go.leoforce.com Open in urlscan Pro
34.237.219.119  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062 HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D20223%26time%3D1700591027718%26url%3Dhttps%253A%252F%252Fgo.leoforce.com%252FlistUnsubscribeHeader%252Fu%252F309041%252Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%252F473520062%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&cookiesTest=true&liSync=true

Request Chain 57

• https://d.adroll.com/cm/b/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&advertisable=DKJ4NBGEVJGNHA6CH7W344 HTTP 302
• https://x.bidswitch.net/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc

Request Chain 58

• https://d.adroll.com/cm/g/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&advertisable=DKJ4NBGEVJGNHA6CH7W344 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=ZOvjEZ5vm49srO_bssT2Rw HTTP 302
• https://d.adroll.com/cm/g/in

Request Chain 59

• https://d.adroll.com/cm/o/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&advertisable=DKJ4NBGEVJGNHA6CH7W344 HTTP 302
• https://us-u.openx.net/w/1.0/sd?id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent= HTTP 302
• https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent=

Request Chain 60

• https://d.adroll.com/cm/r/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&advertisable=DKJ4NBGEVJGNHA6CH7W344 HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
• https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 61

• https://d.adroll.com/cm/x/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&advertisable=DKJ4NBGEVJGNHA6CH7W344 HTTP 302
• https://ib.adnxs.com/setuid?entity=172&code=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request 473520062 Show response go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/	39 KB 9 KB	203ms 126ms	Document text/html	34.237.219.119 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.237.219.119 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-237-219-119.compute-1.amazonaws.com Software PardotServer / Resource Hash 7ae99fdcfae1aa6c45eda3bb0c62dbf71a74c85439f14893ddbb55eaa67f51aa Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection keep-alive Content-Length 8413 Content-Type text/html; charset=utf-8 Date Tue, 21 Nov 2023 18:23:46 GMT Server PardotServer X-Pardot-Route e8229a0ff18ebffc83a98010d2521dd5 cache-control no-store, no-cache, must-revalidate content-encoding gzip expires Thu, 19 Nov 1981 08:52:00 GMT p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml" pragma no-cache referrer-policy no-referrer vary Accept-Encoding,User-Agent x-pardot-rsp 0/0/1 x-robots-tag nofollow, noindex
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/	157 KB 25 KB	75ms 35ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 940 age 2535 cdn-cachedat 10/31/2023 19:21:59 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"816af0eddd3b4822c2756227c7e7b7ee" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid 9f32d32c16f2adee46e60f953905b11f timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 829af73eee1ca21c-YYZ cdn-requestpullsuccess True
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	73ms 33ms	Stylesheet text/css	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 871 age 86737 cdn-cachedat 10/31/2023 18:51:50 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid ee81630cd0894b90d3addd70a0bfa63e timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 829af73eee1ea21c-YYZ cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	15 KB 1 KB	120ms 46ms	Stylesheet text/css	172.253.63.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C300%2C100%2C500%2C900&subset=latin Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f95.1e100.net Software ESF / Resource Hash 4fff0c5a674de76ac31fca312fd0b7500b99d04f229c64d5967a374b6933cd6d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 21 Nov 2023 18:23:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 21 Nov 2023 18:23:47 GMT
GET H/1.1	200 OK	form.css go.goarya.com/css/	31 KB 8 KB	118ms 40ms	Stylesheet text/css	18.208.125.13 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://go.goarya.com/css/form.css?ver=20121030 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.208.125.13 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-208-125-13.compute-1.amazonaws.com Software PardotServer / Resource Hash 6dbd1967a8963d2eead020be31031ed12df79148acfea8cb787fa1358d5b4559 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip X-Pardot-Route e8229a0ff18ebffc83a98010d2521dd5 last-modified Mon, 20 Nov 2023 05:25:27 GMT Server PardotServer etag "7be2-gzip" vary Accept-Encoding,User-Agent Content-Type text/css cache-control max-age=63072000 Connection keep-alive accept-ranges bytes Content-Length 7660 expires Thu, 20 Nov 2025 18:23:47 GMT
GET H2	200	arya-logo-leoforce-1.png goarya.com/wp-content/uploads/2016/11/	4 KB 5 KB	288ms 82ms	Image image/png	35.203.180.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://goarya.com/wp-content/uploads/2016/11/arya-logo-leoforce-1.png Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.203.180.218 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.180.203.35.bc.googleusercontent.com Software nginx / Resource Hash a9523d900ef1d0bc1f5a8174110e66ef97e3388867da27eadabb6a093c20e0a8 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT last-modified Fri, 03 Jun 2022 09:16:48 GMT server nginx etag "6299d180-114a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 4426
GET H2	200	jquery-3.5.1.slim.min.js Show response code.jquery.com/	71 KB 24 KB	52ms 16ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.slim.min.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Request headers Referer Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 5790423 x-cache HIT, HIT content-length 24606 x-served-by cache-lga21954-LGA, cache-yyz4583-YYZ last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1700591027.020224,VS0,VE0 etag W/"28feccc0-11abc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 94, 18305
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/	59 KB 15 KB	35ms 35ms	Script application/javascript	104.18.11.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/js/bootstrap.min.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 871 age 2534 cdn-cachedat 10/31/2023 18:51:50 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:11 GMT cdn-proxyver 1.04 cdn-requestpullcode 200 server cloudflare etag W/"02d223393e00c273efdcb1ade8f4f8b1" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid f5be752069b5075c6387faea850a6bea timing-allow-origin * cdn-requestcountrycode US cdn-status 200 cf-ray 829af73f1e6da21c-YYZ cdn-requestpullsuccess True
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/	85 KB 27 KB	63ms 25ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1161815 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27277 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-15283" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoU8puaRmeBVMJNIhTSWWMSrxTQht6D5XzdWKqnNxqrIzjU%2BNwCRKxKK7RHDCvP2%2Br%2BBHKn7pTX6hxJ5cD7SUEvpbdNhm6oPwGmR7gw3R7b1Bi%2FBIreMCUg6KJUNQzVVSdJhOqJC"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 829af73f9de539ef-YYZ expires Sun, 10 Nov 2024 18:23:47 GMT
GET H2	200	hotjar-489575.js Show response static.hotjar.com/c/	17 KB 5 KB	192ms 141ms	Script application/javascript	3.162.3.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-489575.js?sv=5 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-6.yul62.r.cloudfront.net Software / Resource Hash 393c5bb09d55751ebafb4d6d620764f7adc56a7352b4916368aa49c1073f489b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 21 Nov 2023 18:23:47 GMT via 1.1 60d690eb8aefecb50f44bbe348e3804a.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 etag W/4fd4045ef0cc051b4112a1118246cf6e vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id Vi7YHYRIRleASPaXgKtTdWcJbmrhd894k-8DFyjeh1nxfINRoyM2ww==
GET H2	200	gtm.js Show response www.googletagmanager.com/	389 KB 112 KB	151ms 80ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 611fda51ef260afe8ddb169c67803ffd7ed5e218245e3bf5ae7ed11b51b5064a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 113836 x-xss-protection 0 last-modified Tue, 21 Nov 2023 18:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 21 Nov 2023 18:23:47 GMT
GET H2	200	landing_page_bg_1.png goarya.com/wp-content/uploads/2020/11/	161 KB 161 KB	209ms 140ms	Image image/png	35.203.180.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://goarya.com/wp-content/uploads/2020/11/landing_page_bg_1.png Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.203.180.218 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.180.203.35.bc.googleusercontent.com Software nginx / Resource Hash 2e1a7f4913dc59d5c512c2c32388abb6812b29c325ce317a42d2b722d0cab420 Request headers accept-language en-CA,en;q=0.9 Referer https://go.leoforce.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT last-modified Fri, 03 Jun 2022 09:16:45 GMT server nginx etag "6299d17d-28343" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 164675
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	133ms 59ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C300%2C100%2C500%2C900&subset=latin Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 02:42:04 GMT x-content-type-options nosniff age 488503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 15 Nov 2024 02:42:04 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	126ms 52ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C300%2C100%2C500%2C900&subset=latin Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 02:52:05 GMT x-content-type-options nosniff age 487902 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 15 Nov 2024 02:52:05 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	110ms 36ms	Font font/woff2	172.253.122.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700%2C400italic%2C300%2C100%2C500%2C900&subset=latin Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.122.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS bh-in-f94.1e100.net Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://go.leoforce.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 02:58:28 GMT x-content-type-options nosniff age 487519 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 15 Nov 2024 02:58:28 GMT
GET H2	200	Arya_logo_green.png goarya.com/wp-content/uploads/2020/05/	4 KB 4 KB	140ms 81ms	Image image/png	35.203.180.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://goarya.com/wp-content/uploads/2020/05/Arya_logo_green.png Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 35.203.180.218 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.180.203.35.bc.googleusercontent.com Software nginx / Resource Hash 28470d29dc061ef2b497b0d76189850bf0f867e7a8c5117d6a24776640836fe6 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT last-modified Fri, 03 Jun 2022 09:16:45 GMT server nginx etag "6299d17d-ff3" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 4083
GET H2	200	modules.78e2d84033035343416f.js Show response script.hotjar.com/	225 KB 56 KB	126ms 47ms	Script application/javascript	18.164.96.87 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.78e2d84033035343416f.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-489575.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.164.96.87 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-164-96-87.jfk50.r.cloudfront.net Software / Resource Hash d41871d2894dc875d0dad73822efe7d3d43c459d53dde0e0d2006cd5c7427e75 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Thu, 16 Nov 2023 13:20:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P5 age 450221 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 57067 last-modified Thu, 16 Nov 2023 13:19:14 GMT etag "7b69405e970c278e52f057627811a838" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id WPBNmn1LuBrcqpzN06zm_Zlt6mR6UNAnjRMz5r2o8EFtnY_UJmdsXA==
GET H2	200	uc.js Show response consent.cookiebot.com/	107 KB 33 KB	106ms 35ms	Script application/javascript	23.48.104.102 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/uc.js?cbid=5ffa2e75-7251-4e65-a7e8-8cfeb7141138&consentmode=disabled Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.104.102 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-104-102.deploy.static.akamaitechnologies.com Software / Resource Hash 865ab4a87f33a53ccca83280b1579c59c37e0913aa51a5ae543dd193e38fc55d Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip last-modified Tue, 14 Nov 2023 12:47:42 GMT etag "1e932c2f816da1:0" vary Accept-Encoding content-type application/javascript access-control-expose-headers Request-Context cache-control public, max-age=514 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 33511 expires Tue, 21 Nov 2023 18:32:21 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	297 KB 95 KB	55ms 54ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-YYPKZ23KHK&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 2e6992e7ebf43a32135e76c4498098c4115c4856d57dce685c0b628cd4f2ac61 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 97541 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Nov 2023 18:23:47 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	279 KB 91 KB	64ms 64ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-ZHH02V0B8N&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash e531ede4568f6215376c41a6c6b1aa1dedc3890763af3e0920f0e4f445f1d3ab Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93322 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Nov 2023 18:23:47 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	115ms 37ms	Script text/javascript	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Tue, 21 Nov 2023 16:56:41 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 5226 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Tue, 21 Nov 2023 18:56:41 GMT
GET H2	200	hotjar-489575.js Show response static.hotjar.com/c/	17 KB 5 KB	27ms 27ms	Script application/javascript	3.162.3.6 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-489575.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.6 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-6.yul62.r.cloudfront.net Software / Resource Hash 393c5bb09d55751ebafb4d6d620764f7adc56a7352b4916368aa49c1073f489b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Tue, 21 Nov 2023 18:23:47 GMT via 1.1 60d690eb8aefecb50f44bbe348e3804a.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 etag W/4fd4045ef0cc051b4112a1118246cf6e vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id CRPgoCvpeGDuCcN2jrRNC8T6OEnfc38Ft5YMmhvmd9WqTvKRszS2cQ==
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/967549321/	3 KB 2 KB	124ms 51ms	Script text/javascript	142.251.179.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/967549321/?random=1700591027347&cv=11&fst=1700591027347&bg=ffffff&guid=ON&async=1&gtm=45He3b81v867205728&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&hn=www.googleadservices.com&frm=0&auid=389085239.1700591027&uamb=0&uaw=0&rfmt=3&fmt=4 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.179.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS pd-in-f157.1e100.net Software cafe / Resource Hash 5156e25071bbefae0b71d1fefbe0d6766ced61ff525f83c3b0fbef8d2924ea62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1322 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bat.js Show response bat.bing.com/	45 KB 13 KB	117ms 46ms	Script application/javascript	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip date Tue, 21 Nov 2023 18:23:47 GMT last-modified Fri, 10 Nov 2023 20:09:55 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 3A49B4CDDAB34380A4D40A747E56D4B1 Ref B: YTO01EDGE0822 Ref C: 2023-11-21T18:23:47Z etag "80abcdf1114da1:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript cache-control private,max-age=1800 accept-ranges bytes content-length 13175
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	194ms 65ms	Script application/x-javascript	157.240.244.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-mty2.fbcdn.net Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 21 Nov 2023 18:23:47 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug +SbJGvW0KzmefjPpgB3nuV89qfB8/icic9j04TcNTU4Nrq0rFNLDoYKqRBBwY188TRr6a049bw/kW+URTbeowg== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	12 KB 4 KB	119ms 33ms	Script application/javascript	23.218.218.181 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TGWKF8 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-218-218-181.deploy.static.akamaitechnologies.com Software / Resource Hash f88f89a0cead9c36ddbe19508f32f64bd91e94e92b6006dd575e8d0deb317d7f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 15 Nov 2023 09:07:27 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=79246 accept-ranges bytes content-length 3840
GET H2	200	events.js Show response tags.srv.stackadapt.com/	18 KB 7 KB	119ms 37ms	Script text/javascript	34.233.9.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/events.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.9.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-9-149.compute-1.amazonaws.com Software / Resource Hash eaa294f0081e19a86f2d7d878e07bf20a4824fb523f0b9c9da126d768826c882 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Nov 2023 18:23:47 GMT cache-control max-age=5 content-encoding gzip content-type text/javascript
GET H2	200	E-v1.js Show response fast.wistia.net/assets/external/	744 KB 127 KB	56ms 17ms	Script text/javascript	151.101.130.132 FASTLY
General Check archive.org Show headers Download Go to Full URL https://fast.wistia.net/assets/external/E-v1.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.130.132 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash c0bf295061ff403f82719669e2dbaf95c266847a25890683e5e2b737ac0924d3 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br via 1.1 varnish, 1.1 varnish strict-transport-security max-age=0 age 2571 x-amz-server-side-encryption AES256 x-cache HIT, HIT content-length 129123 x-served-by cache-iad-kcgs7200098-IAD, cache-yyz4539-YYZ x-browser-version 119 last-modified Mon, 20 Nov 2023 17:41:53 GMT server AmazonS3 x-timer S1700591027.402227,VS0,VE0 etag "4a51c2128e14c10881d404840e05e1dc" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600 x-browser chrome asset-version c0d5ce666e5ea5899a4b50fee43a0d384e2281e5 x-ecma-v modern accept-ranges bytes timing-allow-origin * x-cache-hits 12, 85
GET H2	200	5597.js Show response tracking.g2crowd.com/attribution_tracking/conversions/	16 B 1 KB	112ms 68ms	Script text/javascript	172.64.144.225 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://tracking.g2crowd.com/attribution_tracking/conversions/5597.js?p=https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062&e= Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.144.225 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dae93a05edd9dcfc1864b87178a31e0bfa93e1a9b1c486c6e9cbf73cae87862 Security Headers Name Value Content-Security-Policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com Strict-Transport-Security max-age=604800 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT strict-transport-security max-age=604800 x-content-type-options nosniff cf-cache-status DYNAMIC content-encoding br x-permitted-cross-domain-policies none content-security-policy default-src 'self' *.g2crowd.com *.g2.com; connect-src 'self' *.g2crowd.com *.g2.com; font-src 'self' *.g2crowd.com *.g2.com; form-action 'self' *.g2crowd.com *.g2.com; frame-src 'self' *.g2crowd.com *.g2.com; img-src 'self' *.g2crowd.com *.g2.com; manifest-src 'self' *.g2crowd.com *.g2.com; media-src 'self' *.g2crowd.com *.g2.com; object-src 'self' *.g2crowd.com *.g2.com; script-src 'self' *.g2crowd.com *.g2.com; style-src 'self' *.g2crowd.com *.g2.com; worker-src 'self' *.g2crowd.com *.g2.com x-xss-protection 1; mode=block x-request-id a9eb7ad9-8110-47ad-9ca6-5cee53bd72e4 x-runtime 0.003219 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"3dae93a05edd9dcfc1864b87178a31e0" x-download-options noopen x-frame-options SAMEORIGIN vary Origin content-type text/javascript; charset=utf-8 cache-control max-age=600, public cf-ray 829af7414df2398a-YYZ
GET H/1.1	200 OK	roundtrip.js Show response s.adroll.com/j/DKJ4NBGEVJGNHA6CH7W344/	85 KB 26 KB	99ms 31ms	Script text/javascript	3.162.3.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.adroll.com/j/DKJ4NBGEVJGNHA6CH7W344/roundtrip.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.162.3.54 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-54.yul62.r.cloudfront.net Software AmazonS3 / Resource Hash 3f8be8d9d04943ac62c740edc720fa0a3bd41c8553180980170b0962a937c281 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers X-Amz-Version-Id V_Q54jQPqU6hqjWWkH6htvZ.aMg6tlKd Content-Encoding gzip Via 1.1 73b649084fd37ee574892f300f5199ec.cloudfront.net (CloudFront) Date Tue, 21 Nov 2023 17:41:17 GMT Age 2551 X-Amz-Cf-Pop YUL62-P2 X-Amz-Server-Side-Encryption AES256 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Fri, 17 Nov 2023 12:09:08 GMT Server AmazonS3 Etag W/"6c58581449b595eb442957da1af27265" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type text/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=3600, must-revalidate Access-Control-Allow-Credentials false Access-Control-Max-Age 600 Access-Control-Allow-Headers * X-Amz-Cf-Id m-itiIS2FB2j-GHfiUOk8SIo3OUU4ycRIKI5sv6nLe34Wuz565ufSA==
GET H2	200	63c711de399c64fee7e86000 Show response ws.zoominfo.com/pixel/	0 657 B	124ms 86ms	Script text/javascript	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63c711de399c64fee7e86000 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT via 1.1 google x-content-type-options nosniff cf-cache-status DYNAMIC server cloudflare x-powered-by Express content-type text/javascript access-control-allow-origin * access-control-allow-credentials true cf-ray 829af741ead3a1e1-YYZ access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url content-length 0 alt-svc h3=":443"; ma=86400
POST H2	204	collect analytics.google.com/g/	0 253 B	120ms 44ms	Ping text/plain	172.253.115.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-YYPKZ23KHK&gtm=45je3b81v892279435z8867205728&_p=1700591027098&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1192132681.1700591027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700591027&sct=1&seg=0&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=703 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YYPKZ23KHK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 253 B	118ms 43ms	Ping text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YYPKZ23KHK&cid=1192132681.1700591027&gtm=45je3b81v892279435z8867205728&aip=1&dma=0&gcd=11l1l1l1l1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YYPKZ23KHK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	125ms 53ms	Image image/gif	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YYPKZ23KHK&cid=1192132681.1700591027&gtm=45je3b81v892279435z8867205728&aip=1&dma=0&gcd=11l1l1l1l1&z=776891937 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 170 B	45ms 44ms	Ping text/plain	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-ZHH02V0B8N&gtm=45je3b81v9168196747z8867205728&_p=1700591027098&gcd=11l1l1l1l1&dma=0&cid=1192132681.1700591027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1700591027&sct=1&seg=0&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&dt=&en=page_view&_fv=1&_ss=1&tfd=747 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-ZHH02V0B8N&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bc-v4.min.html Show response consentcdn.cookiebot.com/sdk/ Frame B187	627 B 811 B	92ms 29ms	Document text/html	23.73.225.222 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://consentcdn.cookiebot.com/sdk/bc-v4.min.html Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=5ffa2e75-7251-4e65-a7e8-8cfeb7141138&consentmode=disabled Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.73.225.222 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-225-222.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 738e5435f2d18427d291a0d6289eee0ebbc87b596d6003919f255760ac293104 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=29509151 content-encoding gzip content-length 392 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 21 Nov 2023 18:23:47 GMT etag "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163" expires Mon, 28 Oct 2024 07:22:58 GMT last-modified Mon, 04 Apr 2022 07:23:49 GMT server AkamaiNetStorage server-timing cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1700591027702_389060540_265186708_26_735_11_29_255";dur=1 vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mRUM,1
GET H2	200	cc.js Show response consent.cookiebot.com/5ffa2e75-7251-4e65-a7e8-8cfeb7141138/	239 KB 56 KB	408ms 408ms	Script application/x-javascript	23.48.104.102 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://consent.cookiebot.com/5ffa2e75-7251-4e65-a7e8-8cfeb7141138/cc.js?renew=false&referer=go.leoforce.com&dnt=false&init=false Requested by Host: consent.cookiebot.com URL: https://consent.cookiebot.com/uc.js?cbid=5ffa2e75-7251-4e65-a7e8-8cfeb7141138&consentmode=disabled Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.48.104.102 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-104-102.deploy.static.akamaitechnologies.com Software / Resource Hash 0e7e7673ba7101b730e7d98f0fbdec810f9de204a6a6287496842343061b7b1f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:48 GMT content-encoding gzip last-modified Tue, 21 Nov 2023 18:23:47 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-expose-headers Request-Context cache-control private, max-age=1200 cross-origin-resource-policy cross-origin content-length 57451 request-context appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
POST H3	200	collect Show response www.google-analytics.com/j/	16 B 36 B	43ms 42ms	XHR text/plain	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1400246586&t=pageview&_s=1&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1188704635&gjid=422783257&cid=1192132681.1700591027&tid=UA-203156803-4&_gid=652326505.1700591028&_r=1&_slc=1&gtm=45He3b81n815TGWKF8v867205728&gcd=11l1l1l1l1&dma=0&z=934549292 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash 7eb5b29cc2c64b0eeba75e92d162d812e965dd02d71b57f0d3b3f05aa86bce2e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	insight.beta.min.js Show response snap.licdn.com/li.lms-analytics/	42 KB 16 KB	35ms 35ms	Script application/javascript	23.218.218.181 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.beta.min.js Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.218.218.181 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-218-218-181.deploy.static.akamaitechnologies.com Software / Resource Hash c728d4bac37958ea7ad2171883e2d113dc27e0b24da3c10ed8fba10c1869c8cc Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 21 Nov 2023 13:49:56 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=69951 accept-ranges bytes content-length 15708
GET H2	200	/ www.google.com/pagead/1p-user-list/967549321/	42 B 455 B	122ms 48ms	Image image/gif	172.253.63.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/967549321/?random=1700591027347&cv=11&fst=1700589600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v867205728&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNwJ0C9OvbXo-pnkK9hIV3VM-C8-CP6w&random=3800256202&rmt_tld=0&ipr=y Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f104.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.ca/pagead/1p-user-list/967549321/	42 B 154 B	49ms 48ms	Image image/gif	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/pagead/1p-user-list/967549321/?random=1700591027347&cv=11&fst=1700589600000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v867205728&u_w=1600&u_h=1200&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&frm=0&fmt=3&is_vtc=1&cid=CAQSGwDICaaNwJ0C9OvbXo-pnkK9hIV3VM-C8-CP6w&random=3800256202&rmt_tld=1&ipr=y Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sa.css tags.srv.stackadapt.com/	65 B 203 B	35ms 35ms	Stylesheet text/css	34.233.9.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.css Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.9.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-9-149.compute-1.amazonaws.com Software / Resource Hash f8a6a3ef31b39a74da860873620ead5becba7ad596a1712a711790bd8053f9ed Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Nov 2023 18:23:47 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 65 content-type text/css
GET H2	200	sa.jpeg Show response tags.srv.stackadapt.com/	0 2 KB	107ms 35ms	Fetch image/jpeg	34.233.9.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/sa.jpeg Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.9.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-9-149.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin * date Tue, 21 Nov 2023 18:23:47 GMT cache-control only-if-cached, no-transform, private, max-age=7776000 content-length 651 content-type image/jpeg
GET H2	204	31000025.js Show response bat.bing.com/p/action/	0 118 B	50ms 50ms	Script text/plain	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/31000025.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 date Tue, 21 Nov 2023 18:23:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: BFB8D80C27C844B6BD4B43D566C5F870 Ref B: YTO01EDGE0822 Ref C: 2023-11-21T18:23:47Z x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 361 B	60ms 60ms	Image text/plain	13.107.21.200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=31000025&tm=gtm002&Ver=2&mid=af37535d-33f0-4ca9-828f-112ffcc4aad7&sid=1ca310a0889b11ee859491150c68be2c&vid=1ca340f0889b11eeb904ad10297cc6e8&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&r=&lt=421&evt=pageLoad&sv=1&rn=29909 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload date Tue, 21 Nov 2023 18:23:47 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 83CD9FA4D38D442DACBD4CFEA3A5EA25 Ref B: YTO01EDGE0822 Ref C: 2023-11-21T18:23:47Z x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	929092070502154 Show response connect.facebook.net/signals/config/	133 KB 35 KB	152ms 151ms	Script application/x-javascript	157.240.244.1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/929092070502154?v=2.9.138&r=stable&domain=go.leoforce.com Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.244.1 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-mty2.fbcdn.net Software / Resource Hash fa2e7e604c97eacc6f6fe20128c9ef3f1e40133496c8a033161aaa6d485d8e6a Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 21 Nov 2023 18:23:47 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug zpHAi4XNMqvtJlmsT553BViJbfpGoheinCqA6LoDGW6KgFbl99qvoq45KVYqETYeq53e43foNRakPUCMxawruw== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 151 B	44ms 43ms	XHR text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-203156803-4&cid=1192132681.1700591027&jid=1188704635&gjid=422783257&_gid=652326505.1700591028&_u=YCDACEAABAAAACAAI~&z=1092816445 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	255 KB 85 KB	60ms 60ms	Script application/javascript	172.253.63.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0174TSR646&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f97.1e100.net Software Google Tag Manager / Resource Hash 8876b90e048486f1312d6c5aa4e9c371e124b7cdc09226818b7678b2a2b87f8f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 87178 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 21 Nov 2023 18:23:47 GMT
GET H2	200	collect px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a7442829... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a7442829... https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D20223%26time%3D1700591027718%26url%3Dhttps%253A%252F%252Fgo.leoforce.com%252Flist... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a7442829...	0 398 B	79ms 79ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&cookiesTest=true&liSync=true Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 6D64342075904A0F98923AEA2F53B0FA Ref B: YTO01EDGE0815 Ref C: 2023-11-21T18:23:48Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYKrbQjNS3tGVPHOSg/MQ== Redirect headers strict-transport-security max-age=31536000 content-security-policy default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default x-content-type-options nosniff date Tue, 21 Nov 2023 18:23:47 GMT linkedin-action 1 x-cache CONFIG_NOCACHE content-length 0 x-li-uuid AAYKrbQh2WQs87dO3uLbWg== pragma no-cache x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 6CD964E429E6499FB56D5F04A67053A3 Ref B: YTO01EDGE0815 Ref C: 2023-11-21T18:23:47Z x-frame-options sameorigin x-li-fabric prod-ltx1 location https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=20223&time=1700591027718&url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&cookiesTest=true&liSync=true cache-control no-cache, no-store x-li-proto http/2 expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/	42 B 107 B	54ms 54ms	Image image/gif	172.253.63.104 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-203156803-4&cid=1192132681.1700591027&jid=1188704635&_u=YCDACEAABAAAACAAI~&z=542670832 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.63.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f104.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	55ms 55ms	Image image/gif	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-203156803-4&cid=1192132681.1700591027&jid=1188704635&_u=YCDACEAABAAAACAAI~&z=542670832 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	DKJ4NBGEVJGNHA6CH7W344 Show response d.adroll.com/consent/check/	494 B 978 B	110ms 36ms	Script application/javascript	23.21.157.68 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/consent/check/DKJ4NBGEVJGNHA6CH7W344?pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&_s=61ef92f639b937d629718e7f5fb7225a&_b=2 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/DKJ4NBGEVJGNHA6CH7W344/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.21.157.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-157-68.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash f310793e56afbd29d95e251975d58460efc986432fe8bb874388918ead43bf9c Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers content-type application/javascript pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT cache-control no-store, no-cache, must-revalidate server nginx/1.22.1 content-length 494 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
GET H2	200	saq_pxl Show response tags.srv.stackadapt.com/	94 B 286 B	36ms 35ms	XHR text/plain	34.233.9.149 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://tags.srv.stackadapt.com/saq_pxl?uid=KPbTFw1PnHvSCKo5q3O1Vg&is_js=true&landing_url=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&t=&tip=lsVMWw8Uw55-ASkQUOC_R2hHqFO-HB5xGZqJ2B5Eigw&host=https%3A%2F%2Fgo.leoforce.com&sa_conv_data_css_value=%270-abeec6fc-342a-5d70-4b8c-a0d610e353a8%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9abeec6fc342a5d704b8ca0d610e353a82513d40e&sa-user-id-v3=s%253AAQAKIN07SFbQwKH2AcLf3aMcAaZxXC1aAb55h9LnOfypEn0CEHwYBCCz6_OqBjABOgRyABfNQgQoS5rM.BwhU5q6mZcMKFAwgkdTjSBJcc8raCIXE4NcgA7NMFYk&sa-user-id-v2=s%253Aq-7G_DQqXXBLjKDWEONTqCUT1A4.tSY87sqHmLD4%252Bl%252Fgdtf3VZ2SISdYNmZIx%252FYgqLpwvp0&sa-user-id=s%253A0-abeec6fc-342a-5d70-4b8c-a0d610e353a8.xNq9c69MeGuYpgpppwcLTTJYPF%252BT3vvXni86m0yU7JM Requested by Host: tags.srv.stackadapt.com URL: https://tags.srv.stackadapt.com/events.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.233.9.149 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-233-9-149.compute-1.amazonaws.com Software / Resource Hash 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-origin https://go.leoforce.com date Tue, 21 Nov 2023 18:23:47 GMT access-control-allow-credentials true access-control-allow-headers * content-length 94 access-control-allow-methods GET content-type text/plain; charset=utf-8
POST H2	204	collect analytics.google.com/g/	0 54 B	45ms 44ms	Ping text/plain	172.253.115.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-0174TSR646&gtm=45je3b81v9135637292&_p=1700591027098&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1192132681.1700591027&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&sid=1700591027&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1126 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0174TSR646&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect stats.g.doubleclick.net/g/	0 17 B	45ms 44ms	Ping text/plain	172.253.63.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0174TSR646&cid=1192132681.1700591027&gtm=45je3b81v9135637292&aip=1&dma=0&gcd=11l1l1l1l2 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0174TSR646&cx=c&_slc=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.63.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bi-in-f155.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.ca/ads/	42 B 63 B	54ms 53ms	Image image/gif	142.251.163.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-0174TSR646&cid=1192132681.1700591027&gtm=45je3b81v9135637292&aip=1&dma=0&gcd=11l1l1l1l2&z=1993327404 Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.163.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f94.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:47 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	199ms 66ms	Image text/plain	157.240.244.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=929092070502154&ev=PageView&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&rl=&if=false&ts=1700591027906&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1700591027905.1148014137&ler=empty&it=1700591027700&coo=false&tm=1&rqm=GET Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 157.240.244.35 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-mty2.facebook.com Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 21 Nov 2023 18:23:48 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	4GGVV4SS35AUXLUATR55FG Show response d.adroll.com/segment/DKJ4NBGEVJGNHA6CH7W344/	42 B 978 B	36ms 36ms	XHR image/gif	23.21.157.68 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://d.adroll.com/segment/DKJ4NBGEVJGNHA6CH7W344/4GGVV4SS35AUXLUATR55FG?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&cookie=&adroll_s_ref=&keyw=&p0=711&adroll_external_data=&adroll_version=2.0 Requested by Host: s.adroll.com URL: https://s.adroll.com/j/DKJ4NBGEVJGNHA6CH7W344/roundtrip.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.21.157.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-157-68.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:47 GMT x-segment-display-name Visitors to Unsegmented Pages p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" x-rule-type p content-length 42 pragma no-cache x-conversion-value 0.0 server nginx/1.22.1 x-rule * x-segment-eid KJIV2Q3MRZFZBCXC2FZUEB content-type image/gif access-control-allow-origin https://go.leoforce.com access-control-expose-headers X-Conversion-Value, X-Conversion-Currency, X-Advertisable-Eid, X-Segment-Eid, X-Rule-Type, X-Pixel-Eid cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true access-control-request-methods GET x-pixel-eid 4GGVV4SS35AUXLUATR55FG x-organization-eid 5BRC4BUDJJDCHN6A5C233P access-control-allow-headers * x-advertisable-eid DKJ4NBGEVJGNHA6CH7W344 x-conversion-currency x-segment-name *
GET H/1.1	200 OK	sync x.bidswitch.net/ul_cb/ Redirect Chain https://d.adroll.com/cm/b/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce... https://x.bidswitch.net/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc	43 B 510 B	44ms 43ms	Image image/gif	35.211.178.172 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol HTTP/1.1 Server 35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 172.178.211.35.bc.googleusercontent.com Software nginx / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Date Tue, 21 Nov 2023 18:23:48 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 43 Content-Type image/gif Redirect headers Location https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc Date Tue, 21 Nov 2023 18:23:48 GMT Cache-Control no-cache, no-store, must-revalidate Server nginx Connection keep-alive Content-Length 0
GET H2	200	in d.adroll.com/cm/g/ Redirect Chain https://d.adroll.com/cm/g/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce... https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=ZOvjEZ5vm49srO_bssT2Rw https://d.adroll.com/cm/g/in	42 B 550 B	36ms 36ms	Image image/gif	23.21.157.68 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://d.adroll.com/cm/g/in Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Server 23.21.157.68 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-21-157-68.compute-1.amazonaws.com Software nginx/1.22.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:48 GMT server nginx/1.22.1 p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" content-type image/gif cache-control no-store, no-cache, must-revalidate content-length 42 x-result g.-1.-1.-1 Redirect headers pragma no-cache date Tue, 21 Nov 2023 18:23:48 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://d.adroll.com/cm/g/in p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 225 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sd us-u.openx.net/w/1.0/ Redirect Chain https://d.adroll.com/cm/o/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce... https://us-u.openx.net/w/1.0/sd?id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent= https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent=	43 B 180 B	53ms 52ms	Image image/gif	34.98.64.218 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent= Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Server 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 218.64.98.34.bc.googleusercontent.com Software OXGW/0.0.0 / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:48 GMT via 1.1 google server OXGW/0.0.0 vary Accept content-type image/gif p3p CP="CUR ADM OUR NOR STA NID" cache-control private, max-age=0, no-cache alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 expires Mon, 26 Jul 1997 05:00:00 GMT Redirect headers location https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=64ebe3119e6f9b8f6cacefdbb2c4f647&gdpr=0&gdpr_consent= date Tue, 21 Nov 2023 18:23:48 GMT via 1.1 google server OXGW/0.0.0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 p3p CP="CUR ADM OUR NOR STA NID"
GET H2	204	sync ups.analytics.yahoo.com/ups/55980/ Redirect Chain https://d.adroll.com/cm/r/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce... https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true	0 121 B	40ms 39ms	Image text/plain	3.225.218.10 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Server 3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-225-218-10.compute-1.amazonaws.com Software ATS/9.1.10.87 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:48 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV Redirect headers location https://ups.analytics.yahoo.com/ups/55980/sync?_origin=1&uid=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true date Tue, 21 Nov 2023 18:23:48 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.87 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	bounce ib.adnxs.com/ Redirect Chain https://d.adroll.com/cm/x/out?adroll_fpc=cc05435801783b3421ca96e680cb7ec4-1700591027940&pv=74598872775.73431&arrfrr=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce... https://ib.adnxs.com/setuid?entity=172&code=NjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc	43 B 913 B	55ms 54ms	Image image/gif	68.67.160.76 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Server 68.67.160.76 Brooklyn, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:48 GMT an-x-request-uuid 58b29926-4c93-4fef-ac9c-122071270290 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 37.19.212.14; 37.19.212.14; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 21 Nov 2023 18:23:48 GMT an-x-request-uuid ad834b38-5a0e-4a6b-91b7-a84abb2beeda server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DNjRlYmUzMTE5ZTZmOWI4ZjZjYWNlZmRiYjJjNGY2NDc cache-control no-store, no-cache, private x-proxy-origin 37.19.212.14; 37.19.212.14; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated /	973 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash feeff1b73fc856bbaa909aecd74cd3918a41d2f0642b773831da45ad969317e9 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers Content-Type image/png
GET H2	200	zi-tag.js Show response js.zi-scripts.com/	8 KB 3 KB	90ms 43ms	Script application/javascript	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/zi-tag.js Requested by Host: go.leoforce.com URL: https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 15ebddd8f42a017abf38230bbefe743a7a4daeeeec69785baf43ce930d3de6ff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:48 GMT x-amz-version-id d0fvXwBE1KKHAVrX57LqVGhiliHVZHvh content-encoding gzip cf-cache-status DYNAMIC last-modified Thu, 16 Nov 2023 09:35:17 GMT server cloudflare via 1.1 37504d411c7d230cb5e53aaf2809b804.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-C2 etag W/"84c587b3edbc3a49ffac053ea2e2f6f6" age 31702 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cf-ray 829af746685b5443-YYZ x-amz-cf-id ShN-uv5nuz1UHQAPKllt37rpPLDetsA71jEbbe1creuc7FbHmYnZhA==
GET H2	200	getSubscriptions Show response js.zi-scripts.com/unified/v1/master/	199 B 438 B	100ms 99ms	Fetch application/json	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash a6552acaec1e2d2c2df0aab3dcc930bed49e33f221ab46963f1aa7bbfda12d6e Request headers Content-Type application/json Referer accept-language en-CA,en;q=0.9 Authorization Bearer 8fd777e40c1675291155 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 visited_url https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Response headers date Tue, 21 Nov 2023 18:23:48 GMT via 1.1 879741630ff6546987b7e3ce604046ec.cloudfront.net (CloudFront) content-encoding gzip cf-cache-status DYNAMIC server cloudflare x-amz-cf-pop YTO50-P1 x-powered-by Express etag W/"c7-hpuRBNe0DszHz77azp8lIPyhxbo" x-cache Miss from cloudfront content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cf-ray 829af7478aa439c9-YYZ x-amz-cf-id EEP93ZyGY5CUrgaZqF_ziyh6Gngt7veS0E-Zn6UQh0w0gWBPul4QJA== apigw-requestid OwtUPjyHPHcEMDQ=
OPTIONS H2	204	getSubscriptions js.zi-scripts.com/unified/v1/master/ Frame	0 0	129ms 90ms	Preflight	104.18.37.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.zi-scripts.com/unified/v1/master/getSubscriptions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.37.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers authorization,content-type,visited_url Access-Control-Request-Method GET Origin https://go.leoforce.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-headers * access-control-allow-methods * access-control-allow-origin * access-control-max-age 0 apigw-requestid OwtUOg_KvHcEMDg= cf-cache-status DYNAMIC cf-ray 829af746f98b39c9-YYZ date Tue, 21 Nov 2023 18:23:48 GMT server cloudflare vary Access-Control-Request-Headers via 1.1 df34ce5bf73c140dc63a22fa17a4dcda.cloudfront.net (CloudFront) x-amz-cf-id 6T-iMvk_BeHO_WnMdecBR9323ojopgXRPDiA66vTEMJDXrAYdu-nCg== x-amz-cf-pop YTO50-P1 x-cache Miss from cloudfront x-powered-by Express
GET H2	200	formcomplete.js Show response ws-assets.zoominfo.com/	86 KB 26 KB	74ms 70ms	Script application/javascript	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws-assets.zoominfo.com/formcomplete.js Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe92edba1f5990d76e1817f250ee4aae144f4efa95b676733bdd4391f2b74cf1 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:48 GMT content-encoding gzip cf-cache-status DYNAMIC age 2659 x-guploader-uploadid ABPtcPqUt1ISJTfa8bOQC2pw1Kt79b70FcFIYkrNue4c6Uvihrp6aendcC7piOYR1cHTHkueaZk x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400 last-modified Thu, 02 Nov 2023 11:05:05 GMT server cloudflare etag W/"bbabfd4493e8cf8aafea99a2f70825c0" x-goog-hash crc32c=4scEgA==, md5=u6v9RJPoz4qv6pmi9wglwA== x-goog-generation 1698923105172059 content-type application/javascript cache-control public, max-age=3600 x-goog-stored-content-length 87554 cf-ray 829af7482e10a1e1-YYZ expires Tue, 21 Nov 2023 18:39:29 GMT
GET H2	200	/ Show response ws.zoominfo.com/pixel/63c711de399c64fee7e86000/	3 KB 1 KB	179ms 178ms	Fetch text/javascript	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63c711de399c64fee7e86000/?iszitag=true Requested by Host: js.zi-scripts.com URL: https://js.zi-scripts.com/zi-tag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1ec06bacf0f416905dd98a1ecf142546d2db1978e1ea44f57097dee162dcf520 Security Headers Name Value X-Content-Type-Options nosniff Request headers visited-url https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 Referer https://go.leoforce.com/listUnsubscribeHeader/u/309041/f631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea/473520062 _vtok MzcuMTkuMjEyLjE0 _zitok 73655746cd5b0abf16301700591028 accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type text/javascript Response headers date Tue, 21 Nov 2023 18:23:48 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin https://go.leoforce.com access-control-allow-credentials true cf-ray 829af748ef5ba1e1-YYZ access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400
OPTIONS H3	200	/ ws.zoominfo.com/pixel/63c711de399c64fee7e86000/ Frame	0 0	117ms 96ms	Preflight text/html	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/63c711de399c64fee7e86000/?iszitag=true Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _vtok,_zitok,content-type,visited-url Access-Control-Request-Method GET Origin https://go.leoforce.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url access-control-allow-origin https://go.leoforce.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 829af7484adc36bf-YYZ content-encoding gzip content-type text/html; charset=utf-8 date Tue, 21 Nov 2023 18:23:48 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express
OPTIONS H3	200	forms ws.zoominfo.com/formcomplete-v2/ Frame	0 0	81ms 81ms	Preflight text/html	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers authorization,content-type Access-Control-Request-Method POST Origin https://go.leoforce.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://go.leoforce.com allow POST alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 829af748cbb836bf-YYZ content-encoding gzip content-type text/html; charset=utf-8 date Tue, 21 Nov 2023 18:23:48 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express
POST H3	200	forms Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	84ms 83ms	Fetch application/json	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/forms Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 83c294f8f732f0ecbbb550734172cc00ce4bd30f2af5eec6256cbc04106d8d47 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer accept-language en-CA,en;q=0.9 Authorization bearer a63cef67a44c77f4870e1b253b4efe User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Content-Type application/json Response headers date Tue, 21 Nov 2023 18:23:48 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express etag W/"7be-B+wK/1aPZiva+HzCe8PomxRz8rk" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://go.leoforce.com access-control-allow-credentials true cf-ray 829af7495973541f-YYZ access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok alt-svc h3=":443"; ma=86400
GET H3	200	getMapping Show response ws.zoominfo.com/formcomplete-v2/	2 KB 1 KB	134ms 133ms	XHR application/json	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=73528537-fe1f-4319-ae72-6a3a6b06f047 Requested by Host: ws-assets.zoominfo.com URL: https://ws-assets.zoominfo.com/formcomplete.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 5751337d96abbb9d7727d99c689ec6ff9b7b1e980edea735baac2850dd92bf6f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer _zitok 73655746cd5b0abf16301700591028 visitorId accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers date Tue, 21 Nov 2023 18:23:48 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express etag W/"9bc-8trqhpJWGcboh8U99S+4EaWZnng" vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://go.leoforce.com access-control-allow-credentials true cf-ray 829af74a5ac8541f-YYZ access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,Authorization, visitorId, _zitok alt-svc h3=":443"; ma=86400
OPTIONS H3	200	getMapping ws.zoominfo.com/formcomplete-v2/ Frame	0 0	75ms 75ms	Preflight text/html	104.16.136.15 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/formcomplete-v2/getMapping?formId=73528537-fe1f-4319-ae72-6a3a6b06f047 Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.136.15 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers _zitok,visitorid Access-Control-Request-Method GET Origin https://go.leoforce.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for,x-ws-collect-type,Authorization,visitorId,_zitok access-control-allow-origin https://go.leoforce.com allow GET,HEAD alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 829af749ddc536bf-YYZ content-encoding gzip content-type text/html; charset=utf-8 date Tue, 21 Nov 2023 18:23:48 GMT server cloudflare via 1.1 google x-content-type-options nosniff x-powered-by Express
POST H3	204	collect analytics.google.com/g/	0 17 B	46ms 46ms	Ping text/plain	172.253.115.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-YYPKZ23KHK&gtm=45je3b81v892279435z8867205728&_p=1700591027098&gcd=11l1l1l1l1&dma=0&cid=1192132681.1700591027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700591027&sct=1&seg=0&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&dt=&en=page_load_time&epn.loading_time_sec=1.4&_et=711&tfd=3616 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YYPKZ23KHK&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect analytics.google.com/g/	0 17 B	46ms 46ms	Ping text/plain	172.253.115.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-YYPKZ23KHK&gtm=45je3b81v892279435z8867205728&_p=1700591027098&gcd=11l1l1l1l1&dma=0&cid=1192132681.1700591027&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1700591027&sct=1&seg=0&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&dt=&en=User%20Engagement%20-%20All%20Pages&_c=1&epn.Scroll%20Depth%20Threshold=50&ep.Page%20URL=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&_et=2189&tfd=3616 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-YYPKZ23KHK&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.115.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f138.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Tue, 21 Nov 2023 18:23:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://go.leoforce.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	35ms 35ms	Image image/gif	142.251.16.101 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=1400246586&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User%20Engagement%20-%20All%20Pages&ea=50&el=https%3A%2F%2Fgo.leoforce.com%2FlistUnsubscribeHeader%2Fu%2F309041%2Ff631baf44fce26c2ec945013ee045f6d6da83367a74428290115be8ec34c5dea%2F473520062&_u=aCDACEABBAAAACAAI~&jid=&gjid=&cid=1192132681.1700591027&tid=UA-203156803-4&_gid=652326505.1700591028&gtm=45He3b81n815TGWKF8v867205728&gcd=11l1l1l1l1&dma=0&z=857097159 Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.16.101 , United States, ASN15169 (GOOGLE, US), Reverse DNS bl-in-f101.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36 Response headers pragma no-cache date Mon, 20 Nov 2023 18:52:49 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 84661 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT