newleafdebt.ca Open in urlscan Pro
2606:4700:7::a29f:872a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.newleafdebt.ca/
Effective URL:
https://newleafdebt.ca/
Submission: On November 26 via api (November 26th 2024, 3:37:44 pm UTC) from US — Scanned from CA

Summary HTTP 73 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 29 IPs in 1 countries across 25 domains to perform 73 HTTP transactions. The main IP is 2606:4700:7::a29f:872a, located in United States and belongs to CLOUDFLARENET, US. The main domain is newleafdebt.ca.
TLS certificate: Issued by WE1 on November 5th 2024. Valid for: 3 months.

This is the only time newleafdebt.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700:7::... 2606:4700:7::a29f:872a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b330	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
5	2606:4700:440... 2606:4700:4400::ac40:93bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:21b... 2600:9000:21b8:d000:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	172.67.185.13 172.67.185.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:e663	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:8::1728:b323	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80c::2003	15169 (GOOGLE) (GOOGLE)
3	23.51.57.192 23.51.57.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.66.42.219 172.66.42.219	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	52.218.180.128 52.218.180.128	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800b... 2620:116:800b:21:a021:b886:81cc:55cf	14618 (AMAZON-AES) (AMAZON-AES)
2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	13.92.193.110 13.92.193.110	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:21d... 2600:9000:21dd:b600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	52.43.156.40 52.43.156.40	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
1	192.184.68.228 192.184.68.228	14618 (AMAZON-AES) (AMAZON-AES)
3	35.85.234.128 35.85.234.128	16509 (AMAZON-02) (AMAZON-02)
1 6	34.226.171.123 34.226.171.123	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:21d... 2600:9000:21dd:1600:1c:7f1a:6680:93a1	16509 (AMAZON-02) (AMAZON-02)
73	29

14 2606:4700:7::a29f:872a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.newleafdebt.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newleafdebt.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b330 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:21b8:d000:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.185.13 (United States)

ASN13335 (CLOUDFLARENET, US)

resources.venturetechsolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:e663 (United States)

ASN13335 (CLOUDFLARENET, US)

instant.page	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:8::1728:b323 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.51.57.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-192.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.66.42.219 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.consolidatedcredit.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.218.180.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800b:21:a021:b886:81cc:55cf (United States) 1 redirects

ASN14618 (AMAZON-AES, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.92.193.110 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

marketingapi.vtgr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:b600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.43.156.40 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-156-40.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-venturetechsolutions.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.com.mt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.184.68.228 (United States)

ASN14618 (AMAZON-AES, US)

pixel-ssn.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.85.234.128 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-234-128.us-west-2.compute.amazonaws.com

home-c33.nice-incontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.226.171.123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-171-123.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21dd:1600:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	newleafdebt.ca 1 redirects www.newleafdebt.ca newleafdebt.ca	318 KB
8	trustedform.com 1 redirects api.trustedform.com — Cisco Umbrella Rank: 25036 cdn.trustedform.com — Cisco Umbrella Rank: 28749	45 KB
5	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3405 wave.outbrain.com — Cisco Umbrella Rank: 4277 tr.outbrain.com — Cisco Umbrella Rank: 3357	11 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	464 KB
5	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 13952	27 KB
5	fontawesome.com pro.fontawesome.com — Cisco Umbrella Rank: 5846	467 KB
4	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
3	nice-incontact.com home-c33.nice-incontact.com — Cisco Umbrella Rank: 137059	4 KB
3	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1536 pixel.quantserve.com — Cisco Umbrella Rank: 1059 pixel-ssn.quantserve.com — Cisco Umbrella Rank: 51440	11 KB
3	venturetechsolutions.com resources.venturetechsolutions.com	92 KB
2	cloudfunctions.net us-central1-venturetechsolutions.cloudfunctions.net	32 B
2	trustedsite.com 1 redirects www.trustedsite.com — Cisco Umbrella Rank: 23332	1 KB
2	gstatic.com fonts.gstatic.com	66 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 29	32 KB
2	typekit.net use.typekit.net — Cisco Umbrella Rank: 460 p.typekit.net — Cisco Umbrella Rank: 571	1 KB
1	google.com.mt www.google.com.mt — Cisco Umbrella Rank: 43477	409 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 135	545 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4108
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1552	1 KB
1	vtgr.net marketingapi.vtgr.net	824 B
1	youtube.com www.youtube.com — Cisco Umbrella Rank: 79
1	consolidatedcredit.org cdn.consolidatedcredit.org	26 KB
1	instant.page instant.page — Cisco Umbrella Rank: 21484	1 KB
0	Failed function sub() { [native code] }. Failed
73	25

	Domain	Requested by
13	newleafdebt.ca	newleafdebt.ca ajax.googleapis.com
6	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
5	www.googletagmanager.com	newleafdebt.ca www.googletagmanager.com resources.venturetechsolutions.com
5	cdn.ywxi.net	newleafdebt.ca
5	pro.fontawesome.com	newleafdebt.ca pro.fontawesome.com
4	s3-us-west-2.amazonaws.com	cdn.ywxi.net
3	home-c33.nice-incontact.com	www.googletagmanager.com home-c33.nice-incontact.com
3	resources.venturetechsolutions.com	newleafdebt.ca cdn.consolidatedcredit.org resources.venturetechsolutions.com
2	cdn.trustedform.com	api.trustedform.com
2	us-central1-venturetechsolutions.cloudfunctions.net	newleafdebt.ca
2	www.trustedsite.com	1 redirects newleafdebt.ca
2	tr.outbrain.com	amplify.outbrain.com
2	amplify.outbrain.com	newleafdebt.ca amplify.outbrain.com
2	fonts.gstatic.com	fonts.googleapis.com
2	region1.google-analytics.com	www.googletagmanager.com
1	pixel-ssn.quantserve.com	newleafdebt.ca
1	pixel.quantserve.com	1 redirects
1	www.google.com.mt	newleafdebt.ca
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	marketingapi.vtgr.net	cdn.consolidatedcredit.org
1	wave.outbrain.com	amplify.outbrain.com
1	secure.quantserve.com	newleafdebt.ca
1	www.youtube.com	newleafdebt.ca
1	cdn.consolidatedcredit.org	newleafdebt.ca
1	p.typekit.net	use.typekit.net
1	fonts.googleapis.com	newleafdebt.ca
1	instant.page	newleafdebt.ca
1	ajax.googleapis.com	newleafdebt.ca
1	use.typekit.net	newleafdebt.ca
1	www.newleafdebt.ca	1 redirects
0	truncated Failed
73	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
members.newleafdebt.ca

Subject Issuer	Validity	Valid
newleafdebt.ca WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-17` - `2025-11-17`	a year	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-01-27`	6 months	crt.sh
*.ywxi.net Amazon RSA 2048 M02	`2024-05-05` - `2025-06-03`	a year	crt.sh
resources.venturetechsolutions.com WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
instant.page WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
consolidatedcredit.org WE1	`2024-10-17` - `2025-01-15`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-11-14` - `2025-11-11`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
quantserve.com R11	`2024-10-22` - `2025-01-20`	3 months	crt.sh
*.vtgr.net Go Daddy Secure Certificate Authority - G2	`2023-11-28` - `2024-12-29`	a year	crt.sh
misc.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.com.mt WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.nicecxone.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-07-29`	a year	crt.sh
*.trustedform.com Amazon RSA 2048 M02	`2024-07-10` - `2025-08-06`	a year	crt.sh
cdn.trustedform.com Amazon RSA 2048 M03	`2024-02-13` - `2025-03-13`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://newleafdebt.ca/
Frame ID: F664043C1B0099A9336BFD8C8620ACDF
Requests: 69 HTTP requests in this frame

Frame: https://www.youtube.com/embed/I_ycY6kKBdo?wmode=opaque&rel=0&showinfo=0
Frame ID: 5144BD26DFEA95EDC7DEDDDDE7E73607
Requests: 1 HTTP requests in this frame

Frame: https://home-c33.nice-incontact.com/inContact/ChatClient/ChatClient.aspx?poc=fc171aab-40b4-4677-ae6d-aff3fb44b095&bu=4598740
Frame ID: 82FC036C63DF91019CE33BE8ACB6E0D5
Requests: 1 HTTP requests in this frame

Frame: https://home-c33.nice-incontact.com/inContact/ChatClient/chatButton.html
Frame ID: 1CC61A4D6FC758C56B7033064393989B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Out of Debt and Revitalize Your Finances – New Leaf Debt Solutions

Page URL History Show full URLs

http://www.newleafdebt.ca/ HTTP 307
https://www.newleafdebt.ca/ HTTP 301
https://newleafdebt.ca/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

93 %
HTTPS

64 %
IPv6

25
Domains

33
Subdomains

29
IPs

1
Countries

1568 kB
Transfer

3831 kB
Size

24
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/NewLeafDebt
Title: New Leaf Facebook Page Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/NewLeafDebt
Title: New Leaf Twitter Page Twitter

Search URL Search Domain Scan URL

URL: https://members.newleafdebt.ca/
Title: Members

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.newleafdebt.ca/ HTTP 307
https://www.newleafdebt.ca/ HTTP 301
https://newleafdebt.ca/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966 HTTP 302
https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966&hash=1732635458392

Request Chain 56

https://pixel.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635458262;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%2Cdescription.New%20Leaf%20Debt%20Solutions%20provides%20consumer%20credit%20counselling%20services%20to%20help%20yo%2Curl.https%3A%2F%2Fnewleafdebt%252Eca%2F%2Csite_name.New%20Leaf%20Debt%20Solutions%252C%20Inc%252E;ses=f35f80d4-1fe3-4b4e-8768-a127cf9fe465;d=newleafdebt.ca;uht=2;fpan=1;fpa=P0-351536829-1732635458267;pbc=;gdpr=0;mdl= HTTP 302
https://pixel-ssn.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635458262;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%2Cdescription.New%20Leaf%20Debt%20Solutions%20provides%20consumer%20credit%20counselling%20services%20to%20help%20yo%2Curl.https%3A%2F%2Fnewleafdebt%252Eca%2F%2Csite_name.New%20Leaf%20Debt%20Solutions%252C%20Inc%252E;ses=f35f80d4-1fe3-4b4e-8768-a127cf9fe465;d=newleafdebt.ca;uht=2;fpan=1;fpa=P0-351536829-1732635458267;pbc=;gdpr=0;mdl=;dip=a75d44fb-74e2-4836-8911-a75b2240916c

Request Chain 58

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058 HTTP 301
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
newleafdebt.ca/
Redirect Chain

http://www.newleafdebt.ca/
https://www.newleafdebt.ca/
https://newleafdebt.ca/

182 KB
27 KB

115ms
93ms

Document
text/html

2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb18b68200c2f25a8646611b88ed3430af0b002067ddd4e18f8e6bef36c0f8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 2032
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, s-maxage=10800
cf-cache-status: HIT
cf-ray: 8e8af5f15d7c8c4e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 15:37:36 GMT
ki-cache-tag: 9e3d5edf-1b20-46e4-a3cf-b95b4dc34bc8,294573aefb8557c4ddd367a5bdfe08148cd2539ce6ec8ddd040a991250f57fec
ki-cache-type: Edge
ki-cf-cache-status: HIT
ki-edge: v=20.2.8;mv=3.1.6
ki-origin: g1p
last-modified: Tue, 26 Nov 2024 15:03:44 GMT
link: <https://newleafdebt.ca/wp-json/>; rel="https://api.w.org/", <https://newleafdebt.ca/wp-json/wp/v2/pages/2>; rel="alternate"; title="JSON"; type="application/json", <https://newleafdebt.ca/>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=km02mVLn68MkCIgh81uJtLwb0%2BmbxADcRhqfw%2FE0UvtBJwOLdTkIxmz8uX0nr6U2HOmqMTB1OaW65oaPPIA%2F807UQjO45cJxfT5SzQ60PN38Flb0N6ljgkgDCmyc2qaqDDmNfgDkOihklBnk"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT
x-pingback: https://newleafdebt.ca/xmlrpc.php

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 8e8af5ecdfec8c4e-EWR
content-type: text/html; charset=UTF-8
date: Tue, 26 Nov 2024 15:37:36 GMT
ki-cf-cache-status: BYPASS
ki-edge: v=20.2.8;mv=3.1.6
ki-origin: g1p
location: https://newleafdebt.ca/
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuhskfuM4YLAhSeNKsGCPpo1ggt%2FD%2FStNstJ%2FDolsWK5SQVcgF6MTnKJdo2lLv0mL1Nz0kOKkhrXUrZmZzk8VtW8asERcxxOwRQMRLFfFrAFgkeNg0jm2qA2HeeWbbh0Cb%2FgRlZCkmLyZ3w2PrOWgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: EXPIRED
x-pingback: https://newleafdebt.ca/xmlrpc.php
x-redirect-by: WordPress

GET
H2 200 style.min.css
newleafdebt.ca/wp-includes/css/dist/block-library/ 110 KB
16 KB 97ms
86ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66e0cb53-1b72b"
age: 13702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXhlJ%2F7qzna7SE6%2FveK8uZG350X64yIbx2KjMRoWf4AvA3wzleQxpYZd8JeGVbneMMTVjeChB4YFisqZyPnG3L6txu11OsT84wn9e6Eg9A4Y7q5fGEZm7dl6CPF6XBAtQRzGuUNSyjT1%2F5qc"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,5021e096b4a808fbb77e642cb17ae9c63a61c4af464dedc41130d3c7e83e972f
last-modified: Tue, 10 Sep 2024 22:42:27 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f22e868c4e-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 style.css
newleafdebt.ca/wp-content/themes/new-leaf-theme/ 4 KB
2 KB 102ms
92ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/style.css

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

251c4cae4784d7e1f33c5c9206b54da4a189620ed54cb7cac80179f5ffe79b7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62ed4349-f15"
age: 13702
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gJd9M8ufKY%2FP0qssMVLKDFrIXYcbRKYF8G09B6A9EeriycFKDhuhDrkvUNNjPKoJRLe2dCZBjSvig%2BbRcKYZLddLfTc9Zt%2FdHj6RohRLZoE2TOo3IuH%2B0g5WSLtNeeUePrTdTJSPx6q2us5u"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,77e8e081549166e6d66ee15d1ce463bfe8dca1467b85eebb8b528a17615e79d3
last-modified: Fri, 05 Aug 2022 16:20:25 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f22e8a8c4e-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 lzc6yqs.css
use.typekit.net/ 3 KB
956 B 322ms
118ms Stylesheet
text/css 2600:141b:1c00:8::1728:b330
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lzc6yqs.css

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:8::1728:b330 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

nginx /

Resource Hash

41dd584cd78ebaf53cce58c95d85bd5ae5cc1e8407adb2dca3774f04ec6e6426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 732
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css;charset=utf-8
vary: Accept-Encoding
server: nginx

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.5.0/css/ 71 KB
15 KB 270ms
92ms Stylesheet
text/css 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b03898672d84cf2362e40d6459d9ade748ecd338ffbeeee256e07630bd07e48c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: max-age=31556926
content-encoding: gzip
cf-cache-status: HIT
etag: W/"75f13e3f5bea848834d983b9f682aa15"
age: 22291388
x-amz-request-id: T0W7GQA3VG3TZ83C
cf-ray: 8e8af5f35967de94-EWR
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css
last-modified: Mon, 28 Jun 2021 17:28:43 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: mVt9CPrH2FiwdkZv1NqOEjHUxlPM0gzRHHtolFeObaL5l5PhVQX6SiMsMwjAYsN+GS9HTPYXCuCs0eaMr8meIQ==

GET
H2 200 bundle.min.css
newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/ 345 KB
61 KB 99ms
96ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53f95eebfae670eda32de877cae22d3175cea515b65dcae2bb5182c62b855db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"656f474f-56207"
age: 1819116
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T0TikZ1EyaaH3JuK3uglAHq7nq%2FIKpQW7w%2BMoDUeQ2h%2BeezZDjPLdvtZtbUCmaQkjFHEuG9MAUZuDsYEu0YxDPWUCTSf17CCUDz1bcvqonEB72KF2jaJYfB1vwsB8jtLhfFXt%2BdS7vkJUD%2B%2B"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,9987aa5d89284b8f90fc9377101f47ca38e7899d52797f0d07d438d06edff984
last-modified: Tue, 05 Dec 2023 15:52:47 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f24eb28c4e-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 New-Leaf-Logo-final-350x100.jpg
newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/ 30 KB
31 KB 109ms
107ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/New-Leaf-Logo-final-350x100.jpg

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7a3c58cb79d9607ced999f2ee276c9c774514d356b8352a3f21ff7bc6c10ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cf-cache-status: HIT
etag: "5db8890a-786b"
age: 2311620
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no0vBIn3JhELs1voWZBebSGrs4HjnxqZZbhZ0pd3tM0FUHNuyAPOr0KZNXFVlg7XcWOGdxig7885irWx4Vi53%2FGSVStMSJYDqhHjZCpo7mJIs%2FypVNzrvs6fx%2Fto5WsHuP8JH4C2%2FakYfPr0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2019 18:46:34 GMT
vary: Accept-Encoding
ki-origin: g1p
ki-cf-cache-status: HIT
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,f6416b9ac70ba38f347614196c6895974a5e5f9444fb0ea3e7a2388521605e3b
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f24eb88c4e-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30827
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 inline.js Show response
cdn.ywxi.net/js/ 8 KB
3 KB 249ms
58ms Script
text/javascript 2600:9000:21b8:d000:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/inline.js?w=90

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b8:d000:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

b74febbae5701192e8db637177f2401987dd4201a6daf7f175e7648674e0bc85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
age: 2972
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
expires: Tue, 26 Nov 2024 15:48:04 GMT
x-cache: Hit from cloudfront
content-length: 2978
x-amz-cf-id: guqrtHWss2ilauUmNQAs8-683NvJmYGvGR0za0escHat75Ugaa6lQg==
date: Tue, 26 Nov 2024 14:48:04 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: JFK52-P9
server: Apache

GET
H3 200 bundle.min.js Show response
resources.venturetechsolutions.com/calculators/vt-dmp-calculator/ 263 KB
83 KB 197ms
42ms Script
application/javascript 172.67.185.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.venturetechsolutions.com/calculators/vt-dmp-calculator/bundle.min.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a28483dbcf8679519c38f69cca186c3a0c534408105051e6bee64a329321721d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

server: cloudflare
content-encoding: gzip
cf-cache-status: HIT
etag: W/"6605d6e3-41bb9"
age: 2229352
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KAxRi67Tzvj%2F8f6o8JXZ27AnNHnWrVFCIirB7drW1HicQOLeHg%2F0XGeUnwBeaR8szP1KItkbLRtOYbPgNvzTOczOJnlvNWZ0Bsl%2BPZVGtqIikG1bc0uSkQqAHd3wDLpHUodQjgJVp5tFcnydUftfgyfvI6g%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28771&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4207&recv_bytes=4292&delivery_rate=100009&cwnd=12000&unsent_bytes=0&cid=8128340eb92cc8b0&ts=53&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
priority: u=2,i=?0
ki-cache-tag: 8d8f024b-ce51-40bb-b092-9d8d2a08579a,eb392cd42464f0c0087041fc58455b77069f4775b4907eef3f5fe46a5ac7fad2
last-modified: Thu, 28 Mar 2024 20:45:23 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f3289dabca-YYZ
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge-o2o: yes
ki-edge: v=20.2.8;mv=3.1.1

GET 3b403a52-a465-415f-a0d3-db66bd0fb0be
https://newleafdebt.ca/ Frame 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
96 KB 269ms
91ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9JD2F2

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e12501392d2b881e9ac9090eea874e34df97651c745159d015a9130d4184447c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 15:37:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 97712
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 inline.js Show response
cdn.ywxi.net/js/ 8 KB
3 KB 226ms
58ms Script
text/javascript 2600:9000:21b8:d000:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/inline.js?w=120

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b8:d000:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

0cec60baf5e0b1650b6f41c8c96c1fc7c067fcca9fe608490ebc141b9768faf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
age: 3352
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
expires: Tue, 26 Nov 2024 15:41:43 GMT
x-cache: Hit from cloudfront
content-length: 2977
x-amz-cf-id: igGdv4QC-jdbeZ814t9Y9TuXlvRFHcC4C64hF5upa0o1PCYLrY-12Q==
date: Tue, 26 Nov 2024 14:41:43 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: JFK52-P9
server: Apache

GET
H2 200 bundle.min.js Show response
newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/ 403 KB
117 KB 103ms
102ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ffaa01d9f0d9640a060a6d970a841678bcd27b8c33e4bdc1d428a458ca90121

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62ed32b8-64d95"
age: 1778005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VwYBKRiqBwDWvXmTNREvTuAci04kjTwztYTPN0vMsyYPEWe9vCeu3zXC4iT884LnjTmfbgeIEPKOi4i1P8uYync5heNACXvsb%2BWtaXxRXMfXlwe28vTfg0uUHRCt814qum5qmQvhRPbR0UUH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,31bbe83921967a720adb316ad478359dbd98ede0fa52f4be6a1f174cc918fc10
last-modified: Fri, 05 Aug 2022 15:09:44 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f26eec8c4e-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 main-x.js Show response
newleafdebt.ca/wp-content/themes/new-leaf-theme/src/js/ 756 B
664 B 102ms
101ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/src/js/main-x.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce5a4735eaf378fa8a8d403ad72ea0127b5cb032bae9822beae1ebe984090d34

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62ed32c1-2f4"
age: 1778005
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2MkuZGe8BdkLp4aQ2OhZ0te9YJXhJCC5BdkMy1faqMxmDXy5m1zqx0u4g4QYlV91QM45aw0C3U%2BkDhdF8bqHxmhlYMmixD53D8O%2FGsOywISBCSJieKylH%2Bt1R3K1jKt8sTu5dcNFneRrOxZi"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,242899c0e6aca1df21b7c8b3f7acd0d3fe36b534e61d1b739d29daa0412bf8c6
last-modified: Fri, 05 Aug 2022 15:09:53 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f26eee8c4e-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 233ms
57ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: gzip
age: 430150
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 16:08:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 16:08:26 GMT
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30244
x-xss-protection: 0
server: sffe

GET
H2 200 1.1.0 Show response
instant.page/ 3 KB
1 KB 296ms
120ms Script
text/javascript 2606:4700::6813:e663
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://instant.page/1.1.0
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:e663 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 567c0764ccf8f616ec1d47ea71ab91567d6c6b60aef1cdf7e5a0d5d3be21fd2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://newleafdebt.ca/

Response headers

cache-control: max-age=2592000
content-encoding: br
cf-ray: 8e8af5f37ddf43c4-EWR
access-control-allow-origin: *
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 260ms
83ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e344bd80315fbf5b64e7f6cd18323c490f44fd721205cb0706602daf221ce264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 26 Nov 2024 15:37:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 26 Nov 2024 15:26:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 p.css
p.typekit.net/ 5 B
173 B 588ms
66ms Stylesheet
text/css 2600:141b:1c00:8::1728:b323
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=lzc6yqs&ht=tk&f=24352.24353.24354.24355&a=85921646&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/lzc6yqs.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:8::1728:b323 Secaucus, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://use.typekit.net/

Response headers

cache-control: public, max-age=604800
etag: "65edab1d-5"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: text/css
last-modified: Sun, 10 Mar 2024 12:44:13 GMT
server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 266 KB
94 KB 73ms
71ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KZ178G7CMT&l=dataLayer&cx=c&gtm=45He4bk0v813066183za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9JD2F2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7c9e83831719efbebc4823ef4e5b6d547004c7c9bb986727912d106e419df4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 15:37:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 96120
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 224 KB
79 KB 81ms
80ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NH78V45

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8b1fd24b0153125bf0ec683c1ebbabb488ee552e51907ba8e43d0a24b85a5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 26 Nov 2024 15:37:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 26 Nov 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 81178
x-xss-protection: 0
server: Google Tag Manager

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 622ms
290ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZ178G7CMT&gtm=45je4bk0v9122451387z8813066183za200zb813066183&_p=1732635456339&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1296640118.1732635457&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732635457&sct=1&seg=0&dl=https%3A%2F%2Fnewleafdebt.ca%2F&dt=Get%20Out%20of%20Debt%20and%20Revitalize%20Your%20Finances%20%E2%80%93%20New%20Leaf%20Debt%20Solutions&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1970
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZ178G7CMT&l=dataLayer&cx=c&gtm=45He4bk0v813066183za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://newleafdebt.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 leaf-bg.jpg
newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/ 42 KB
42 KB 97ms
96ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/leaf-bg.jpg

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd18b73288518a29f66e95a5b4972b41a56d9246cbf60c405e04a52662ed4db5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Response headers

cf-cache-status: HIT
etag: "5db88911-a6cf"
age: 155691
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xBNiRtMZeTubdE5l52RmsCvWpK%2F3DV8rAuKGOD2gbsUnyEKMhWA0Z6u%2FQhlHsbUGAHBMXKn%2BTASu3ff66K5w5OH1Fv3ai0ovhgC4wbtb7BBGB9%2FFd1dT1%2F0vSfA2VPFORi62KdyaIDPtmRgt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2019 18:46:41 GMT
vary: Accept-Encoding
ki-origin: g1p
ki-cf-cache-status: HIT
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,3cc6c8e6403d29237e4d3848d5b93ebfba8b166101b1d862ca0a8f2aecd04191
priority: u=3,i
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f7fa6e7d14-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42703
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 280ms
49ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 550692
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 06:39:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 06:39:25 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 fa-brands-400.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/ 68 KB
68 KB 337ms
174ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e705082b8a630b4d0190bb13e20f4d127f75ad88c271c749ff0c4e10c6acacf9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://pro.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "0896516daa9ef0a4169465a6fa281d68"
age: 307564
access-control-allow-methods: GET
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:29:42 GMT
x-amz-id-2: IfG1n6/MGYT/6+RfBCRRKpBhoJ/vM4mcwcexq4JUMKQkJnEEpZglYyZTH6BzTZpFYQ8sluGf6uc=
cache-control: max-age=31556926
x-amz-request-id: 6WXKFZH44N3XT9VD
cf-ray: 8e8af5f9886f4211-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 69644
server: cloudflare

GET
H2 200 fa-regular-400.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/ 132 KB
133 KB 241ms
82ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee41bc0e3059351bcca7313fe1d7f9053a164ba2f2e1df3df39260217298a03b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://pro.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "8b13141deffa0a1d715d14a470aea6de"
age: 307564
access-control-allow-methods: GET
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:29:43 GMT
x-amz-id-2: QxaiCVsTjkq0Y7KuJASw7UFJokfQWXtSzAvnRqnNnwpB18p9cLbvj1roo3ZW4W3oMPE1S+28VoA=
cache-control: max-age=31556926
x-amz-request-id: M9NAQKRBAKN27KVR
cf-ray: 8e8af5f988744211-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 135488
server: cloudflare

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/ 108 KB
109 KB 329ms
171ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://pro.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "a265bbc20e40ae6e6b45e0b78ab08c41"
age: 307564
access-control-allow-methods: GET
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:29:43 GMT
x-amz-id-2: t3Y1xLrZ5dS18sz0RH++JL9rsZ4KeEe3wftyvYqP1BXHf0EvPZBTJYA1o71sszhzgEquqILbL+w=
cache-control: max-age=31556926
x-amz-request-id: 4NVP470ASRSCCHDG
cf-ray: 8e8af5f988734211-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 110892
server: cloudflare

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 31 KB
10 KB 287ms
60ms Script
application/x-javascript 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "6d3071e7937674c226546116c276cfec:1731942406.457597"
Connection: keep-alive
Expires: Tue, 26 Nov 2024 15:57:37 GMT
Accept-Ranges: bytes
X-CC: CA
Content-Length: 9328
X-RG: NA
Date: Tue, 26 Nov 2024 15:37:37 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 18 Nov 2024 08:29:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H3 200 retreaver.bundle.js Show response
cdn.consolidatedcredit.org/retreaver/ 75 KB
26 KB 261ms
48ms Script
text/javascript 172.66.42.219
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consolidatedcredit.org/retreaver/retreaver.bundle.js
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.66.42.219 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 113ca090954559427987ade1785646d258397089e048e068793630d9e97a4398

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=mNkTnQ==, md5=PvC6GEqU6dT/gPrXHUWu2Q==
cf-cache-status: HIT
etag: W/"3ef0ba184a94e9d4ff80fad71d45aed9"
age: 3045
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r%2FvR9jbZK4yT%2FPQH%2FRbecqu%2Fe%2BdEG6vf%2BY4S%2BK2K3%2FdsEGe%2BNmtze09UutGMhZV0LyAyiagEwLSYAJggf9vna2bVtsB7DC7igVAsxpQ4NH6TBYEpFDw4pCmv01BAjQu7Kft%2Fg6j5RgexfOOB"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding: identity
expires: Tue, 26 Nov 2024 15:46:52 GMT
alt-svc: h3=":443"; ma=86400
x-goog-stored-content-length: 76405
server-timing: cfL4;desc="?proto=QUIC&rtt=26482&sent=11&recv=8&lost=0&retrans=0&sent_bytes=4294&recv_bytes=4301&delivery_rate=111425&cwnd=12000&unsent_bytes=0&cid=71d15c1e5e437dba&ts=118&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: text/javascript
last-modified: Wed, 20 Nov 2024 19:59:41 GMT
vary: Accept-Encoding
priority: u=3,i=?0
x-guploader-uploadid: AFiumC53pYLKfFkyYt8cf7biOE3vRpbVng10KYQ866CEhu996A93GzO29X8HbSPxBMqbjliFvUQ
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class: STANDARD
cf-ray: 8e8af5f9c874aada-YYZ
access-control-allow-origin: *
x-goog-generation: 1732132781685138
server: cloudflare

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/ 205 B
1018 B 409ms
103ms XHR
application/json 52.218.180.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/inline.js?w=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.180.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2604fcad94e863c667ef4d5c21c5657c3404ee486d6ce41e46e03dc4603099e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Access-Control-Max-Age: 60
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Content-Encoding: gzip
ETag: "4d9a03c6e9158a4c9e92e79f7549880a"
x-amz-version-id: AsSxt8oM5y_oRotKrHXBPAY8WXYe5yKg
Access-Control-Allow-Methods: GET, HEAD
Date: Tue, 26 Nov 2024 15:37:38 GMT
Last-Modified: Wed, 20 Nov 2024 03:39:13 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: application/json
x-amz-id-2: BgWLyWDxs2SSYvjbLsOKq05evPYhucaRUqleN85QiB0Nn0N7WXAHPMIgPMeZ4cxCS/cPmWKEDbg=
x-amz-replication-status: COMPLETED
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
x-amz-request-id: WY6EDA5GGXSTVM6M
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://newleafdebt.ca
Content-Length: 170
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 I_ycY6kKBdo
www.youtube.com/embed/ Frame 5144 0
0 408ms
168ms Document
text/html 2607:f8b0:4006:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/I_ycY6kKBdo?wmode=opaque&rel=0&showinfo=0

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://newleafdebt.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-security-policy: require-trusted-types-for 'script'
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-lNxI0osN9iK1qOWGl000pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Nov 2024 15:37:37 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dmp-bg.png
newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/ 11 KB
11 KB 97ms
97ms Image
image/png 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/dmp-bg.png

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2e430a4e34f07273d6ad3043518f65ad4615537eb55f37304032a8a46878af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/wp-content/themes/new-leaf-theme/dist/bundle.min.css

Response headers

cf-cache-status: HIT
etag: "5db8890e-2a3a"
age: 405809
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x6G%2B2LMISQL5W38HGSZxPNJ%2B96d2VmXwyGZn89Lv5plho9ll2k4KSzluw0YxwkJ0kw5ph6D0ptux96vw1qf95Igkb0O9WOk9bgsa0%2B%2BCFFKPKc5Hi%2B5rrvsh2l%2FmnggbhMpHvr5RjZMK0qF6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Tue, 29 Oct 2019 18:46:38 GMT
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,21546c08d0624955eeb30b0df1be330f9db80ef3d1512dc7095231d552b29460
priority: u=3,i
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f8db7f7d14-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10810
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 fa-light-300.woff2
pro.fontawesome.com/releases/v5.5.0/webfonts/ 142 KB
143 KB 229ms
148ms Font
font/woff2 2606:4700:4400::ac40:93bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.5.0/webfonts/fa-light-300.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.5.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://pro.fontawesome.com/releases/v5.5.0/css/all.css

Response headers

access-control-max-age: 3000
cf-cache-status: HIT
etag: "b076f7ccd174eeb6ea55b9857c50f37c"
age: 78911
access-control-allow-methods: GET
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: font/woff2
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Mon, 28 Jun 2021 17:29:43 GMT
x-amz-id-2: lgdt5De7pDRobB3eOhDM2d6SIRxHx8ENeiNYurKl7ySbzhkOOL6151fZODMjQWgKtakOsyCYPMA=
cache-control: max-age=31556926
x-amz-request-id: 538JQWSFNCZZ6DE9
cf-ray: 8e8af5f988714211-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 145656
server: cloudflare

GET
H3 200 memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2
fonts.gstatic.com/s/opensans/v40/ 19 KB
19 KB 141ms
47ms Font
font/woff2 2607:f8b0:4006:80c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://newleafdebt.ca
Referer: https://fonts.googleapis.com/

Response headers

age: 370055
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 08:50:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 08:50:02 GMT
last-modified: Thu, 14 Dec 2023 02:02:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 19280
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/ 205 B
0 306ms
306ms XHR
application/json 52.218.180.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/inline.js?w=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.180.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2604fcad94e863c667ef4d5c21c5657c3404ee486d6ce41e46e03dc4603099e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Access-Control-Max-Age: 60
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Content-Encoding: gzip
ETag: "4d9a03c6e9158a4c9e92e79f7549880a"
x-amz-version-id: AsSxt8oM5y_oRotKrHXBPAY8WXYe5yKg
Access-Control-Allow-Methods: GET, HEAD
Date: Tue, 26 Nov 2024 15:37:38 GMT
Last-Modified: Wed, 20 Nov 2024 03:39:13 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: application/json
x-amz-id-2: BgWLyWDxs2SSYvjbLsOKq05evPYhucaRUqleN85QiB0Nn0N7WXAHPMIgPMeZ4cxCS/cPmWKEDbg=
x-amz-replication-status: COMPLETED
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
x-amz-request-id: WY6EDA5GGXSTVM6M
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://newleafdebt.ca
Content-Length: 170
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 20 KB
5 KB 42ms
42ms Script
text/javascript 2600:9000:21b8:d000:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b8:d000:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

9c1ea67c36d8b7c7531a6bbc78879cdfb4d3bfe22ee52a4e48c82c78f2d30a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
age: 1650
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
expires: Tue, 26 Nov 2024 16:10:07 GMT
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 4887
x-amz-cf-id: 9yTHQ1ZGSrMOm7tTXg4kXwq-Rar7yQYpzk6KAUxuU3vUgSc6IroJdQ==
date: Tue, 26 Nov 2024 15:10:07 GMT
content-type: text/javascript; charset=utf-8
x-amz-cf-pop: JFK52-P9
server: Apache

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 359ms
85ms Script
application/javascript 2620:116:800b:21:a021:b886:81cc:55cf
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: private, max-age=604800
content-encoding: gzip
etag: "mLYq618hJoRcW1Crupr2OQ=="
expires: Tue, 03 Dec 2024 15:37:37 GMT
accept-ranges: bytes
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H3 200 wp-emoji-release.min.js Show response
newleafdebt.ca/wp-includes/js/ 18 KB
6 KB 86ms
85ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66c63a42-4926"
age: 78911
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aR3o08uG4iLgJKiH6nfcBsF4DJOvBHmPBcXkrky7V0OyfmzTwEx4Rx6%2FlTWbSKjbK5D05ww4SkZt6HSjIiE2wB4o5svhkAFpFNf5XUa5HCFWKDeMakt3LB4Ljt71d2IpBd02Jm%2BUeD0XlNc9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: HIT
vary: Accept-Encoding
ki-origin: g1p
priority: u=3,i=?0
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,c12205b41922fb621530d9f375d76f7cfb164e383238d55a851e0f8f9f5fec67
last-modified: Wed, 21 Aug 2024 19:04:34 GMT
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f9bca47d14-EWR
access-control-allow-origin: *
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H3 200 admin-ajax.php Show response
newleafdebt.ca/wp-admin/ 7 B
699 B 421ms
420ms XHR
text/html 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-admin/admin-ajax.php?action=get_ticker_items&lang=en-ca

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

492b95abbcff8a283406537a2fe137bb485d03a4d950a04e4b344b2f8b896e65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://newleafdebt.ca/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*

Response headers

x-robots-tag: noindex
content-encoding: br
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uz0vsGzNH3GtM9d%2FZX7W9qdwLfo5O45biGwMRZViAyPt3JPqYzPxnNC5tWeDN76p08Qi4MgQcoPZFowKOtyP3hO2mUt6peKj89e59IP5qj8VkktEQdgq%2FNQr3e9f%2F1VUQ7d%2FfHlv4wnShDQu"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
ki-cf-cache-status: BYPASS
ki-origin: g1p
x-frame-options: SAMEORIGIN
priority: u=1,i
x-kinsta-cache: BYPASS
cache-control: no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e8af5f9ecf47d14-EWR
ki-cache-type: None
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/ 205 B
1018 B 344ms
114ms XHR
application/json 52.218.180.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.180.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2604fcad94e863c667ef4d5c21c5657c3404ee486d6ce41e46e03dc4603099e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Access-Control-Max-Age: 60
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Content-Encoding: gzip
ETag: "4d9a03c6e9158a4c9e92e79f7549880a"
x-amz-version-id: AsSxt8oM5y_oRotKrHXBPAY8WXYe5yKg
Access-Control-Allow-Methods: GET, HEAD
Date: Tue, 26 Nov 2024 15:37:38 GMT
Last-Modified: Wed, 20 Nov 2024 03:39:13 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: application/json
x-amz-id-2: 3YkNeY4XicyUR8+fGyDINo5B5btSaPstsa3aeLPPGAUQRk2/FzbVWOOHTzVtjj0QFrK7B3EVwkc=
x-amz-replication-status: COMPLETED
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
x-amz-request-id: WY643JJPTSV4HM3R
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://newleafdebt.ca
Content-Length: 170
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/ 205 B
0 174ms
174ms XHR
application/json 52.218.180.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/newleafdebt.ca/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/inline.js?w=90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.218.180.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2604fcad94e863c667ef4d5c21c5657c3404ee486d6ce41e46e03dc4603099e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Access-Control-Max-Age: 60
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Content-Encoding: gzip
ETag: "4d9a03c6e9158a4c9e92e79f7549880a"
x-amz-version-id: AsSxt8oM5y_oRotKrHXBPAY8WXYe5yKg
Access-Control-Allow-Methods: GET, HEAD
Date: Tue, 26 Nov 2024 15:37:38 GMT
Last-Modified: Wed, 20 Nov 2024 03:39:13 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Content-Type: application/json
x-amz-id-2: BgWLyWDxs2SSYvjbLsOKq05evPYhucaRUqleN85QiB0Nn0N7WXAHPMIgPMeZ4cxCS/cPmWKEDbg=
x-amz-replication-status: COMPLETED
Cache-Control: public, max-age=60
Access-Control-Allow-Credentials: true
x-amz-request-id: WY6EDA5GGXSTVM6M
Accept-Ranges: bytes
Access-Control-Allow-Origin: https://newleafdebt.ca
Content-Length: 170
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK 008e6598a86899b611c1a0f8561394cdb6 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
516 B 388ms
87ms Script
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/008e6598a86899b611c1a0f8561394cdb6

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-51-57-192.deploy.static.akamaitechnologies.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1732602403345
Content-Encoding: gzip
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Connection: keep-alive
Expires: Tue, 26 Nov 2024 15:38:37 GMT
Access-Control-Allow-Origin: *
X-CC: CA
Content-Length: 22
X-RG: NA
Date: Tue, 26 Nov 2024 15:37:37 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: b37e6ba5952566c1fa2698c0b76c5ebc

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 328ms
125ms Fetch
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Tue, 26 Nov 2024 15:57:37 GMT
Access-Control-Allow-Origin: *
X-CC: CA
Content-Length: 26
X-RG: NA
Date: Tue, 26 Nov 2024 15:37:37 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 404ms
62ms Fetch
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=07282021427658323&referrer=&cht=gtm&marketerId=008e6598a86899b611c1a0f8561394cdb6&name=PAGE_VIEW&dl=https%3A%2F%2Fnewleafdebt.ca%2F&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: image/gif;
x-traceid: 5a166c7d25e2c903ed2972ffb0983f2a

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 445ms
103ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=008e6598a86899b611c1a0f8561394cdb6

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: application/javascript
x-traceid: 127742268b0f8626753b8821027eae4a

GET
H3 200 vtevents.js Show response
resources.venturetechsolutions.com/pixel/vlatest/ 16 KB
6 KB 224ms
223ms Script
application/javascript 172.67.185.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.venturetechsolutions.com/pixel/vlatest/vtevents.js

Requested by

Host: cdn.consolidatedcredit.org
URL: https://cdn.consolidatedcredit.org/retreaver/retreaver.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abfdc8dbff36f2cca62a1868a7244b131e8b392c9731b2a7a50c73e27c782f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

server: cloudflare
content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"664ebe40-4001"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVcCcefE4%2BD96MwiBTJ3IHCeAUsPPzxfmEceVM9l9tqbcsdNaCtOGuf2Vq3iqc84ACiKOHdtUOpLt5KLXs40Q93mGsOrNIphcupVGV6eO9ExsuoN5G65LonYJaaX%2BsjWYQI3nIo%2Bj3zpwtVn%2F8LSfCw%2BYwA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=41074&sent=94&recv=51&lost=0&retrans=0&sent_bytes=91293&recv_bytes=6454&delivery_rate=923870&cwnd=37500&unsent_bytes=0&cid=8128340eb92cc8b0&ts=1399&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: application/javascript; charset=UTF-8
ki-cf-cache-status: BYPASS
vary: Accept-Encoding
ki-origin: g1p
priority: u=3,i=?0
last-modified: Thu, 23 May 2024 03:55:44 GMT
cache-control: max-age=315360000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5fa7f51abca-YYZ
access-control-allow-origin: *
ki-cache-type: None
ki-edge-o2o: yes
ki-edge: v=20.2.8;mv=3.1.6

GET
H/1.1 200
OK getcampaigninfo.aspx Show response
marketingapi.vtgr.net/ 197 B
824 B 1005ms
507ms Script
application/json 13.92.193.110
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingapi.vtgr.net/getcampaigninfo.aspx?APIKey=u6EIHpNKc9sEMY9oLQVXbw1SESzjmwek&pid=99731&company_name=Consolidated%20Ca&callback=CallbackRegistry.cb1732635457675
Requested by: Host: cdn.consolidatedcredit.org
URL: https://cdn.consolidatedcredit.org/retreaver/retreaver.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 13.92.193.110 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: f727e15928360fbca4ee18cfeb816b6848d32dd56d708b24a6f831f0106bd1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Cache-Control: private
X-AspNet-Version: 4.0.30319
Content-Encoding: gzip
Request-Context: appId=cid-v1:a850a586-5f35-4ea0-8c2c-b1fffc0bc914
Content-Length: 237
Date: Tue, 26 Nov 2024 15:37:38 GMT
Content-Type: application/json; charset=utf-8
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET

GET
H2 200 102.svg
cdn.ywxi.net/meter/newleafdebt.ca/ 19 KB
8 KB 40ms
40ms Image
image/svg+xml 2600:9000:21b8:d000:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/newleafdebt.ca/102.svg?ts=1732073952164&l=en

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b8:d000:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public
content-encoding: gzip
age: 2237
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
expires: Tue, 26 Nov 2024 16:00:20 GMT
x-cache: Hit from cloudfront
content-length: 7295
x-amz-cf-id: b-j3aShBisUh-wyoCRPGgasCt1QunFETJmFxCx79FbG4fuLPVxJapw==
date: Tue, 26 Nov 2024 15:00:20 GMT
content-type: image/svg+xml
x-amz-cf-pop: JFK52-P9
server: Apache

GET
H2 200 rules-p-8pdjzpjQkHguG.js Show response
rules.quantcount.com/ 2 KB
1 KB 405ms
89ms Script
application/javascript 2600:9000:21dd:b600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8pdjzpjQkHguG.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:b600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 22b1794d0ab736d90441eea1f310aeab916aff5bda54f70b8717c51cbadeaf38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: gzip
etag: W/"657e17c3567bc744407b01adf73a6794"
age: 2032
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: 1kAMR2exuc5oydhn3Dv2KLXUO1lsFMOLka_JEz7fh0UVxQSuY3r2cw==
date: Tue, 26 Nov 2024 15:03:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 13 Oct 2022 15:17:52 GMT
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
via: 1.1 8f53b5d73ff2f5f8cae7b49606b79bd4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: EWR53-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 88ms
85ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C6QMQEC9BB

Requested by

Host: resources.venturetechsolutions.com
URL: https://resources.venturetechsolutions.com/pixel/vlatest/vtevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7ebf4f5d3fb32da91266370ae0a11858c6141d05e41b1fc889aad087ce92175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 26 Nov 2024 15:37:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99591
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 / Show response
resources.venturetechsolutions.com/pixel/vlatest/ 2 KB
3 KB 144ms
140ms Script
application/javascript 172.67.185.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.venturetechsolutions.com/pixel/vlatest/?v=2.0&dl=https%3A%2F%2Fnewleafdebt.ca%2F&dt=Get%20Out%20of%20Debt%20and%20Revitalize%20Your%20Finances%20%E2%80%93%20New%20Leaf%20Debt%20Solutions&dr=null&ul=en-CA&pid=99731&vtc=aW5pdGlhbFRyYWZmaWNTb3VyY2U9dXRtY3NyPShkaXJlY3QpfHV0bWNtZD0obm9uZSl8dXRtY2NuPShub3Qgc2V0KTsgX191dG16enNlcz0xOyBfZ2E9R0ExLjEuMTI5NjY0MDExOC4xNzMyNjM1NDU3OyBfZ2FfS1oxNzhHN0NNVD1HUzEuMS4xNzMyNjM1NDU3LjEuMC4xNzMyNjM1NDU3LjAuMC4w&vtp=eyJsb2FkZWQiOiIxLjkwMDAwMTUyNTg3ODkwNjIiLCJjb21wbGV0ZSI6IjAiLCJpbnRlcmFjdGl2ZSI6IjIyNDIuMzAwMDAxMTQ0NDA5IiwicmVkaXJlY3RzIjoiMCIsImZpcnN0X3BhaW50IjoiMjExOC4yMDAwMDA3NjI5Mzk1IiwiZmlyc3RfY29udGVudGZ1bF9wYWludCI6IjIxMTguMjAwMDAwNzYyOTM5NSJ9&vtqs=0

Requested by

Host: resources.venturetechsolutions.com
URL: https://resources.venturetechsolutions.com/pixel/vlatest/vtevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.185.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

411c77a67b2d2bd289030ff885880df93f2e81e23e8d352058b9c8512b7b675b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

server: cloudflare
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CC06GTR3dkMT%2FScFrxbE8ByWYnf%2FpO05KLPEpk2Xm7HWnMNVrVtuNHNRoCwYYVQcy4VJjB7W6tE%2FUDTkhZBFq%2BTxHRmpUlhKF7sf3tOeDD2a4W4cOV1DIEMx6Iey%2Fl3UiFZoZ0H4bLyzZ%2FemvtNtXKQVPOQ%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 19 Nov 1981 08:52:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=39384&sent=101&recv=55&lost=0&retrans=0&sent_bytes=97697&recv_bytes=7379&delivery_rate=5104&cwnd=37500&unsent_bytes=0&cid=8128340eb92cc8b0&ts=1564&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
ki-cf-cache-status: BYPASS
ki-origin: g1p
priority: u=3,i=?0
x-kinsta-cache: BYPASS
cache-control: no-store, no-cache, must-revalidate
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
x-edge-location-klb: 1
cf-ray: 8e8af5fc18c2abca-YYZ
ki-cache-type: None
ki-edge-o2o: yes
ki-edge: v=20.2.8;mv=3.1.6

GET
H2

200

visit Show response
www.trustedsite.com/rpc/tmjs/newleafdebt.ca/
Redirect Chain

https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966
https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966&hash=1732635458392

6 B
568 B

103ms
103ms

Script
text/javascript

52.43.156.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966&hash=1732635458392

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Server

52.43.156.40 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-156-40.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-length: 26
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: text/javascript; charset=utf-8
server: Apache

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex, nofollow
location: https://www.trustedsite.com/rpc/tmjs/newleafdebt.ca/visit?rand=1732635457966&hash=1732635458392
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
content-length: 133
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: text/html; charset=utf-8
server: Apache

GET
H2 200 205.svg
cdn.ywxi.net/meter/newleafdebt.ca/ 20 KB
8 KB 44ms
40ms Image
image/svg+xml 2600:9000:21b8:d000:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.ywxi.net/meter/newleafdebt.ca/205.svg?ts=1732073952164&l=en

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21b8:d000:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public
content-encoding: gzip
age: 2238
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
via: 1.1 7002831b3049ff1090da3f99329ed2b0.cloudfront.net (CloudFront)
expires: Tue, 26 Nov 2024 16:00:20 GMT
x-cache: Hit from cloudfront
content-length: 7400
x-amz-cf-id: Al-cj_1VT1_puCCezy4l8gsoQ0erlADMK7tv8GQrtsnKugcn_ZJaLg==
date: Tue, 26 Nov 2024 15:00:20 GMT
content-type: image/svg+xml
x-amz-cf-pop: JFK52-P9
server: Apache

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 283 KB
97 KB 75ms
74ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-C6QMQEC9BB&l=dataLayer&cx=c&gtm=45He4bk0v813066183za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9JD2F2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c1c34f023a0e81ab7f1a422caf7e2ac7b8186ef75fbb60ef2c223b0ab2e77fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 26 Nov 2024 15:37:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 99719
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 /
us-central1-venturetechsolutions.cloudfunctions.net/vt-pixel/ 16 B
16 B 258ms
99ms Image
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-central1-venturetechsolutions.cloudfunctions.net/vt-pixel/?dl=https://newleafdebt.ca/&cid=1296640118.1732635457&ip_address=157.254.49.6
Requested by: Host: newleafdebt.ca
URL: https://newleafdebt.ca/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: text/html; charset=utf-8
x-cloud-trace-context: fd79e3f5ede4c47f18f11d7abdfdd442
server: Google Frontend

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 140ms
128ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C6QMQEC9BB&gtm=45je4bk0v890482946za200&_p=1732635456339&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1296640118.1732635457&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&uid=31496f274173d62c4c1b3a00cf0f0febde7acc1cf79ea0a8f8e8959ea205e09d&dl=https%3A%2F%2Fnewleafdebt.ca%2F&sid=1732635458&sct=1&seg=0&dt=Get%20Out%20of%20Debt%20and%20Revitalize%20Your%20Finances%20%E2%80%93%20New%20Leaf%20Debt%20Solutions&en=page_view&_fv=2&_ss=1&_ee=1&ep.ip=157.254.49.6&ep.site_pid=99731&ep.site_ls_pid=&ep.site_default_pid=99731&ep.user_id_from_cookie=&ep.pid_from_local_storage=&ep.ip_forwarded=157.254.49.6%2C157.254.49.6&ep.ip_remote=157.254.49.6&tfd=2913
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6QMQEC9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://newleafdebt.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
545 B 335ms
138ms Ping
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C6QMQEC9BB&cid=1296640118.1732635457&gtm=45je4bk0v890482946za200&aip=1&uid=31496f274173d62c4c1b3a00cf0f0febde7acc1cf79ea0a8f8e8959ea205e09d&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C6QMQEC9BB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c09::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://newleafdebt.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 ga-audiences
www.google.com.mt/ads/ 42 B
409 B 419ms
227ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.mt/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C6QMQEC9BB&cid=1296640118.1732635457&gtm=45je4bk0v890482946za200&aip=1&uid=31496f274173d62c4c1b3a00cf0f0febde7acc1cf79ea0a8f8e8959ea205e09d&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=503533989

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 26 Nov 2024 15:37:38 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2

200

pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635458262;tzo=480;ogl=locale.en_...
pixel-ssn.quantserve.com/
Redirect Chain

https://pixel.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635...
https://pixel-ssn.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=173...

35 B
357 B

287ms
73ms

Image
image/gif

192.184.68.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel-ssn.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635458262;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%2Cdescription.New%20Leaf%20Debt%20Solutions%20provides%20consumer%20credit%20counselling%20services%20to%20help%20yo%2Curl.https%3A%2F%2Fnewleafdebt%252Eca%2F%2Csite_name.New%20Leaf%20Debt%20Solutions%252C%20Inc%252E;ses=f35f80d4-1fe3-4b4e-8768-a127cf9fe465;d=newleafdebt.ca;uht=2;fpan=1;fpa=P0-351536829-1732635458267;pbc=;gdpr=0;mdl=;dip=a75d44fb-74e2-4836-8911-a75b2240916c

Requested by

Host: newleafdebt.ca
URL: https://newleafdebt.ca/

Protocol

Server

192.184.68.228 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
date: Tue, 26 Nov 2024 15:37:38 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["s0lYdPhh4zG77LIQrkLcmg=="],"pcode":["p-8pdjzpjQkHguG"]}],"trigger_data":"1"}]}
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-cache, no-store, proxy-revalidate
location: https://pixel-ssn.quantserve.com/pixel;r=1098378580;labels=_fp.event.homepage;rf=0;a=p-8pdjzpjQkHguG;url=https%3A%2F%2Fnewleafdebt.ca%2F;ns=0;ce=1;qjs=1;qv=6cdb9339-20241109062824;ref=;dst=1;et=1732635458262;tzo=480;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%2Cdescription.New%20Leaf%20Debt%20Solutions%20provides%20consumer%20credit%20counselling%20services%20to%20help%20yo%2Curl.https%3A%2F%2Fnewleafdebt%252Eca%2F%2Csite_name.New%20Leaf%20Debt%20Solutions%252C%20Inc%252E;ses=f35f80d4-1fe3-4b4e-8768-a127cf9fe465;d=newleafdebt.ca;uht=2;fpan=1;fpa=P0-351536829-1732635458267;pbc=;gdpr=0;mdl=;dip=a75d44fb-74e2-4836-8911-a75b2240916c
pragma: no-cache
expires: Fri, 04 Aug 1978 12:00:00 GMT
content-length: 35
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
date: Tue, 26 Nov 2024 15:37:38 GMT
attribution-reporting-register-trigger: {"event_trigger_data":[{"filters":[{"label":["s0lYdPhh4zG77LIQrkLcmg=="],"pcode":["p-8pdjzpjQkHguG"]}],"trigger_data":"1"}]}
content-type: image/gif

GET
H/1.1 200
OK embed.min.js Show response
home-c33.nice-incontact.com/inContact/ChatClient/js/ 13 KB
4 KB 440ms
85ms Script
application/javascript 35.85.234.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c33.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9JD2F2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.234.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-234-128.us-west-2.compute.amazonaws.com

Software

Resource Hash

1340eea1ca0e715c03572d7b2d9165831c76171a82641682654f2231bf1c1dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
ETag: "0617b98b8fada1:0"
Connection: keep-alive
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Length: 3246
Date: Tue, 26 Nov 2024 15:37:39 GMT
X-XSS-Protection: 1; mode=block
Content-Type: application/javascript
Last-Modified: Fri, 30 Aug 2024 08:42:50 GMT
Vary: Accept-Encoding
Server: Powered by Nice CXOne

GET
H2

200

bootstrap.js Show response
cdn.trustedform.com/
Redirect Chain

https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058
https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058

16 KB
6 KB

264ms
87ms

Script
application/javascript

2600:9000:21dd:1600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/bootstrap.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058
Protocol: H2
Server: 2600:9000:21dd:1600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64d2df892afc6d9d2da1e1acbce0538e5adc053fb707a47be4e2e064948f17f5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

x-amz-cf-pop: EWR53-C2
content-encoding: gzip
x-amz-version-id: 9KUpRLpDutHXwmRHxdSEQ4YlZ6KudOZD
etag: W/"c6582060401580b849f223c7425fd805"
via: 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: SMN52v-kx6YNMD8uGFkwL3qJjsps14a21UmM4vi9oSX7hMHCWapk7A==
date: Tue, 26 Nov 2024 15:37:40 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 25 Nov 2024 20:26:05 GMT

Redirect headers

location: https://cdn.trustedform.com:443/bootstrap.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058
content-length: 134
date: Tue, 26 Nov 2024 15:37:39 GMT
content-type: text/html
server: awselb/2.0

GET
H3 200 favicon.png
newleafdebt.ca/wp-content/uploads/2019/10/ 2 KB
3 KB 103ms
102ms Other
image/png 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newleafdebt.ca/wp-content/uploads/2019/10/favicon.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02bea5851d809a8d887ece96e7ec254f829ea3d587a3059390dc94bccca3b59d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cf-cache-status: HIT
etag: "5da76ce2-80c"
age: 1279481
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cmk%2F7K9bquFJcv0he%2FsSzKQmTvX2QrunUwEEB6yLC4nF3FXQaye822Qnc9dFE81xWKePYhlPBAMRCS9iQEg8WerRe3dx4CoB4tekNSrI8bHgQ70NUOnaMjTjxWhWpOrTjWI%2FuJ9w%2Bi6tPI6U"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 26 Nov 2024 15:37:39 GMT
content-type: image/png
ki-cf-cache-status: HIT
vary: Accept-Encoding
last-modified: Wed, 16 Oct 2019 19:17:54 GMT
ki-origin: g1p
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,74e8a9474dbe0b6a47200cf48eb3611d8eb4a7c19b6d5653e0d199fd2bbe0f52
priority: u=1,i
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af6055c5b7d14-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2060
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H/1.1 200
OK ChatClient.aspx
home-c33.nice-incontact.com/inContact/ChatClient/ Frame 82FC 0
0 465ms
99ms Document
text/html 35.85.234.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c33.nice-incontact.com/inContact/ChatClient/ChatClient.aspx?poc=fc171aab-40b4-4677-ae6d-aff3fb44b095&bu=4598740

Requested by

Host: home-c33.nice-incontact.com
URL: https://home-c33.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.234.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-234-128.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newleafdebt.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: private
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 746
Content-Type: text/html; charset=utf-8
Date: Tue, 26 Nov 2024 15:37:40 GMT
Server: Powered by Nice CXOne
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK chatButton.html
home-c33.nice-incontact.com/inContact/ChatClient/ Frame 1CC6 0
0 458ms
90ms Document
text/html 35.85.234.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://home-c33.nice-incontact.com/inContact/ChatClient/chatButton.html

Requested by

Host: home-c33.nice-incontact.com
URL: https://home-c33.nice-incontact.com/inContact/ChatClient/js/embed.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.234.128 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-234-128.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newleafdebt.ca/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1669
Content-Type: text/html
Date: Tue, 26 Nov 2024 15:37:40 GMT
ETag: "05c8854b8fada1:0"
Last-Modified: Fri, 30 Aug 2024 08:40:56 GMT
Server: Powered by Nice CXOne
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H2 201 certs Show response
api.trustedform.com/ 474 B
685 B 293ms
79ms XHR
application/json 34.226.171.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.171.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-171-123.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: dd75e59bea105bb29583d50d510aef25b2c6ed8f4ea6d6affd51dd1571bed4d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://newleafdebt.ca/

Response headers

access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 474
date: Tue, 26 Nov 2024 15:37:40 GMT
content-type: application/json; charset=utf-8
server: Cowboy

GET
H2 200 trustedform-1.9.30.js Show response
cdn.trustedform.com/ 99 KB
37 KB 45ms
45ms Script
application/javascript 2600:9000:21dd:1600:1c:7f1a:6680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.trustedform.com/trustedform-1.9.30.js
Requested by: Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?field=xxTrustedFormCertUrl&l=17326354593700.2183893457693058
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:1600:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6f2042d83b92dbe5b4b67185bcc62924130eb6e9f358a3a2b70b23764b355bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

x-amz-cf-pop: EWR53-C2
content-encoding: gzip
x-amz-version-id: WtAUge4IWB8lsOx2V0WzO5fQpO4CR469
etag: W/"5cd2377d08462e2445bf45af4e140de4"
age: 16
via: 1.1 c704491f877b150c768ef14eb188ed46.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: NqDUy5D2gZBQrSM5Y2-faBmACGqyh53BHRn2CLo0jV3_--e2tkWWFw==
date: Tue, 26 Nov 2024 15:37:32 GMT
content-type: application/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Mon, 25 Nov 2024 20:26:05 GMT

GET truncated
/ Frame 0
0

POST
H2 204 snapshot Show response
api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/ 0
159 B 122ms
107ms XHR
text/plain 34.226.171.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/snapshot
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.171.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-171-123.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://newleafdebt.ca/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Tue, 26 Nov 2024 15:37:40 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/ 0
159 B 84ms
73ms XHR
text/plain 34.226.171.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.171.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-171-123.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://newleafdebt.ca/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Tue, 26 Nov 2024 15:37:40 GMT
server: Cowboy
access-control-allow-credentials: true

GET
H2 200 New-Leaf-Logo-final-350x100.jpg
newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/ 30 KB
0 8ms
8ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://newleafdebt.ca/wp-content/themes/new-leaf-theme/src/images/New-Leaf-Logo-final-350x100.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7a3c58cb79d9607ced999f2ee276c9c774514d356b8352a3f21ff7bc6c10ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cf-cache-status: HIT
etag: "5db8890a-786b"
age: 2311620
cf-bgj: h2pri
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=no0vBIn3JhELs1voWZBebSGrs4HjnxqZZbhZ0pd3tM0FUHNuyAPOr0KZNXFVlg7XcWOGdxig7885irWx4Vi53%2FGSVStMSJYDqhHjZCpo7mJIs%2FypVNzrvs6fx%2Fto5WsHuP8JH4C2%2FakYfPr0"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 26 Nov 2024 15:37:36 GMT
content-type: image/jpeg
last-modified: Tue, 29 Oct 2019 18:46:34 GMT
vary: Accept-Encoding
ki-origin: g1p
ki-cf-cache-status: HIT
ki-cache-tag: c357dd08-0c2f-436d-a140-ea412532f759,f6416b9ac70ba38f347614196c6895974a5e5f9444fb0ea3e7a2388521605e3b
cache-control: public, max-age=31536000, s-maxage=2592000
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-edge-location-klb: 1
cf-ray: 8e8af5f24eb88c4e-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30827
ki-cache-type: CDN
ki-edge: v=20.2.8;mv=3.1.6
server: cloudflare

GET
H2 200 /
us-central1-venturetechsolutions.cloudfunctions.net/vt-pixel/ 16 B
16 B 132ms
121ms Image
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-central1-venturetechsolutions.cloudfunctions.net/vt-pixel/?dl=https://newleafdebt.ca/&cid=1296640118.1732635457&ip_address=157.254.49.6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
date: Tue, 26 Nov 2024 15:37:40 GMT
content-type: text/html; charset=utf-8
x-cloud-trace-context: 312a1ac7c917f65005dfbaeb2e04e3b1
server: Google Frontend

POST
H2 204 fingerprints Show response
api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/ 0
159 B 61ms
61ms XHR
text/plain 34.226.171.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/fingerprints
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.171.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-171-123.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://newleafdebt.ca/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Tue, 26 Nov 2024 15:37:41 GMT
server: Cowboy
access-control-allow-credentials: true

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 129ms
127ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KZ178G7CMT&gtm=45je4bk0v9122451387z8813066183za200zb813066183&_p=1732635456339&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1296640118.1732635457&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=2&sid=1732635457&sct=1&seg=0&dl=https%3A%2F%2Fnewleafdebt.ca%2F&dt=Get%20Out%20of%20Debt%20and%20Revitalize%20Your%20Finances%20%E2%80%93%20New%20Leaf%20Debt%20Solutions&en=disclosure_displayed&ep.ClientID=&ep.Timestamp=7%3A37%3A36&_et=9&tfd=6987
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KZ178G7CMT&l=dataLayer&cx=c&gtm=45He4bk0v813066183za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://newleafdebt.ca/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://newleafdebt.ca
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 26 Nov 2024 15:37:42 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 events Show response
api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/ 0
159 B 122ms
120ms XHR
text/plain 34.226.171.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/events
Requested by: Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.9.30.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.226.171.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-226-171-123.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://newleafdebt.ca/

Response headers

access-control-expose-headers
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
date: Tue, 26 Nov 2024 15:37:42 GMT
server: Cowboy
access-control-allow-credentials: true

POST events
api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: newleafdebt.ca
URL: blob:https://newleafdebt.ca/3b403a52-a465-415f-a0d3-db66bd0fb0be

Domain: truncated
URL: data:truncated

Domain: api.trustedform.com
URL: https://api.trustedform.com/certs/7aa36a1d321e50882fa0b7c7f169fc793f262d85/events

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newleafdebt.ca/	1970-01-21 10:53:15	Name: initialTrafficSource Value: utmcsr=(direct)\|utmcmd=(none)\|utmccn=(not set)
.newleafdebt.ca/	1969-12-31 23:59:59	Name: __utmzzses Value: 1
.newleafdebt.ca/	1970-01-21 10:53:15	Name: _ga Value: GA1.1.1296640118.1732635457
.newleafdebt.ca/	1970-01-21 10:53:15	Name: _ga_KZ178G7CMT Value: GS1.1.1732635457.1.0.1732635457.0.0.0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: O-m2dFdiCxo
.youtube.com/	1970-01-21 05:36:27	Name: VISITOR_INFO1_LIVE Value: fzyLoMY9dwY
.youtube.com/	1970-01-21 05:36:27	Name: VISITOR_PRIVACY_METADATA Value: CgJDQRIEGgAgNQ%3D%3D
newleafdebt.ca/	1970-01-21 01:18:41	Name: trustedsite_visit Value: 1
newleafdebt.ca/	1970-01-21 01:17:15	Name: trustedsite_tm_float_seen Value: 1
.resources.venturetechsolutions.com/	1970-01-21 10:02:51	Name: vtuid Value: 31496f274173d62c4c1b3a00cf0f0febde7acc1cf79ea0a8f8e8959ea205e09d
.resources.venturetechsolutions.com/	1970-01-21 02:00:27	Name: initialTrafficSource Value: utmcsr
.resources.venturetechsolutions.com/	1970-01-21 02:00:27	Name: __utmzzses Value: 1
.resources.venturetechsolutions.com/	1970-01-21 02:00:27	Name: _ga Value: GA1.1.1296640118.1732635457
.resources.venturetechsolutions.com/	1970-01-21 02:00:27	Name: _ga_KZ178G7CMT Value: GS1.1.1732635457.1.0.1732635457.0.0.0
.resources.venturetechsolutions.com/	1969-12-31 23:59:59	Name: vtsid Value: 6e72835a15ea00e4bf52353482d5698d
newleafdebt.ca/	1970-01-21 01:17:15	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1732635458086%7D
.newleafdebt.ca/	1970-01-21 10:53:15	Name: _ga_C6QMQEC9BB Value: GS1.1.1732635458.1.0.1732635458.60.0.0
.quantserve.com/	1970-01-21 10:47:29	Name: mc Value: 6745eb42-513c3-66d78-2cba6
www.trustedsite.com/	1970-01-21 01:27:20	Name: AWSALBCORS Value: wZ51FSneWgXa479Eiu2rCcLby+v/cbphN05hxSsWwgkS1rYG8huhxUS8JJZhKfDILVoSVDy6wLQ0Kkjsx/LMIf2yi/zFhn4Je2LAUVtRnXDdjnfxCf8l8ozKMNcq
.newleafdebt.ca/	1970-01-21 10:41:44	Name: __qca Value: P0-351536829-1732635458267
.marketingapi.vtgr.net/	1970-01-21 01:17:19	Name: TiPMix Value: 85.32208817587053
.marketingapi.vtgr.net/	1970-01-21 01:17:19	Name: x-ms-routing-name Value: self
home-c33.nice-incontact.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vpxfqvypw4sccn3n03zukn1g
home-c33.nice-incontact.com/	1970-01-21 01:27:20	Name: AWSALBCORS Value: ykXmESCSMbnTkvLUSGOEd0h2VgWh6LGrAQTvq7P8iAjarsQeN55bHaapW/AnXBKnEkw3iJm0wi3GiwUQU8R88RPPD/Jz05TYdJWZ6Qc7ipI2/jcR/wJnWxxY60Sv

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
api.trustedform.com
cdn.consolidatedcredit.org
cdn.trustedform.com
cdn.ywxi.net
fonts.googleapis.com
fonts.gstatic.com
home-c33.nice-incontact.com
instant.page
marketingapi.vtgr.net
newleafdebt.ca
p.typekit.net
pixel-ssn.quantserve.com
pixel.quantserve.com
pro.fontawesome.com
region1.analytics.google.com
region1.google-analytics.com
resources.venturetechsolutions.com
rules.quantcount.com
s3-us-west-2.amazonaws.com
secure.quantserve.com
stats.g.doubleclick.net
tr.outbrain.com
truncated
us-central1-venturetechsolutions.cloudfunctions.net
use.typekit.net
wave.outbrain.com
www.google.com.mt
www.googletagmanager.com
www.newleafdebt.ca
www.trustedsite.com
www.youtube.com
api.trustedform.com
newleafdebt.ca
truncated
13.92.193.110
172.66.42.219
172.67.185.13
192.184.68.228
2001:4860:4802:32::36
2001:4860:4802:36::36
23.51.57.192
2600:141b:1c00:8::1728:b323
2600:141b:1c00:8::1728:b330
2600:9000:21b8:d000:14:6bfc:5740:93a1
2600:9000:21dd:1600:1c:7f1a:6680:93a1
2600:9000:21dd:b600:6:44e3:f8c0:93a1
2606:4700:4400::ac40:93bc
2606:4700:7::a29f:872a
2606:4700::6813:e663
2607:f8b0:4004:c09::9d
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:81f::200e
2607:f8b0:4006:821::2008
2607:f8b0:4006:822::200a
2620:116:800b:21:a021:b886:81cc:55cf
34.226.171.123
35.85.234.128
52.218.180.128
52.43.156.40
70.42.32.31
02bea5851d809a8d887ece96e7ec254f829ea3d587a3059390dc94bccca3b59d
0cec60baf5e0b1650b6f41c8c96c1fc7c067fcca9fe608490ebc141b9768faf2
113ca090954559427987ade1785646d258397089e048e068793630d9e97a4398
1340eea1ca0e715c03572d7b2d9165831c76171a82641682654f2231bf1c1dac
1a0989896f2933670321396aa9d0581db5ec8bdf3327691ca35f9c4bfa98c8fd
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22b1794d0ab736d90441eea1f310aeab916aff5bda54f70b8717c51cbadeaf38
251c4cae4784d7e1f33c5c9206b54da4a189620ed54cb7cac80179f5ffe79b7f
2604fcad94e863c667ef4d5c21c5657c3404ee486d6ce41e46e03dc4603099e3
2ffaa01d9f0d9640a060a6d970a841678bcd27b8c33e4bdc1d428a458ca90121
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
411c77a67b2d2bd289030ff885880df93f2e81e23e8d352058b9c8512b7b675b
41dd584cd78ebaf53cce58c95d85bd5ae5cc1e8407adb2dca3774f04ec6e6426
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448f45a0ba44410ee2f4a475d56719fd1531dcd274876d8e3ef96b4cf01125e1
492b95abbcff8a283406537a2fe137bb485d03a4d950a04e4b344b2f8b896e65
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
567c0764ccf8f616ec1d47ea71ab91567d6c6b60aef1cdf7e5a0d5d3be21fd2a
64d2df892afc6d9d2da1e1acbce0538e5adc053fb707a47be4e2e064948f17f5
6c1c34f023a0e81ab7f1a422caf7e2ac7b8186ef75fbb60ef2c223b0ab2e77fe
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
74e617923cae53c9ea93b192ab7f817ddfdcf6418bb946dcd4c2b2b616549794
7c9e83831719efbebc4823ef4e5b6d547004c7c9bb986727912d106e419df4bb
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
88876fcd5eb71de865d889ea63df11b023ef1d1365124305c2708f61cbb04339
9c1ea67c36d8b7c7531a6bbc78879cdfb4d3bfe22ee52a4e48c82c78f2d30a78
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28483dbcf8679519c38f69cca186c3a0c534408105051e6bee64a329321721d
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a7ebf4f5d3fb32da91266370ae0a11858c6141d05e41b1fc889aad087ce92175
abfdc8dbff36f2cca62a1868a7244b131e8b392c9731b2a7a50c73e27c782f10
b03898672d84cf2362e40d6459d9ade748ecd338ffbeeee256e07630bd07e48c
b4855cc8ec721cbaf27f3c907345e101b1524858221c14faa79df34cb2f84991
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b6f2042d83b92dbe5b4b67185bcc62924130eb6e9f358a3a2b70b23764b355bf
b74febbae5701192e8db637177f2401987dd4201a6daf7f175e7648674e0bc85
b8b1fd24b0153125bf0ec683c1ebbabb488ee552e51907ba8e43d0a24b85a5e7
bb2e430a4e34f07273d6ad3043518f65ad4615537eb55f37304032a8a46878af
c7a3c58cb79d9607ced999f2ee276c9c774514d356b8352a3f21ff7bc6c10ebe
cd18b73288518a29f66e95a5b4972b41a56d9246cbf60c405e04a52662ed4db5
ce5a4735eaf378fa8a8d403ad72ea0127b5cb032bae9822beae1ebe984090d34
dd75e59bea105bb29583d50d510aef25b2c6ed8f4ea6d6affd51dd1571bed4d5
e12501392d2b881e9ac9090eea874e34df97651c745159d015a9130d4184447c
e344bd80315fbf5b64e7f6cd18323c490f44fd721205cb0706602daf221ce264
e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53f95eebfae670eda32de877cae22d3175cea515b65dcae2bb5182c62b855db
e705082b8a630b4d0190bb13e20f4d127f75ad88c271c749ff0c4e10c6acacf9
eb18b68200c2f25a8646611b88ed3430af0b002067ddd4e18f8e6bef36c0f8fe
ee41bc0e3059351bcca7313fe1d7f9053a164ba2f2e1df3df39260217298a03b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f43c3efc0e4cd7ad886134a73546a826f85848d9a15ab89c47a9dc40a0bbac85
f727e15928360fbca4ee18cfeb816b6848d32dd56d708b24a6f831f0106bd1b9
fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5

newleafdebt.ca Open in urlscan Pro 2606:4700:7::a29f:872a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

93 %HTTPS

64 %IPv6

25 Domains

33 Subdomains

29 IPs

1 Countries

1568 kBTransfer

3831 kBSize

24 Cookies

3 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

newleafdebt.ca Open in urlscan Pro
2606:4700:7::a29f:872a Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

93 %
HTTPS

64 %
IPv6

25
Domains

33
Subdomains

29
IPs

1
Countries

1568 kB
Transfer

3831 kB
Size

24
Cookies

73 HTTP transactions
1 data transactions