account.joinroot.com Open in urlscan Pro
13.32.22.124 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://account.joinroot.com/
Submission: On September 13 via automatic, source certstream-suspicious (September 13th 2021, 3:55:34 pm UTC) — Scanned from DE

Summary HTTP 38 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 38 HTTP transactions. The main IP is 13.32.22.124, located in United States and belongs to AMAZON-02, US. The main domain is account.joinroot.com.
TLS certificate: Issued by Amazon on October 15th 2020. Valid for: a year.

This is the only time account.joinroot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	13.32.22.124 13.32.22.124	16509 (AMAZON-02) (AMAZON-02)
3	74.125.140.105 74.125.140.105	15169 (GOOGLE) (GOOGLE)
6	66.102.1.94 66.102.1.94	15169 (GOOGLE) (GOOGLE)
1	35.188.42.15 35.188.42.15	15169 (GOOGLE) (GOOGLE)
2	52.3.60.18 52.3.60.18	14618 (AMAZON-AES) (AMAZON-AES)
2	35.186.241.51 35.186.241.51	15169 (GOOGLE) (GOOGLE)
2	64.233.184.97 64.233.184.97	15169 (GOOGLE) (GOOGLE)
2	64.233.184.113 64.233.184.113	15169 (GOOGLE) (GOOGLE)
2 3	104.16.122.175 104.16.122.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	64.233.166.101 64.233.166.101	15169 (GOOGLE) (GOOGLE)
2	142.251.5.155 142.251.5.155	15169 (GOOGLE) (GOOGLE)
1	18.194.175.178 18.194.175.178	16509 (AMAZON-02) (AMAZON-02)
1	185.60.218.35 185.60.218.35	32934 (FACEBOOK) (FACEBOOK)
38	13

14 13.32.22.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-124.fra56.r.cloudfront.net

account.joinroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.140.105 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 66.102.1.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.188.42.15 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com

sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.60.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-60-18.compute-1.amazonaws.com

app.joinroot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.184.113 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.122.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.101 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f101.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.175.178 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-175-178.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.218.35 (Bucharest, Romania)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-otp1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	joinroot.com account.joinroot.com app.joinroot.com	258 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	327 KB
4	google.com www.google.com analytics.google.com	21 KB
3	unpkg.com 2 redirects unpkg.com	2 KB
2	doubleclick.net stats.g.doubleclick.net	510 B
2	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	122 KB
2	mixpanel.com api-js.mixpanel.com	417 B
1	facebook.com www.facebook.com	313 B
1	agkn.com d.agkn.com	593 B
1	sentry.io sentry.io	410 B
38	11

	Domain	Requested by
14	account.joinroot.com	account.joinroot.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	unpkg.com	2 redirects
3	www.google.com	account.joinroot.com www.gstatic.com www.google.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	account.joinroot.com www.googletagmanager.com
2	fonts.gstatic.com	www.google.com
2	api-js.mixpanel.com	account.joinroot.com
2	app.joinroot.com	account.joinroot.com
1	www.facebook.com
1	d.agkn.com
1	analytics.google.com	www.googletagmanager.com
1	sentry.io	account.joinroot.com
38	14

This site contains links to these domains. Also see Links.

Domain
www.joinroot.com
quote.joinroot.com
policies.google.com

Subject Issuer	Validity	Valid
account.joinroot.com Amazon	`2020-10-15` - `2021-11-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sentry.io DigiCert SHA2 Secure Server CA	`2020-06-02` - `2022-06-07`	2 years	crt.sh
app.joinroot.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.mixpanel.com GeoTrust RSA CA 2018	`2020-04-20` - `2022-04-21`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://account.joinroot.com/
Frame ID: 152A21497B29FD79579FAB28C6EE9070
Requests: 18 HTTP requests in this frame

Frame: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=
Frame ID: 37B05B7ACA9160F2A0A5820B553A6A75
Requests: 12 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=p1mw8h8ksixv
Frame ID: BF0914AC8B96E7ACFEEAEE7226B1FDC8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Root Insurance

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

752 kB
Transfer

1947 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.joinroot.com/
Title: Root Insurance logo

Search URL Search Domain Scan URL

URL: https://quote.joinroot.com/
Title: Sign up

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@2.1.0 HTTP 302
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
account.joinroot.com/ 4 KB
2 KB 113ms
20ms Document
text/html 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9fa68c3125723dcba1c022646813d786bd411aaedf34d2f7c1133e75e01c0709

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:method: GET
:authority: account.joinroot.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
date: Mon, 13 Sep 2021 14:46:38 GMT
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
etag: W/"4e3dcaadcafb305110d8590530f0e10c"
x-amz-server-side-encryption: AES256
x-amz-version-id: heOtjjZyYWAO2HrT8uAutak08pU8pvHQ
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: GvLlevYM4LfD7n5qInn7Va9aa5hGezYJLGbg_WrnaMMdUGJnk1SJTw==
age: 4132

GET
H2 200 base.css
account.joinroot.com/ 15 KB
3 KB 13ms
13ms Stylesheet
text/css 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/base.css

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d100dc4a38f9a4574b588dc16b0ab057f2610de2eec71ecdeb23eed75e41a9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /base.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:03 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: W/"e0d44d76b098b4e4d22c6ba7832e26c2"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: Hdg7MSV9y6FaqySJk9O.aIfK5QY53_a3
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: text/css
x-amz-cf-id: _HS9PEJ5NpAXZwVpzjkv_VQ7zKMwVH607EWcO_b1FMfrN59O_m6QtA==

GET
H2 200 runtime.b8fc43ec9bb433456baf.bundle.js Show response
account.joinroot.com/ 5 KB
3 KB 22ms
21ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/runtime.b8fc43ec9bb433456baf.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

19d4866f60b8a66d56441ee3f4afee5b8a90494d8813a8d26c96405671eb6465

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /runtime.b8fc43ec9bb433456baf.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:03 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: W/"ad7c305f5372fcc42f2c710963a7c43f"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: 1yVH1z2KukAuYP.J3M0sfobORP39m90L
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: L-ihj3lRO3MubDP3Sf4twAVmS1_FF-FRJLRjAQMVy0OYuzWoLCqztA==

GET
H2 200 vendors.43303b8c2b7c564a07d3.bundle.js Show response
account.joinroot.com/ 68 KB
22 KB 13ms
13ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/vendors.43303b8c2b7c564a07d3.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d0b46cbe366215edb091601be5bc4e945a2d8cb71e680d0b81a5855f40b12623

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /vendors.43303b8c2b7c564a07d3.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:03 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: W/"08f58c8937a2b69017a4ab96ddc1c16c"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: DNi_CgiPXnPGq8SlTVy8ywlVHzGCayjt
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: OP4vfUwxRv7I-PDx6lHBOYyr8eP8LkqSvy9mzT-kemBC0R8IUyYLdg==

GET
H2 200 316.809214d759c26e74fb58.bundle.js Show response
account.joinroot.com/ 127 KB
42 KB 11ms
11ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/316.809214d759c26e74fb58.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d7a78cbcb8685ba90290499f357397b44045a862e70eb8ea995b11a5618fc6cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /316.809214d759c26e74fb58.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:04 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:09 GMT
server: AmazonS3
age: 1346
etag: W/"5f802f7cf83a50886d80ea71ba4de5da"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: U10gg1l2vGYxcr8flVMEOWatoACG9JCB
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: KhjAv07WndXRbWL6AWSjLfhUH7o5KgYcxlS-x35rYOnfjPwMggfgcA==

GET
H2 200 main.20f949ea90143563b0fc.bundle.js Show response
account.joinroot.com/ 410 KB
112 KB 12ms
12ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/main.20f949ea90143563b0fc.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d58fa090f4897b0de6bf881c737d4f58f1f7ddabea17441a733f70d0761f462a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /main.20f949ea90143563b0fc.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:04 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: W/"f76b79b9cbe1345fbc6dccf473cb802a"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: M0k9JIQgwq1imCHaEp9skZuazxpObP_e
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: Cw9z7MylbkydeWu3i2Q1P-w4RNSiXpEWl6lvsPNccebQ2UnqGZCjdQ==

GET
H2 200 react.36ec1747c11470fcc904.bundle.js Show response
account.joinroot.com/ 191 B
647 B 13ms
13ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/react.36ec1747c11470fcc904.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4d1c6fe5d32843eeb67bd776b26595160259ada498bf6bce42f265aa59a7673d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /react.36ec1747c11470fcc904.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:04 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: "3404e553b34611e5594645b47b0ba479"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: zfvfA.B5DKMik3qLYEHtRMhApnh39H8h
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 191
x-amz-cf-id: -_QvdFQvmx_HpRKvubhwUquUYOfThTsvJT9BaCLRscCBWVw2hkqlQQ==

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 974 B
1 KB 59ms
25ms Script
text/javascript 74.125.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f105.1e100.net

Software

GSE /

Resource Hash

def79ea98e77fd4eec5926bc85e34f281e83881b98af9111c4e8950bbf3db6d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 13 Sep 2021 15:55:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617
x-xss-protection: 1; mode=block
expires: Mon, 13 Sep 2021 15:55:29 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ 343 KB
135 KB 68ms
20ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://account.joinroot.com/
Origin: https://account.joinroot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137529
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 06:06:20 GMT

GET
H2 200 tracking-iframe.html Show response
account.joinroot.com/ Frame 37B0 839 B
1 KB 436ms
436ms Document
text/html 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

78593afb41e988a7afe6f38f05aa0d4043dfe2df674d000f18a7b6e26fbc8df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:method: GET
:authority: account.joinroot.com
:scheme: https
:path: /tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.joinroot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/

Response headers

content-type: text/html
content-length: 839
date: Mon, 13 Sep 2021 15:55:30 GMT
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
etag: "7678ff31db3d70bd7d12ef25cadb4e29"
x-amz-server-side-encryption: AES256
x-amz-version-id: OGrtqnup79qZ_94ZEJLUsKBKkRg5VxlH
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Miss from cloudfront
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Lq1ut6PibaAb2yoxcUeaEbiiuI7426LozOQJrr4f2MqfHsyHkJX26w==

POST
H/1.1 200
OK / Show response
sentry.io/api/1773325/envelope/ 2 B
410 B 487ms
120ms Fetch
application/json 35.188.42.15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sentry.io/api/1773325/envelope/?sentry_key=f88e6f2759c44f34ae333175f79063b4&sentry_version=7

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/main.20f949ea90143563b0fc.bundle.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.188.42.15 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

15.42.188.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 13 Sep 2021 15:55:30 GMT
vary: Origin
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/json
access-control-allow-origin: https://account.joinroot.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 2

OPTIONS
H2 200 validate_token
app.joinroot.com/web_api/login/ Frame 0
0 480ms
247ms Preflight 52.3.60.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://app.joinroot.com/web_api/login/validate_token
Protocol: H2
Server: 52.3.60.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-60-18.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: appetize-simulation,client-api-version,client-app-name,client-device,client-framework,content-type
Origin: https://account.joinroot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, DELETE, PATCH, PUT, OPTIONS, HEAD
access-control-expose-headers
access-control-max-age: 0
access-control-allow-headers: appetize-simulation,client-api-version,client-app-name,client-device,client-framework,content-type

GET
H2 200 validate_token Show response
app.joinroot.com/web_api/login/ 15 B
627 B 262ms
262ms Fetch
application/json 52.3.60.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.joinroot.com/web_api/login/validate_token

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/main.20f949ea90143563b0fc.bundle.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.3.60.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-3-60-18.compute-1.amazonaws.com

Software

Resource Hash

af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

client-framework: React
client-api-version: 7
Accept-Language: de-DE,de;q=0.9
client-device: Browser
appetize-simulation: false
content-type: application/json
accept: application/json
client-app-name: Root Web
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://account.joinroot.com/

Response headers

x-rack-cors: hit
date: Mon, 13 Sep 2021 15:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
x-xss-protection: 1; mode=block
x-request-id: a13e4645-a16f-414c-bd8d-65a8350f66da
x-runtime: 0.002609
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
etag: W/"af5fd803088fcdc627e5cd97fb88d7fc"
x-download-options: noopen
access-control-max-age: 0
access-control-allow-methods: GET, POST, DELETE, PATCH, PUT, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
349 B 53ms
32ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1631548529739

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/main.20f949ea90143563b0fc.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 13 Sep 2021 15:55:29 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://account.joinroot.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: clear
content-length: 1

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame BF09 39 KB
20 KB 37ms
37ms Document
text/html 74.125.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=p1mw8h8ksixv

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f105.1e100.net

Software

GSE /

Resource Hash

803f09b8bc05bac69d1e96850e7bc0ed52c807c0abe5d474164cd3875d706a21

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LZD2H40Bei7PVVdU2h8QmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=p1mw8h8ksixv
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://account.joinroot.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 13 Sep 2021 15:55:29 GMT
content-security-policy: script-src 'report-sample' 'nonce-LZD2H40Bei7PVVdU2h8QmA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20124
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame BF09 52 KB
25 KB 48ms
23ms Stylesheet
text/css 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=p1mw8h8ksixv

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 21:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584473
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 21:34:16 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/ Frame BF09 343 KB
134 KB 60ms
36ms Script
text/javascript 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 06:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137529
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 17:56:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 12 Sep 2022 06:06:20 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BF09 2 KB
2 KB 24ms
23ms Image
image/png 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 22:22:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 581591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Mon, 13 Sep 2021 22:22:19 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF09 15 KB
15 KB 26ms
20ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 09:05:52 GMT
x-content-type-options: nosniff
age: 456578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 09:05:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BF09 15 KB
15 KB 28ms
22ms Font
font/woff2 66.102.1.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.102.1.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wb-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 23:24:48 GMT
x-content-type-options: nosniff
age: 491442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 23:24:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame BF09 102 B
134 B 20ms
20ms Other
text/javascript 74.125.140.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.140.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f105.1e100.net

Software

GSE /

Resource Hash

0341c3af156a77bb38505ad7e31d748795d4177b15f58d79bff63b2f5e76cae9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N&co=aHR0cHM6Ly9hY2NvdW50LmpvaW5yb290LmNvbTo0NDM.&hl=de&v=wxAi4AKLXL2kBAvXqI4XLSWS&size=invisible&cb=p1mw8h8ksixv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 13 Sep 2021 15:55:30 GMT

GET
H2 200 tracking.js Show response
account.joinroot.com/ Frame 37B0 811 B
1 KB 10ms
10ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/tracking.js?v=1

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4fb681be4d53c22c49f0bf920dc10c1d3f0033239eccf4c7c90f5b98c7ea8b33

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /tracking.js?v=1
pragma: no-cache
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/tracking-iframe.html?parentURL=https%3A%2F%2Faccount.joinroot.com%2F&referrer=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:05 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1346
etag: "39660e6e228f1bc95e34bc65a61cf6b5"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: .54E2ZzLwt4GJ_tHIFb52KNxlkES4YQf
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 811
x-amz-cf-id: klmeNv-RM9BaPu5zYGwGCPGZSe5GkMxMJd4StNKl_AuWd3nctYTGOA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 37B0 235 KB
71 KB 82ms
42ms Script
application/javascript 64.233.184.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

c432a688efce55f90136f5794d86e6ed3f8b3c5cab3d7e0ebc649d8b15442cf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72281
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Sep 2021 15:55:30 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 37B0 130 KB
51 KB 94ms
66ms Script
application/javascript 64.233.184.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

60f9b407e2f4dea2b75f5c895d7100af9350b004fa29b58e43a3b2778e596e10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51870
x-xss-protection: 0
expires: Mon, 13 Sep 2021 15:55:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 37B0 48 KB
20 KB 114ms
49ms Script
text/javascript 64.233.184.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K6HV2KF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.184.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4531
date: Mon, 13 Sep 2021 14:39:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 13 Sep 2021 16:39:59 GMT

GET
H2

200

web-vitals.umd.js Show response
unpkg.com/web-vitals@2.1.0/dist/ Frame 37B0
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@2.1.0
https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

4 KB
2 KB

29ms
29ms

Script
application/javascript

104.16.122.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@2.1.0/dist/web-vitals.umd.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.122.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1194367
fly-request-id: 01FECAWHK9G86N4N4RNV00JE1D
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"11c8-h8MN9BiDN1TuDYM8xSzz31D62dA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 68e28f6b7e0f4126-PRG

Redirect headers

date: Mon, 13 Sep 2021 15:55:30 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01F9J6MPHHP0N06WNCQNZKDYJ0
server: cloudflare
age: 6366192
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /web-vitals@2.1.0/dist/web-vitals.umd.js
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 68e28f6b3da64126-PRG
access-control-allow-origin: *

POST
H2 204 collect
analytics.google.com/g/ Frame 37B0 0
371 B 77ms
27ms Ping
text/plain 64.233.166.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-36Q9N6NZ6P&gtm=2oe910&_p=1397984835&sr=1600x1200&_gaz=1&ul=en-us&cid=1789450361.1631548530&_s=1&dl=https%3A%2F%2Faccount.joinroot.com%2F&dt=&sid=1631548530&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.166.101 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wm-in-f101.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 15:55:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame 37B0 0
47 B 71ms
21ms Ping
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-36Q9N6NZ6P&cid=1789450361.1631548530&gtm=2oe910&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-36Q9N6NZ6P&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 15:55:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 37B0 2 B
22 B 30ms
14ms XHR
text/plain 64.233.184.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1397984835&t=pageview&_s=1&dl=https%3A%2F%2Faccount.joinroot.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YADAAEABAAAAAC~&jid=1566587897&gjid=1116604092&cid=1789450361.1631548530&tid=UA-147611765-1&_gid=1159817037.1631548530&_r=1&gtm=2wg910K6HV2KF&z=2122701663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.184.113 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wa-in-f113.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 13 Sep 2021 15:55:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 37B0 1 B
463 B 22ms
21ms XHR
text/plain 142.251.5.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-147611765-1&cid=1789450361.1631548530&jid=1566587897&gjid=1116604092&_gid=1159817037.1631548530&_u=YADAAEAAAAAAAC~&z=766637156

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 13 Sep 2021 15:55:30 GMT
content-type: text/plain
access-control-allow-origin: https://account.joinroot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 726.a7bbffb0527910c412a7.bundle.js Show response
account.joinroot.com/ 7 KB
3 KB 15ms
14ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/726.a7bbffb0527910c412a7.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/runtime.b8fc43ec9bb433456baf.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e2b8cc9be68456ecc01c9a408136b5ff3ff17edad875442d64f73e44446f406d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /726.a7bbffb0527910c412a7.bundle.js
pragma: no-cache
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.725217126.1631548530; _ga_36Q9N6NZ6P=GS1.1.1631548530.1.0.1631548530.60; _ga=GA1.2.1789450361.1631548530; _gid=GA1.2.1159817037.1631548530; _gat_UA-147611765-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:06 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:09 GMT
server: AmazonS3
age: 1345
etag: W/"94b9c1bcb3699c1764fadb1625e93a03"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: .zquAlu5O0X5U.8Ytf5nV8G96lk8dORx
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: xFJuudpJBR189cDqOmSn4KY3I2F7iHtnfD174rqzYClVM_negDcENw==

GET
H2 200 255.f6032ce5f9edb3f4503b.bundle.js Show response
account.joinroot.com/ 7 KB
3 KB 16ms
15ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/255.f6032ce5f9edb3f4503b.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/runtime.b8fc43ec9bb433456baf.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

468ce3aa3c1025cead4bf1048f80409b8dea878f8ed9ee3cd6a84695c15ef60e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /255.f6032ce5f9edb3f4503b.bundle.js
pragma: no-cache
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.725217126.1631548530; _ga_36Q9N6NZ6P=GS1.1.1631548530.1.0.1631548530.60; _ga=GA1.2.1789450361.1631548530; _gid=GA1.2.1159817037.1631548530; _gat_UA-147611765-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:06 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:08 GMT
server: AmazonS3
age: 1345
etag: W/"5e0d0910c0b4a3f4857ea35680f8e851"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: J1VALCVibyl_sTAHpFZUBYzsHWbbZSUa
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: YBgCWY_wcXCNp6RB6ohCZTGtrJlVmzqbcw0YilRavJLnTSleHHQEhQ==

GET
H2 200 login.08a8ee29d57071ae5ad1.bundle.js Show response
account.joinroot.com/ 24 KB
9 KB 15ms
15ms Script
application/javascript 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/login.08a8ee29d57071ae5ad1.bundle.js

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/runtime.b8fc43ec9bb433456baf.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

858080ad7178b6095333e3d3bd39ba2006383f5a2bf2dbfbece471dc353729d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

:path: /login.08a8ee29d57071ae5ad1.bundle.js
pragma: no-cache
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.725217126.1631548530; _ga_36Q9N6NZ6P=GS1.1.1631548530.1.0.1631548530.60; _ga=GA1.2.1789450361.1631548530; _gid=GA1.2.1159817037.1631548530; _gat_UA-147611765-1=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: account.joinroot.com
referer: https://account.joinroot.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:06 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1345
etag: W/"41de97fc10cbb3b6a4fbf5908625fd3c"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: Y_EjozFdn0vxdoM5krrCgNW2ghdyxwio
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
content-type: application/javascript
x-amz-cf-id: 0M6fJHpRtXSm1vuBSS8RQ8NT5BpT7ywhUhAmVtDqEpnT3CXvvPrYyQ==

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 1 B
68 B 32ms
31ms XHR
application/json 35.186.241.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?ip=1&_=1631548530516

Requested by

Host: account.joinroot.com
URL: https://account.joinroot.com/main.20f949ea90143563b0fc.bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

51.241.186.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://account.joinroot.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
via: 1.1 google
server: envoy
access-control-allow-headers: X-Requested-With
date: Mon, 13 Sep 2021 15:55:30 GMT
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://account.joinroot.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
alt-svc: clear
content-length: 1

GET
H2 200 5e30732e3d1eb736da94.woff2
account.joinroot.com/ 27 KB
28 KB 14ms
14ms Font
binary/octet-stream 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/5e30732e3d1eb736da94.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

cbc052644815e2f2ac9e089e65ad03050b81892ab408cbc0b6605816b7180c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-fetch-mode: cors
origin: https://account.joinroot.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.725217126.1631548530; _ga_36Q9N6NZ6P=GS1.1.1631548530.1.0.1631548530.60; _ga=GA1.2.1789450361.1631548530; _gid=GA1.2.1159817037.1631548530; _gat_UA-147611765-1=1
:path: /5e30732e3d1eb736da94.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: account.joinroot.com
referer: https://account.joinroot.com/login/password
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://account.joinroot.com/login/password
Origin: https://account.joinroot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:06 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 14:46:09 GMT
server: AmazonS3
age: 1345
etag: "f5a06a7f60efb2c82c5cf9ae18e9a80f"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: do5eFQj3_.XfYCuEM2p1w8FBR4iDYnsK
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 28072
x-amz-cf-id: aeK20XKx0Icpu2K_v-NZ610MgCulnZ1PWNAD5R0b5QXYoFFTQr6j0Q==

GET
H2 200 e1f0023e2d87e261f9a7.woff2
account.joinroot.com/ 25 KB
26 KB 12ms
11ms Font
binary/octet-stream 13.32.22.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://account.joinroot.com/e1f0023e2d87e261f9a7.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.22.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-22-124.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c4aaed2fcfd461ea5b16366ff5d42c5edc9e828cdea71a6cad3151cdae7b8b99

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Request headers

sec-fetch-mode: cors
origin: https://account.joinroot.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: __r.root_id_production=4acff6a9-8c07-4f54-b2e5-23723c355527; mp_a06702c68966ec7a9f48a4042086ad16_mixpanel=%7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D; _gcl_au=1.1.725217126.1631548530; _ga_36Q9N6NZ6P=GS1.1.1631548530.1.0.1631548530.60; _ga=GA1.2.1789450361.1631548530; _gid=GA1.2.1159817037.1631548530; _gat_UA-147611765-1=1
:path: /e1f0023e2d87e261f9a7.woff2
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: */*
cache-control: no-cache
:authority: account.joinroot.com
referer: https://account.joinroot.com/login/password
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://account.joinroot.com/login/password
Origin: https://account.joinroot.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 13 Sep 2021 15:33:06 GMT
via: 1.1 fdc45b521af7652438141328494a79d3.cloudfront.net (CloudFront)
last-modified: Mon, 13 Sep 2021 14:46:10 GMT
server: AmazonS3
age: 1344
etag: "70f85e3ca4cda5862e4d640ce1b45581"
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: Hit from cloudfront
x-amz-version-id: VbLQzstQAVXOEv6HnqacfelBGoYcVDx1
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 26040
x-amz-cf-id: 3P4CqL5EK2RN5h-NoqmLFAD-c5N4as2CZlOFVpHVsmxllBVUkMRFNA==

GET
H/1.1 200
OK /
d.agkn.com/pixel/10682/ Frame 37B0 43 B
593 B 160ms
8ms Image
image/gif 18.194.175.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10682/?che=[cachebuster]&dstid=17bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.175.178 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-175-178.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 13 Sep 2021 15:55:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr
www.facebook.com/ Frame 37B0 44 B
313 B 179ms
35ms Image
image/gif 185.60.218.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=708216306666670&ev=PageView&cd[order_id]=17bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.218.35 Bucharest, Romania, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-otp1.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://account.joinroot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:55:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 13 Sep 2021 15:55:30 GMT

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.joinroot.com/	1970-01-20 05:58:04	Name: __r.root_id_production Value: 4acff6a9-8c07-4f54-b2e5-23723c355527
.joinroot.com/	1970-01-20 05:58:04	Name: mp_a06702c68966ec7a9f48a4042086ad16_mixpanel Value: %7B%22distinct_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24device_id%22%3A%20%2217bdfdedc4522f-0fea66a4c553f1-c343365-1d4c00-17bdfdedc467e4%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.joinroot.com/	1970-01-19 23:22:04	Name: _gcl_au Value: 1.1.725217126.1631548530
.joinroot.com/	1970-01-20 14:43:40	Name: _ga_36Q9N6NZ6P Value: GS1.1.1631548530.1.0.1631548530.60
.joinroot.com/	1970-01-20 14:43:40	Name: _ga Value: GA1.2.1789450361.1631548530
.joinroot.com/	1970-01-19 21:13:54	Name: _gid Value: GA1.2.1159817037.1631548530
.joinroot.com/	1970-01-19 21:12:28	Name: _gat_UA-147611765-1 Value: 1
.agkn.com/	1970-01-20 05:58:04	Name: ab Value: 0001%3AGVW0XGwwN9or73wv849CAlDzQxGWe3wI
.agkn.com/	1970-01-20 05:58:04	Name: u Value: C\|0CAAo0jDyKNIw8gAAAAAAAT9NAAAAAA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://account.joinroot.com/(Line 20) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://account.joinroot.com/(Line 20) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.google.com/recaptcha/enterprise.js?render=6LdVKlUaAAAAACa_rAfOJORtNqIVO6Jvq2qLHt1N, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.joinroot.com
analytics.google.com
api-js.mixpanel.com
app.joinroot.com
d.agkn.com
fonts.gstatic.com
sentry.io
stats.g.doubleclick.net
unpkg.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
104.16.122.175
13.32.22.124
142.251.5.155
18.194.175.178
185.60.218.35
35.186.241.51
35.188.42.15
52.3.60.18
64.233.166.101
64.233.184.113
64.233.184.97
66.102.1.94
74.125.140.105
0341c3af156a77bb38505ad7e31d748795d4177b15f58d79bff63b2f5e76cae9
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
19d4866f60b8a66d56441ee3f4afee5b8a90494d8813a8d26c96405671eb6465
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468ce3aa3c1025cead4bf1048f80409b8dea878f8ed9ee3cd6a84695c15ef60e
4d1c6fe5d32843eeb67bd776b26595160259ada498bf6bce42f265aa59a7673d
4fb681be4d53c22c49f0bf920dc10c1d3f0033239eccf4c7c90f5b98c7ea8b33
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
60f9b407e2f4dea2b75f5c895d7100af9350b004fa29b58e43a3b2778e596e10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78593afb41e988a7afe6f38f05aa0d4043dfe2df674d000f18a7b6e26fbc8df4
803f09b8bc05bac69d1e96850e7bc0ed52c807c0abe5d474164cd3875d706a21
8480a1b8e619010528212d730e25bb56a4dcb1fd4ce589403d8cf8c10e894d06
858080ad7178b6095333e3d3bd39ba2006383f5a2bf2dbfbece471dc353729d8
9fa68c3125723dcba1c022646813d786bd411aaedf34d2f7c1133e75e01c0709
af5fd803088fcdc627e5cd97fb88d7fcbbb02a705f38fd48b1ab5f4ffca50ae8
c432a688efce55f90136f5794d86e6ed3f8b3c5cab3d7e0ebc649d8b15442cf2
c4aaed2fcfd461ea5b16366ff5d42c5edc9e828cdea71a6cad3151cdae7b8b99
cbc052644815e2f2ac9e089e65ad03050b81892ab408cbc0b6605816b7180c0a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0b46cbe366215edb091601be5bc4e945a2d8cb71e680d0b81a5855f40b12623
d100dc4a38f9a4574b588dc16b0ab057f2610de2eec71ecdeb23eed75e41a9c1
d58fa090f4897b0de6bf881c737d4f58f1f7ddabea17441a733f70d0761f462a
d7a78cbcb8685ba90290499f357397b44045a862e70eb8ea995b11a5618fc6cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def79ea98e77fd4eec5926bc85e34f281e83881b98af9111c4e8950bbf3db6d0
e2b8cc9be68456ecc01c9a408136b5ff3ff17edad875442d64f73e44446f406d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

account.joinroot.com Open in urlscan Pro 13.32.22.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

0 %IPv6

11 Domains

14 Subdomains

13 IPs

4 Countries

752 kBTransfer

1947 kBSize

9 Cookies

4 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

account.joinroot.com Open in urlscan Pro
13.32.22.124 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

0 %
IPv6

11
Domains

14
Subdomains

13
IPs

4
Countries

752 kB
Transfer

1947 kB
Size

9
Cookies

38 HTTP transactions
0 data transactions