.0.3-47547230) (-)
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 29,23.220.104.11
x-tt-trace-host: 015bcd1024ed780df571c2acd76bdae76c508476e9d2a6470c888f13dceee1c7ac7ab0d37ad7704c491fec6a3423c325578ae02a0e13146c38008eeaa933b1685abd5c6cf922f6ba67802ec7f27cf72d87fae47150f8430f07ac1cffa075975b7bc82b78833dc38ffc797d2f90430f6970
expires: Fri, 21 Apr 2023 15:27:49 GMT

GET
H/1.1 200
OK /
data.adxcel-ec2.com/pixel/ Frame 542B 43 B
131 B 405ms
98ms Image
image/gif 54.82.238.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.adxcel-ec2.com/pixel/?ad_log=referer&action=lead&pixid=32769e96-e09a-4144-96f3-1062423b8b90
Requested by: Host: 11668718.fls.doubleclick.net
URL: https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.238.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-238-3.compute-1.amazonaws.com
Software: /
Resource Hash: 693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11668718.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20'
adservice.google.com/ddm/fls/z/ Frame 542B
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=11965234;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20'?
https://ad.doubleclick.net/ddm/activity/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord...
https://adservice.google.com/ddm/fls/z/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord=...

42 B
118 B

44ms
44ms

Image
image/gif

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20'

Requested by

Host: 11668718.fls.doubleclick.net
URL: https://11668718.fls.doubleclick.net/ddm/fls/r/dc_pre=CMOt4eWku_4CFRuPsgodxjINGA;src=11668718;type=unive0;cat=root_0;ord=5214181429209;gtm=45He34j0;auiddc=682310371.1682090869;~oref=https%3A%2F%2Faccount.joinroot.com%2Flogin%2Fpassword%3Futm_source%3Demail%26utm_medium%3Demail%26utm_campaign%3Dday_zero_web_quote_generation%26c%3Dday_zero_web_quote_generation%26af_adset%3DV2%26af_ad%3DEM1%26rw%3D1%26af_fp_priority%3Dequal

Protocol

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11668718.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 15:27:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=11965234;dc_pre=CL_Q9eWku_4CFQHPsgod3IMNgw;type=invmedia;cat=rooti0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=;gdpr_consent=;ord='%20+%20a%20+%20'
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/ Frame 542B
Redirect Chain

https://secure.adnxs.com/px?id=1583549&seg=30030312&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1583549%26seg%3D30030312%26t%3D2

43 B
1 KB

33ms
33ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1583549%26seg%3D30030312%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11668718.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 15:27:49 GMT
AN-X-Request-Uuid: 8616df8f-d706-4852-9fe5-bf607673e4e7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 15:27:49 GMT
AN-X-Request-Uuid: e42998c6-c430-4456-85b7-e069a3212fd6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1583549%26seg%3D30030312%26t%3D2
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.64.151.4; 217.64.151.4; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.joinroot.com/	1970-01-20 11:14:51	Name: _dd_s Value: rum=1&id=f23fb10e-2282-41b9-bdb2-d48377151abb&created=1682090868348&expire=1682091768348
.joinroot.com/	1970-01-20 20:00:26	Name: __r.root_id_production Value: bb13c6da-7299-4b91-9bf7-38084f559ac1
.joinroot.com/	1970-01-20 13:24:26	Name: _gcl_au Value: 1.1.682310371.1682090869
.joinroot.com/	1970-01-20 11:16:17	Name: _gid Value: GA1.2.369691035.1682090869
.joinroot.com/	1970-01-20 11:14:50	Name: _gat_UA-147611765-1 Value: 1
.joinroot.com/	1970-01-20 13:24:26	Name: _rdt_uuid Value: 1682090868837.286b6bf8-1d99-415b-92cc-7711da6ea29f
.joinroot.com/	1970-01-20 20:50:50	Name: _ga Value: GA1.1.1479917868.1682090869
.joinroot.com/	1970-01-20 20:50:50	Name: _ga_36Q9N6NZ6P Value: GS1.1.1682090868.1.0.1682090868.60.0.0
.tiktok.com/	1970-01-20 20:36:26	Name: _ttp Value: 2Ok3h4PjNnqQU8bOXT3xQPceYVQ
.joinroot.com/	1970-01-20 20:36:26	Name: _tt_enable_cookie Value: 1
.joinroot.com/	1970-01-20 20:36:26	Name: _ttp Value: EysdL4HmIYQFAAwBf9MATZiNTrI
.doubleclick.net/	1970-01-20 20:36:26	Name: IDE Value: AHWqTUmYLgN1HXxTtM0Brc_07B_shAA75nLN8JoUVOyvOPgspxO3pljjosd-c2YN2rU
.trkn.us/	1970-01-20 20:00:26	Name: barometric[cuid] Value: cuid_251b82f4-6483-443b-97eb-94052004e58b
.adnxs.com/	1970-01-20 13:24:26	Name: uuid2 Value: 4183183254979991975
.adnxs.com/	1970-01-20 13:24:26	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2IlgrJ6DG!]tbP6j2F-XstGt!@D[H$hMd)

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://account.joinroot.com/login/password?utm_source=email&utm_medium=email&utm_campaign=day_zero_web_quote_generation&c=day_zero_web_quote_generation&af_adset=V2&af_ad=EM1&rw=1&af_fp_priority=equal(Line 24) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11668718.fls.doubleclick.net
account.joinroot.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.tiktok.com
app.joinroot.com
cmp.osano.com
data.adxcel-ec2.com
fonts.gstatic.com
jelly-v6.mdhv.io
jelly.mdhv.io
q.quora.com
region1.analytics.google.com
rum-http-intake.logs.datadoghq.com
secure.adnxs.com
sentry.io
stats.g.doubleclick.net
trkn.us
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.redditstatic.com
142.250.186.134
151.101.1.140
172.217.16.198
18.232.20.22
185.89.210.82
2.16.186.234
2001:4860:4802:34::36
2001:4860:4802:38::15
216.239.32.21
2600:1f18:24e6:b900:b765:a9d2:87:ebeb
2600:9000:211e:1600:3:b7e:8940:93a1
2600:9000:2490:e000:5:92a4:1fc0:93a1
2606:4700::6810:7daf
2a00:1450:4001:802::2003
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a04:4e42:400::396
34.231.39.24
35.188.42.15
54.205.169.234
54.82.238.3
03904d282a158b60cca5f936ba76aa7777e1070b06de9b59a23732067a965dc2
0b7b6b394bab8e65a8beeaf44f5ecbc92fe3497c9ff9b863c3b760335414567c
0ba41202c46c067b95fdbad7408489208873946ae8bbfa6d5f6a59bac8b5f3bd
0fcc4994d4a13fecec790b29cb4aec5e232146f9ddcaa25c5de33e875712da3f
171e272bf8af1939d8b8a928a6f676640348e7138f19d906218b00f9148f8245
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
2487ea0c4e57a67e1038bf20b95ddd3a153b1112d489665402f7bdb8a5e5af5a
2accfa5346b616ed56e3ec6570e055d0bb939dbba37363ca10096ffc373e6423
2d0fafda182c4de4d7d6b7f4c61bcba449abb660bc7359ceffebc370de53fa38
37f22199f4d6cb7f0a08343901284f25fdb8360a2c197e80d7ca85fb0c6dc786
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48b82b87ab3ab33a3b618f70768e68dffb6d736078df099f978477cca2360727
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb681be4d53c22c49f0bf920dc10c1d3f0033239eccf4c7c90f5b98c7ea8b33
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
693d949d8c3fdc7fd4ace7c340b5f177a9f0c5be7bafee8bc93a7d88b7523d75
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
736c909fc56b7e9061ae8a95e8f07e3b4e217ea2cb5cdc2f23562181eee1e588
78593afb41e988a7afe6f38f05aa0d4043dfe2df674d000f18a7b6e26fbc8df4
9088dcfc20c69b36f5dee93eca9bb3fac64c2ee3c482d5acfdfc92729e67ec19
9512d2de91fd27231a5efa08114917ca1bd054801f828b81d55f7a4b5f06b108
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9ebac8b10f2d42314371b01e3c9223a23863bdbc64670098e34798b0130ce62c
ac3f4840423571fa6268686f41265d2186105a9c780b1350b81a7e9debb11d8d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b2ece5d28dcf047582c05c122e3bf0ed4905a965026a9940c289682620b76a2f
b766bfc5e9c2f3aacd9955ad497a17841c62769713ad37d24c14684ee88a87a0
c4aaed2fcfd461ea5b16366ff5d42c5edc9e828cdea71a6cad3151cdae7b8b99
c85a5cc3591a05bf6ab1f14232daa398e5a1c5a4f00b72e22c008df51fc83535
cbc052644815e2f2ac9e089e65ad03050b81892ab408cbc0b6605816b7180c0a
cda252dc01c656d59193d8d696f26c3e95f10b87711e2413e28362532bae984a
cef0a3ffb6993fc1ec7b5b67a16377ec1ec0a858b3cabb834033d7458ff0e4bc
cff4271d2d0ee30878a4805694667aa650e27b8b89653a0a2564b1f8a6960537
d100dc4a38f9a4574b588dc16b0ab057f2610de2eec71ecdeb23eed75e41a9c1
d678a79597325671192529baca3278d6b46b2ea872b5c7306e0800edf924689a
daeba13be16e064b28857b37b04987012972a38e44e76be5111fb5bd03e82e18
dbefc7c689ac72a507009827c002e030c2cbe95e9b1a11119dfc811866b7606a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79de76d21e4aabd765816c77e87be9cde7ae6f6ffe4f339c34633c59c29642c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcd2700eed7a55611ccd882e4493e96c36c1d2c96bfda64e344e17941bfded5
f0d0fec87df70880b5907ed5b0291f2d59684b5ad2fb6ebd6c4da4a116df1c3e
f1314e2406805dcf08768dfbcec6babf83eddd6b615bb3eabca907b636ac5b80
f31d71659454ea26e31859246e0c2dc9048cf4425e9fe006c792c27279b0ca83
f5ffb76a34fe859eb15429618417cc16f0ca34b09a922464be5f983017618c3d

account.joinroot.com Open in urlscan Pro 2600:9000:2490:e000:5:92a4:1fc0:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

87 %HTTPS

59 %IPv6

19 Domains

27 Subdomains

25 IPs

3 Countries

1134 kBTransfer

3213 kBSize

15 Cookies

4 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

account.joinroot.com Open in urlscan Pro
2600:9000:2490:e000:5:92a4:1fc0:93a1 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

87 %
HTTPS

59 %
IPv6

19
Domains

27
Subdomains

25
IPs

3
Countries

1134 kB
Transfer

3213 kB
Size

15
Cookies

60 HTTP transactions
0 data transactions