treeclicks.com

HTML metadata

Title

TreeClicks - Free Tree Planting Chrome Browser Extension

Description

TreeClicks is a free browser extension & app that plants trees when you shop through our plugin at our affiliated partners. Available for Chrome, Safari, Firefox, iOS, etc.

Language

en

Canonical

https://www.treeclicks.com

Translations

en
nl

Open Graph

title: TreeClicks - Free Tree Planting Chrome Browser Extension
site name: TreeClicks
description: TreeClicks is a free browser extension & app that plants trees when you shop through our plugin at our affiliated partners. Available for Chrome, Safari, Firefox, iOS, etc.

Technology

Server: Apache
Stack: Laravel

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×1

Social

Registration

Registrar

NameCheap, Inc.

Created

2019-05-08

Expires

2027-05-08 341 days left

Updated

2026-04-08

Name servers

pdns1.registrar-servers.com
pdns2.registrar-servers.com

DNS records live

NS

pdns1.registrar-servers.com
pdns2.registrar-servers.com

MX

10 mx1.privateemail.com
10 mx2.privateemail.com

Verified for

Google

Email authentication strong

SPF

v=spf1 include:spf.privateemail.com ~all

softfail (~all)

DMARC

v=DMARC1;p=reject;sp=quarantine;pct=100;rua=mailto:dmarcreports@treeclicks.com

policy: reject (enforced) · sp=quarantine

DKIM

default: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj1GzLDCxFKeP8LfAYcUUkWdb+IYk/3MMN0FiWtifiB7lyQGd4E6PI/UqxITQa6BSZ5pa7l2MFPdQezO…
s1: k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukB7fREKOZ3mm+eup2KfKJqLFKWE+3Oah6ERSW9ExzxmhztwUTj4LFrYnheR6eOlLY69ejfbkrys6rqZIU…
s2: k=rsa; t=s; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+rP6QODGrn8La3VemnLGMp57cAJwC5JCyIBUOMYJ4Ke40iNGEG4iCtWLpwUhCH1L/bmf8/bDjRf6oL7Wa/Yg21c…

selectors probed

Certificate (current)

R13

from 2026-05-18 to 2026-08-16

Expires in 76 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 85/100 Checked live page: https://www.treeclicks.com/

present

strict-transport-security
content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: font-src 'self' https://fonts.googleapis.com; media-src 'self'; default-src 'none'; manifest-src 'self'; script-src 'self' 'nonce-CjGe5Lak35fcFx0dPuOcqRsieJhI0954' https://www.googleoptimize.com https://www.googletagmanager.com https://cdn.iubenda.com https://www.iubenda.com https://cs.iubenda.com https://assets.pinterest.com; img-src * data:; style-src 'self' 'unsafe-inline' https://optimize.google.com; frame-src https://www.youtube-nocookie.com https://optimize.google.com 'self'; connect-src 'self' https://hits-i.iubenda.com https://www.google-analytics.com https://stats.g.doubleclick.net https://region1.analytics.google.com https://region1.analytics.google.com; frame-ancestors 'self';
strict-transport-security: max-age=31536000; includeSubDomains