urlscan.io logo urlscan.io
SecurityTrails logo

leafshutter.info Open in urlscan Pro
188.166.169.182  Public Scan

Go To Rescan Add Verdict Report
URL: https://leafshutter.info/
Submission: On May 22 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 12 domains to perform 52 HTTP transactions. The main IP is 188.166.169.182, located in Slough, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is leafshutter.info.
TLS certificate: Issued by R3 on May 22nd 2024. Valid for: 3 months.
This is the only time leafshutter.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 188.166.169.182 14061 (DIGITALOC...)
7 18.239.36.75 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:25e... 16509 (AMAZON-02)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.239.36.15 16509 (AMAZON-02)
3 18.239.70.203 16509 (AMAZON-02)
3 2600:9000:20a... 16509 (AMAZON-02)
3 172.217.16.130 15169 (GOOGLE)
1 2600:9000:239... 16509 (AMAZON-02)
1 2600:9000:238... 16509 (AMAZON-02)
1 2 18.65.39.29 16509 (AMAZON-02)
2 172.64.144.166 13335 (CLOUDFLAR...)
1 18.239.69.94 16509 (AMAZON-02)
1 18.238.243.122 16509 (AMAZON-02)
1 52.12.161.136 ()
1 18.239.68.199 16509 (AMAZON-02)
2 18.238.243.113 16509 (AMAZON-02)
1 18.239.18.35 16509 (AMAZON-02)
1 18.239.94.66 16509 (AMAZON-02)
52 21
17    188.166.169.182 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
leafshutter.info
7    18.239.36.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-75.ams58.r.cloudfront.net
ads.adthrive.com
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:25e8:e000:f:b2f5:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.flodesk.com
2    2606:4700:10::6816:2f76 (United States)

ASN13335 (CLOUDFLARENET, US)
app.slickstream.com
2    2606:4700:10::6816:2e76 (United States)

ASN13335 (CLOUDFLARENET, US)
c01f.app.slickstream.com
1    18.239.36.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-15.ams58.r.cloudfront.net
ads.adthrive.com
3    18.239.70.203 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-70-203.ams58.r.cloudfront.net
c.amazon-adsystem.com
3    2600:9000:20a0:3000:11:2a6a:9480:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr-wrapper.privacymanager.io
3    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2394:4800:16:f82a:8600:93a1 (United States)

ASN16509 (AMAZON-02, US)
gdpr.privacymanager.io
1    2600:9000:238d:4600:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
2    18.65.39.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-29.ams1.r.cloudfront.net
sb.scorecardresearch.com
2    172.64.144.166 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    18.239.69.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-94.ams58.r.cloudfront.net
launchpad-wrapper.privacymanager.io
1    18.238.243.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-122.ams58.r.cloudfront.net
config.aps.amazon-adsystem.com
1    52.12.161.136 (None, )

ASN- ()
pb-ing.ccgateway.net
1    18.239.68.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-68-199.ams58.r.cloudfront.net
aax.amazon-adsystem.com
2    18.238.243.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-113.ams58.r.cloudfront.net
geo.privacymanager.io
1    18.239.18.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-18-35.ams58.r.cloudfront.net
launchpad.privacymanager.io
1    18.239.94.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-66.ams1.r.cloudfront.net
cmp-consent-tool.privacymanager.io
Apex Domain
Subdomains		 Transfer
17 leafshutter.info
leafshutter.info
1 MB
9 privacymanager.io
gdpr-wrapper.privacymanager.io — Cisco Umbrella Rank: 33827
gdpr.privacymanager.io — Cisco Umbrella Rank: 37929
launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2615
geo.privacymanager.io — Cisco Umbrella Rank: 1924
launchpad.privacymanager.io — Cisco Umbrella Rank: 2008
cmp-consent-tool.privacymanager.io — Cisco Umbrella Rank: 56427
274 KB
8 adthrive.com
ads.adthrive.com — Cisco Umbrella Rank: 5555
434 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 308
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 630
aax.amazon-adsystem.com — Cisco Umbrella Rank: 419
80 KB
4 slickstream.com
app.slickstream.com — Cisco Umbrella Rank: 11235
c01f.app.slickstream.com — Cisco Umbrella Rank: 81775
1016 B
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
171 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1603
153 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 191
4 KB
1 ccgateway.net
pb-ing.ccgateway.net Failed
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2920
33 KB
1 flodesk.com
assets.flodesk.com — Cisco Umbrella Rank: 21346
61 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
102 KB
52 12
Domain Requested by
17 leafshutter.info leafshutter.info
8 ads.adthrive.com leafshutter.info
ads.adthrive.com
3 securepubads.g.doubleclick.net ads.adthrive.com
securepubads.g.doubleclick.net
3 gdpr-wrapper.privacymanager.io ads.adthrive.com
gdpr.privacymanager.io
3 c.amazon-adsystem.com ads.adthrive.com
c.amazon-adsystem.com
2 geo.privacymanager.io gdpr.privacymanager.io
2 cdn.confiant-integrations.net ads.adthrive.com
cdn.confiant-integrations.net
2 sb.scorecardresearch.com 1 redirects
2 c01f.app.slickstream.com leafshutter.info
2 app.slickstream.com 2 redirects
1 cmp-consent-tool.privacymanager.io gdpr.privacymanager.io
1 launchpad.privacymanager.io launchpad-wrapper.privacymanager.io
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 pb-ing.ccgateway.net ads.adthrive.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 launchpad-wrapper.privacymanager.io ads.adthrive.com
1 cdn.jwplayer.com ads.adthrive.com
1 gdpr.privacymanager.io gdpr-wrapper.privacymanager.io
1 assets.flodesk.com leafshutter.info
1 www.googletagmanager.com leafshutter.info
52 20
Subject Issuer Validity Valid
leafshutter.info
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
*.adthrive.com
Amazon RSA 2048 M03		 2024-04-05 -
2025-05-04		 a year crt.sh
*.google-analytics.com
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
*.flodesk.com
Amazon RSA 2048 M03		 2024-05-03 -
2025-06-01		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-05-06 -
2024-07-29		 3 months crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2024-05-14 -
2024-08-12		 3 months crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
ccgateway.net
R3		 2024-05-10 -
2024-08-08		 3 months crt.sh
alt1-3ps.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-03-29 -
2025-04-28		 a year crt.sh

This page contains 3 frames:

Primary Page: https://leafshutter.info/
Frame ID: F6708FFEF6A05A73D376319F34CFD203
Requests: 59 HTTP requests in this frame

Frame: https://ads.adthrive.com/builds/core/b6f3193/html/i.html
Frame ID: 7A6DCF2F5250C18813EC7225BC333456
Requests: 1 HTTP requests in this frame

Frame: https://cmp-consent-tool.privacymanager.io/latest/index.html
Frame ID: 1D217A8246EAC90ACEF901ABFB24CFF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DIY, Interior Design & Home Decor | Kaleidoscope Living

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

52
Requests

92 %
HTTPS

33 %
IPv6

12
Domains

20
Subdomains

21
IPs

3
Countries

2416 kB
Transfer

6363 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F HTTP 302
  • https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Request Chain 40
  • https://app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F HTTP 302
  • https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Request Chain 47
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leafshutter.info/ 		345 KB
345 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
8411e71d8318107dba2dd3d2a40032dfb37c89cc59f6aeb2754f9e471fb4454f

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-length
352868
content-type
text/html; charset=UTF-8
date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:35 GMT
server
nginx/1.17.7
global.min.css
leafshutter.info/wp-content/themes/kadence/assets/css/ 		22 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/themes/kadence/assets/css/global.min.css
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
22925
content-type
text/css
ads.min.js
ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ads.min.js?referrer=https%3A%2F%2Fleafshutter.info%2F&cb=12
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
0a0e723c814649151898b8920fa20ddb6c83b560981dc82d250621d31c943932

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

adthrive-bucket
flex-29
date
Wed, 22 May 2024 13:51:26 GMT
content-encoding
br
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
adthrive-deployment
2024-05-21-02:ada-408:pr4825:b6f3193:4
x-amz-cf-pop
AMS58-P2
adthrive-commit
b6f3193
x-cache
Miss from cloudfront
adthrive-gdpr
true
pragma
no-cache
server
CloudFront
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-store, must-revalidate, s-maxage=28800
x-amz-cf-id
jW6BGDmWWgJaPu56eQ2RxySSYiz6cVwyCEn1Tn1YuKmrtalEwWR2sA==
expires
0
js
www.googletagmanager.com/gtag/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DMRNT7Y6KW
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5e7a71ff8755ed5e4aa209be56a0448bb6c7a4776d4e219ac7ae2a51c01306ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103880
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 May 2024 13:51:26 GMT
universal.mjs
assets.flodesk.com/ 		160 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.flodesk.com/universal.mjs?v=858192900
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25e8:e000:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d18297aca0d0d757a579f373c626a08618ba054d6ad9e04e49a48fbd908be923

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Origin
https://leafshutter.info
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 22 May 2024 09:24:39 GMT
Content-Encoding
gzip
Via
1.1 cf3f18e8f11a6f190c72103c7a43aac2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
AMS1-P3
Age
16008
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 May 2024 05:00:15 GMT
Server
AmazonS3
ETag
W/"44d2320e707ddb6392139c2479b7bfdc"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, PUT, HEAD, POST, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ETag
Cache-Control
max-age=31536000
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id
8QxWUGAwodArTBhdQ6yV1GLjHnOeNKF7D1spRTR3DXoaFAqf3d6Jiw==
header.min.css
leafshutter.info/wp-content/themes/kadence/assets/css/ 		26 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/themes/kadence/assets/css/header.min.css
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
26606
content-type
text/css
K_icon-with-TEA-edits.png
leafshutter.info/wp-content/uploads/2018/12/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2018/12/K_icon-with-TEA-edits.png
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
6bcc3b8e91d8880decefbb9a1474f61b78bb5855de076f9552cba22710b1695c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:38 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
63368
content-type
image/png
navigation.min.js
leafshutter.info/wp-content/themes/kadence/assets/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/themes/kadence/assets/js/navigation.min.js
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
18005
content-type
application/x-javascript
lazyload.min.js
leafshutter.info/wp-content/plugins/perfmatters/js/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/plugins/perfmatters/js/lazyload.min.js
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
9355
content-type
application/x-javascript
page-boot-data
c01f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
  • https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
40 B
391 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Server
2606:4700:10::6816:2e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://leafshutter.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c01-app-69f6c647db-nbzrw
cf-ray
887d47f4dead6322-LHR

Redirect headers

date
Wed, 22 May 2024 13:51:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
EXPIRED
x-powered-by
Express
content-length
123
cdn-cache-control
public, max-age=900
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-6f75549957-9ffzx
x-slickstream-consent
ask
cf-ray
887d47f0ebe55322-LHR
K_icon-with-TEA-edits.png
leafshutter.info/wp-content/uploads/2018/12/ 		62 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2018/12/K_icon-with-TEA-edits.png
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
6bcc3b8e91d8880decefbb9a1474f61b78bb5855de076f9552cba22710b1695c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:38 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
63368
content-type
image/png
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
983b11fd0939fb86fa5b98b5c2ecbc51e0687d39d698123286e67c0fdbef9a4a

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0caaf9008495a062d3f4aadc4e754f16561e99edcb749c88b4c7e16c48d6d3c1

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
24255282ed181498c2aa9df8c30dfcf598317daa537df8a65437dac4718bdcf9

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e15f920cff73579a76009d3810093072e7f5faa9aaf8f9676c0a61f3dee5579

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9bacc445ab897c1acf21abe9e3dbf6e87accae8818269dba0b67ac05cde5979

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5c0709fc80e90df7e93d71eb34e7f6be113f47caa96557c3d21f158f698042b

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		95 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2048ba5841c503230da6fd05c97826e0565818936803396cf28aeef18f56fd50

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48461dc42f0db35469bc84b181bba0dc32e1b37067cf21b6982201d1742f46fa

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19fabe0a716fc7192e5c36c1c710a8e40a19bbe8424895a398a4329756db156a

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52c2e10ea695393380ecf72ad7d7247994529619e0405db3d433c8d12c1625ad

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d9ee626d0eaa55feae2939bd1d628c33ec77ba3b493279394bbedeaffa0463b

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
brittanysignature-webfont.woff
leafshutter.info/wp-content/uploads/2022/11/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/uploads/2022/11/brittanysignature-webfont.woff
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
23688bc851614453f26aa9982f3154ffe5e0fbb5b8a9850c047c3a60a4dd5ee3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Origin
https://leafshutter.info
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
32208
content-type
application/font-woff
sweetsanspro-regular.woff
leafshutter.info/wp-content/uploads/2022/11/ 		66 KB
66 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/wp-content/uploads/2022/11/sweetsanspro-regular.woff
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
746cc557cbc565c9d30ec866de272a6b28f82dc5aa4e82ce46ea2ee72c8ba106

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Origin
https://leafshutter.info
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:26 GMT
last-modified
Wed, 22 May 2024 09:25:37 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
67600
content-type
application/font-woff
truncated
/ 		93 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5e5d744687f0732a848d8a67aae6b031bb8f9de551d3112dd8bb8237a7b2cf3

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
abd.js
ads.adthrive.com/abd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/abd/abd.js
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
os8MwQFHVWjrrk14iP4Ip4gSDo8pMj4I
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 13:51:28 GMT
last-modified
Tue, 06 Sep 2022 21:10:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
etag
W/"1a1900d242621b126237113a25ab0ab3"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
_k6U91k9W0APTfF6ZcwAsGF9KVnM1aEjp7b5-Zh0NGn1qhpMJKY-ow==
marmalade
ads.adthrive.com/api/v1/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v1/marmalade?siteid=54d03e5c6a4dd9277372a36e&url=https%3A%2F%2Fleafshutter.info%2F&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ads.min.js?referrer=https%3A%2F%2Fleafshutter.info%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
/
Resource Hash
6cf87d2575f74b183a396b1b1804a1776a0040740ab6c5830a1ef386917d2d13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
x-amzn-trace-id
Root=1-664df85f-2e3263537b48d5526d4f8f54;Parent=3d4283a0247c8a1c;Sampled=0;lineage=e948d84a:0
x-amzn-requestid
fcd728a1-995a-4e84-9cd5-4c3538a5cc71
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=3600, s-maxage=3600
x-amz-apigw-id
YLO-8E3RoAMETUA=
x-amz-cf-id
OTBWjGufRwxCvZNJJZhSQtsLQySTHHbOe_QW49dhDVDI4Ts108O_WQ==
54d03e5c6a4dd9277372a36e
ads.adthrive.com/api/v2/raptiveFloors/ 		103 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/api/v2/raptiveFloors/54d03e5c6a4dd9277372a36e
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ads.min.js?referrer=https%3A%2F%2Fleafshutter.info%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
/
Resource Hash
3641580a6cd03b723c7d2cf945217524dd75df302d76c862a1dba9b0cca2f39f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 10:51:36 GMT
content-encoding
br
via
1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
10791
x-amzn-trace-id
Root=1-664dce37-4a5d70fe4bbabf380aedf59d;Parent=2adc12560f1339f4;Sampled=0;lineage=e7e36c41:0
x-amzn-requestid
cbe82b15-809c-44bf-9efd-d69a2e5036c0
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
YK0oyG6hIAMEqyQ=
x-amz-cf-id
ehh82vKtriKQgdhCCM2zL3ukOfCMyu4UnVMjkJ4sPoSBkt3LvAGCpg==
adthrive.min.js
ads.adthrive.com/builds/core/b6f3193/es2018/js/ 		845 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ads.min.js?referrer=https%3A%2F%2Fleafshutter.info%2F&cb=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
41eb608739bf4a67697c42793a5af1166bfa7ac3eed991db58e19db78ccc776d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 01:28:29 GMT
content-encoding
br
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P2
age
44578
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
ps1v3FRP2K6H4bZz-HPImos0SfdPRIOKeQe-VSbvotUaAl_4ggXlGQ==
bonus-room-refresh-reveal-05-edited.jpg
leafshutter.info/wp-content/uploads/2023/05/ 		208 KB
208 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2023/05/bonus-room-refresh-reveal-05-edited.jpg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
b8bb1da4bab6b59f2b47c54a5c532eae35f5a9fc2cc81548832855532675019a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:25:38 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
212701
content-type
image/jpeg
averys-bunk-bed-building-4-edited.webp
leafshutter.info/wp-content/uploads/2022/11/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2022/11/averys-bunk-bed-building-4-edited.webp
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
4ab3a11d7e73ba02eefffb7a963e4f25b508cd518842226a2407e330cf1db49b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:25:38 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
144292
content-type
image/webp
how-to-organize-a-linen-closet-featured-1.jpg
leafshutter.info/wp-content/uploads/2018/05/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2018/05/how-to-organize-a-linen-closet-featured-1.jpg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
4898a43e840321fee40dba027fa7eacecf05ea88ee417abd8ae29c806ad605dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:25:38 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
86256
content-type
image/jpeg
family-room-christmas-4-1-240x300.jpg
leafshutter.info/wp-content/uploads/2021/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2021/12/family-room-christmas-4-1-240x300.jpg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
247b772f54eeb63505282c28c60ffc758842e61a8266249f8ef4e824120a669c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:32:33 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
23236
content-type
image/jpeg
Cricut-vs.-Silhouette-square-300x300.jpg
leafshutter.info/wp-content/uploads/2022/03/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2022/03/Cricut-vs.-Silhouette-square-300x300.jpg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
f9ac5d9aa19574f9b5c369b5ce18c5bfe60a1d6e0e6f0f662b1c644d9ebc0827

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:32:33 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
21015
content-type
image/jpeg
diy-countertops-featured-300x300.jpeg
leafshutter.info/wp-content/uploads/2022/12/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2022/12/diy-countertops-featured-300x300.jpeg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
bc75e94100c2db188c1f41790059d0418edd1c209c3ab76fe82c68bb34225500

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:32:33 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
23196
content-type
image/jpeg
benjamin-moore-swiss-coffee-comparisons-5-225x300.jpg
leafshutter.info/wp-content/uploads/2022/07/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leafshutter.info/wp-content/uploads/2022/07/benjamin-moore-swiss-coffee-comparisons-5-225x300.jpg
Requested by
Host: leafshutter.info
URL: https://leafshutter.info/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
f591b166dd915c5582fcb1510afc2dc88995b1a4f319f69b9e0419b7fe9637d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:27 GMT
last-modified
Wed, 22 May 2024 09:32:33 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
25459
content-type
image/jpeg
i.html
ads.adthrive.com/builds/core/b6f3193/html/ Frame 7A6D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/b6f3193/html/i.html
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-15.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://leafshutter.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
3034
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 22 May 2024 13:00:55 GMT
etag
W/"7ff33d1082bd05a8e5c77e94bc0fa576"
last-modified
Tue, 21 May 2024 16:44:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ba01234d30a5778423f79c0c58d283ce.cloudfront.net (CloudFront)
x-amz-cf-id
PGLIiIaHeMEwZ490ZL5vxDQPt7hcMJZ6I9RmmcTtV0YesXHJAwJ7mQ==
x-amz-cf-pop
AMS58-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
BwFcWzqKcUicFSm0QEfZyC0Qootj5Hky
x-cache
Hit from cloudfront
prebid.min.js
ads.adthrive.com/builds/core/b6f3193/gdpr/vendor/prebid/es2018/ 		667 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/builds/core/b6f3193/gdpr/vendor/prebid/es2018/prebid.min.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c6e26b982bc6b92e0ce4a662471f2cd0336c566471049bf13c1786d35e212af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
B8zWV9tCgXs05J5d3alpwWz_rxXMI6LL
content-encoding
gzip
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 13:16:11 GMT
last-modified
Tue, 21 May 2024 16:45:00 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P2
age
2118
x-amz-server-side-encryption
AES256
etag
W/"e4ea1a14f4c95deb50f278bd8cdb1841"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
L65356alVypwcnRYvWLM_u2L799GCMn1cTf6DvUlxiVKvDXdKc8QmQ==
apstag.js
c.amazon-adsystem.com/aax2/ 		303 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-70-203.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:31:10 GMT
content-encoding
gzip
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront), 1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 20:29:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, AMS58-P4
age
1219
etag
W/"299fe111f64c76143769e50e3f9edd6e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
fQhGB-tFVHUOFP9Y1oZLgcCloWDSbYC-eqHnLL6xkjdkFJAE6LfQRw==
gdpr-liveramp.js
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		478 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
520cc688ff2c94bc94bd07a5747a1216e47514a9145cd07bba2c793d69ce41ad

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
aWgh1WJvojCvUHNMRa4AqV_05ulSzuzf
content-encoding
gzip
via
1.1 eefbd9216704235f6900c0fa85615204.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 04:14:19 GMT
x-amz-cf-pop
AMS58-P2
age
34674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="gdpr-liveramp.js"
last-modified
Wed, 15 May 2024 12:17:19 GMT
server
AmazonS3
etag
W/"c0dd07165a1794b7d79c574dfd59ba62"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
ouybZLmEczvCB99EJzZXcUCPbw7kKFBqtFk2-mtiJlzSz3OAUWRk8w==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		93 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
054da332249bf5c962839268002d1106db1bf8d156a4c235f654cad3b60493db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29934
x-xss-protection
0
server
cafe
etag
390 / 19865 / 31083872 / config-hash: 11446951803262423345
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 22 May 2024 13:51:28 GMT
page-boot-data
c01f.app.slickstream.com/d/
Redirect Chain
  • https://app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
  • https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
40 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Protocol
H2
Server
2606:4700:10::6816:2e76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://leafshutter.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
BYPASS
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
access-control-max-age
43200
access-control-allow-methods
POST, PUT, GET, OPTIONS
access-control-allow-origin
*
content-type
text/html; charset=utf-8
cache-control
public, max-age=900
x-slickstream-consent
ask
x-ss-serverid
c01-app-69f6c647db-nbzrw
cf-ray
887d47face556322-LHR

Redirect headers

date
Wed, 22 May 2024 13:51:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
HIT
age
0
x-powered-by
Express
content-length
123
cdn-cache-control
public, max-age=900
server
cloudflare
access-control-max-age
43200
access-control-allow-methods
GET, HEAD, POST, PUT, OPTIONS
content-type
text/plain; charset=utf-8
location
https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
access-control-allow-origin
*
cache-control
public, max-age=900
vary
Accept, Accept-Encoding
x-ss-serverid
common-app-6f75549957-9ffzx
x-slickstream-consent
ask
cf-ray
887d47f6d9d55322-LHR
favicon.ico
leafshutter.info/ 		0
74 B 		Other
General
Check archive.org
Download Go to
Full URL
https://leafshutter.info/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.166.169.182 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.17.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
last-modified
Wed, 22 May 2024 09:25:53 GMT
server
nginx/1.17.7
accept-ranges
bytes
content-length
0
content-type
image/x-icon
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-70-203.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 09:24:41 GMT
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding
gzip
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P4
age
16008
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
WGqLp0TB1KyB23H1d06StwanHU3-6LYiXN19OhxAGR3OvYTA0dTylA==
gdpr.bundle.js
gdpr.privacymanager.io/latest/ 		136 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Requested by
Host: gdpr-wrapper.privacymanager.io
URL: https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/gdpr-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:4800:16:f82a:8600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Y_FI2tHwceecL4aCNm0w90ZTQwQBXlnf
content-encoding
gzip
via
1.1 b4b344356515496fe04e908f6ee73f4e.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 13:50:51 GMT
last-modified
Wed, 03 Jan 2024 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
2045
x-amz-server-side-encryption
AES256
etag
W/"97a8e6b3690e415e6982e057a4ec3a39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
OHm5jMd5RwFiQaeju3WiNDvdolvk0-D9ggvQftB6d-6b7UFK8Bo9gw==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405170102/ 		455 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405170102/pubads_impl.js?cb=31083872
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
1517ad61166c911dda2db59102f03ce78b9ad5ca3d27046c8390db3c267e1014
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:29:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
22939
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145262
x-xss-protection
0
server
cafe
etag
4385764278464087021
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 22 May 2025 07:29:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		64 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=leafshutter.info
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
0ab24d196bfbacc47b91766381cd1dcfb376e8f1aa327ac3f5da64ecd67796dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50
x-xss-protection
0
expires
Wed, 22 May 2024 13:51:28 GMT
4SHLEkIc
cdn.jwplayer.com/v2/playlists/ 		273 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/playlists/4SHLEkIc?max_resolution=1280
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:238d:4600:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
68de83f94bc078ea092750f4bf2603b5f7942bddbcedf80e39bc688b63c8c2e9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
content-encoding
gzip
via
1.1 37bca31d9c7de06b67b2363770e065b4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
33142
x-amz-cf-id
m7M7ugrjUrbDd7dwrSxouON2w9qzzK712oEOsdFEiiy234689n4bfg==
expires
Wed, 22 May 2024 13:52:15
beacon.js
sb.scorecardresearch.com/internal-cs/6035453/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6035453/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6035453/beacon.js
Protocol
H2
Server
18.65.39.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-39-29.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://leafshutter.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 22 May 2024 03:43:57 GMT
content-encoding
gzip
via
1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
last-modified
Mon, 15 Apr 2024 09:46:37 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P1
age
41872
x-amz-server-side-encryption
AES256
etag
W/"380203da1313f445d8bc395ba3b88bad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
o_c9zc41RkPkT4yjIPnnnb4beXyR4mexSp0-zM86icR2MAJy8hpfcQ==

Redirect headers

date
Wed, 22 May 2024 13:51:28 GMT
via
1.1 19f569e782b5b925c41d8bc4e292cc7a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
AMS1-P1
x-cache
Miss from cloudfront
location
/internal-cs/6035453/beacon.js
content-length
0
x-amz-cf-id
7T2X_8t7o4Nnkca60-1yRiEj-vO2tEm774ygutZtGc-rw1jeCrFplw==
config.js
cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/ 		307 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc19b26c57237c2ef77e6ed92982ec7389de7ce7eb5e92adb08f148cffe5f1aa

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 19 May 2024 15:36:10 GMT
server
cloudflare
x-amz-request-id
XMPGAZEAWQWYK355
age
844
etag
W/"56054ddfc94f272486e208a5239a0fcf"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
887d47fbdb9c93f4-LHR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dX/irgws0WlSEd2UNLZSdPYRsLfXIWDvxJUURbyDe1/s0t98Gf2Xq2hd0hhKkL2FXJzOS8wYQWg=
launchpad-liveramp.js
launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/ 		345 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.69.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-69-94.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
56bac9ea6760f3ff6fdd160ab7a566367558c996a5a1453b796d85f37208845f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Lhhuec.W.qrWQpQTth94dtO2siYbvhWK
content-encoding
gzip
via
1.1 6099a68d04a7ee2150888338bfdc451a.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 02:11:47 GMT
x-amz-cf-pop
AMS58-P4
age
41985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-disposition
attachment; filename="launchpad-liveramp.js"
last-modified
Wed, 01 May 2024 18:18:53 GMT
server
AmazonS3
etag
W/"deaea14c98a96aab090d1c714f3de8f0"
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
zkKWboPA0mA6wmPgbIUTI1C7qgfXNI-LCdUc5h7SZPIdiEneRlWltw==
ads.min.css
ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ 		2 KB
902 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ads.adthrive.com/sites/54d03e5c6a4dd9277372a36e/ads.min.css
Requested by
Host: ads.adthrive.com
URL: https://ads.adthrive.com/builds/core/b6f3193/es2018/js/adthrive.min.js?deployment=2024-05-21-02:ada-408:pr4825:b6f3193:4&bucket=flex-29&deliveryFeatures=manualCookieSync,raptiveFloors,recencyFrequency,reissuingSticky,switzerlandGdpr,ttdSync&siteid=54d03e5c6a4dd9277372a36e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.36.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-36-75.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
82387103be0ead955d8e521893c1c10ca03447a8eb2420812557901c17e60d00

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 07:25:48 GMT
content-encoding
gzip
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P2
age
23140
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=3600, s-maxage=86400
x-amz-cf-id
I00oRu9aJ4g8kWYV21DKrony451JugGe62cyvDrpExxgXB3PR-nYTQ==
4fbba76f-7987-4fa2-9733-c27eb3a2170b
config.aps.amazon-adsystem.com/configs/ 		563 B
829 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-122.ams58.r.cloudfront.net
Software
CloudFront /
Resource Hash
5beb872339dd388527958245dd0efbdfbb0729c075532d1f572545f7a78f2976

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:09:49 GMT
via
1.1 1e22254f0abea6547aaa07a03d921130.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
AMS58-P1
age
2501
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
563
x-amz-cf-id
i_HIKIRuH1a8Vk2trAGJuzt8raKDhnENoVzXlLLJxlV3KSrtqjobJw==
config
c.amazon-adsystem.com/cdn/prod/ 		494 B
852 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fleafshutter.info&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.70.203 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-70-203.ams58.r.cloudfront.net
Software
Server /
Resource Hash
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 10:51:36 GMT
via
1.1 52565866975cd7c0daa261ea0388bad4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
age
10792
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://leafshutter.info
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
494
x-amz-cf-id
e00ZoyTzhSBcJ8OZdXGi5ZU4bpBQe4P9pHHXQja4avymqs4QYUY_zA==
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ 		0
0
page_load
pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.12.161.136 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://leafshutter.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods
POST
access-control-allow-origin
https://leafshutter.info
access-control-max-age
86400
date
Wed, 22 May 2024 13:51:35 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fleafshutter.info%2F&pid=uXwcWFzu6Vj6Y&cb=0&ws=1600x1200&v=24.506.1519&t=1900&slots=%5B%7B%22sd%22%3A%22AdThrive_Footer_1_desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%2C%22970x90%22%2C%22300x50%22%2C%22320x100%22%2C%22468x60%22%2C%221x1%22%5D%2C%22sn%22%3A%22%2F18190176%2FAdThrive_Footer_1%2F54d03e5c6a4dd9277372a36e%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A105%7D%5D&pj=%7B%22adRefresh%22%3A%220%22%7D&schain=1.0%2C1%21cafemedia.com%2C54d03e5c6a4dd9277372a36e%2C1%2C%2C%2C&pubid=4fbba76f-7987-4fa2-9733-c27eb3a2170b&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D&_c=1
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.68.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-68-199.ams58.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:29 GMT
via
1.1 0f3cf20f6db29b970aa67df851b05904.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
AMS58-P4
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://leafshutter.info
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
YAMG0rIndfWpDf42FLSpGtvjHzTiHrvA0c3X1ZMmG2yGirTDIQNV6A==
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ 		109 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f9039ef60afcb7ab8a184fc96366d5b6c590e789f5e57107aabfc295cba0066

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://leafshutter.info/
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
OqjCoobElag6UIYQF_h6d7.3.xifcnpe
content-encoding
gzip
via
1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 13:10:25 GMT
x-amz-cf-pop
AMS58-P2
age
2466
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 16 May 2024 17:43:56 GMT
server
AmazonS3
etag
W/"87a948c50585944c57fdfef2452a1fbe"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
NS-p8Ixkhm3V_7RpglJ-T0IsUUmkuzRgcOdkXG3rslKsm4PqVQU0Aw==
/
geo.privacymanager.io/ 		28 B
622 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-113.ams58.r.cloudfront.net
Software
/
Resource Hash
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://leafshutter.info/
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 03:32:56 GMT
via
1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, AMS58-P1
age
37114
x-amzn-trace-id
Root=1-664d6768-63cae21d525ba0fe712c79ab;Parent=5c053bc9565f0ee2;Sampled=0;lineage=06620786:0
x-amzn-requestid
1086e5db-dcc9-4ce9-9e38-f9b2399f199a
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
YJ0YbHZ2joEEoKA=
content-length
28
x-amz-cf-id
W1RX6zadyW58JqCzVIWytiTlIHhtt_Omw22lWjUm3GCL7J3ZmcpJXg==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202402121010/ 		300 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202402121010/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/mOinGM9MTu5v-Lto835XLhlrSPY/gpt_and_prebid/config.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.144.166 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 22 May 2024 13:51:29 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 12 Feb 2024 15:11:18 GMT
server
cloudflare
x-amz-request-id
CPJXJ65D1375E3N6
age
4213011
etag
W/"3d93a0af15b12fc9dbbc93edd96a2b7f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
887d48028df693f4-LHR
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dhkEYXL4ChSI3muE7G3bRA15Iv6vGlW/zvanVJ7hWZ+4Uig4Z/I/26azbvib4VOnr86y+CXlnlw=
vendor-list.json
gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gdpr-wrapper.privacymanager.io/gdpr/7f035220-1751-4684-bb7f-a1c0d45657df/vendor-list.json
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:3000:11:2a6a:9480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://leafshutter.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
age
35230
content-length
0
date
Wed, 22 May 2024 04:04:21 GMT
server
AmazonS3
via
1.1 1c1b06236faf26f915b464406875de12.cloudfront.net (CloudFront)
x-amz-cf-id
n-FPkPYIYMd3-2V3LHZi4cE8e6RGXEtBU3Lls9PPk_l-5yV3oulvcA==
x-amz-cf-pop
AMS58-P2
x-cache
Hit from cloudfront
/
geo.privacymanager.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-113.ams58.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://leafshutter.info
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 22 May 2024 13:51:30 GMT
via
1.1 400be015a105355a3fb16d2aa2a6d926.cloudfront.net (CloudFront), 1.1 ec2f767a4113b6a2b366ac7622dad01e.cloudfront.net (CloudFront)
x-amz-apigw-id
YLO_YHGOjoEEbiw=
x-amz-cf-id
QegvVeAeg_VgKKJVSgaLuYMEy0bwM1I3lm3rJmtZUzCE6Rm0Zi57Ig==
x-amz-cf-pop
AMS1-P3 AMS58-P1
x-amzn-requestid
addb2f78-9380-4b40-ad97-92910286fd64
x-cache
Miss from cloudfront
launchpad.bundle.js
launchpad.privacymanager.io/latest/ 		205 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by
Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/69e75073-3763-483e-a64c-0d281bfd9225/launchpad-liveramp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.18.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-18-35.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6c892a3b81f32ff562d0c8f44e909e65c8366453aa55cc88c8d136bb51578375

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://leafshutter.info/
Accept-Language
en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
G5ps5XkVrakniD._EiRoY_pU9_2jf8nx
content-encoding
br
via
1.1 36a7c1e18cbe5ff8281d77427bf1c0e6.cloudfront.net (CloudFront)
date
Wed, 22 May 2024 13:28:36 GMT
last-modified
Fri, 17 May 2024 13:05:55 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P6
age
1376
x-amz-server-side-encryption
AES256
etag
W/"e71ebe4c8fcf58b53c9a099a76c2af39"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
must-revalidate,public,max-age=3600
x-amz-cf-id
nMQe_ghm5sP305Fzf-GpLNdb3pQpIofWSW-Ok4pXd3ycyuX7pUsbHQ==
index.html
cmp-consent-tool.privacymanager.io/latest/ Frame 1D21 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp-consent-tool.privacymanager.io/latest/index.html
Requested by
Host: gdpr.privacymanager.io
URL: https://gdpr.privacymanager.io/latest/gdpr.bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-94-66.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9;q=0.9
Referer
https://leafshutter.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
503387
cache-control
must-revalidate,public,max-age=604800
content-encoding
br
content-type
text/html
date
Thu, 16 May 2024 18:01:45 GMT
etag
W/"75610cde1541054da56aaac17da27360"
last-modified
Mon, 20 Nov 2023 09:32:51 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 316c3f6f9514dc45c45cd1b2385757cc.cloudfront.net (CloudFront)
x-amz-cf-id
Qd4lcFvu2ru2yJy5RIFNzo7TVjYz9PpoAY1ueCZPneQiaH9gG82ajQ==
x-amz-cf-pop
AMS1-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
.t5aPfxCiC3dcMaLwZ0jl5ylX_nghvVJ
x-cache
Hit from cloudfront

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pb-ing.ccgateway.net
URL
https://pb-ing.ccgateway.net/v1.0/parent/8fea659f19/engagement/trigger/page_load

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| adthriveCLS object| adthrive object| $slickBoot string| FlodeskObject function| fd object| kadenceConfig function| perfmattersLazyLoadYouTube object| lazyLoadOptions boolean| pmDOMLoaded string| pmClickTarget function| pmTriggerDOMListener function| pmTriggerDelayedScripts function| pmDelayEventListeners function| pmDelayJQueryReady function| pmProcessDocumentWrite function| pmSortDelayedScripts function| pmPreloadDelayedScripts function| pmLoadDelayedScripts function| pmReplaceScript function| pmTriggerEventListeners function| pmNextFrame function| pmClickHandler function| pmReplayClicks function| pmTouchStartHandler function| pmTouchMoveHandler function| pmTouchEndHandler function| pmRenameDOMAttribute object| kadence function| LazyLoad boolean| gtag_enable_tcf_support function| __tcfapi object| google_tag_manager object| google_tag_data object| dataLayer object| webpackChunk_dev_assets function| onYouTubeIframeAPIReady boolean| pmPersisted object| pbjs object| apstag object| googletag object| _pbjsGlobals object| regeneratorRuntime object| _aps boolean| apstagLOADED object| cmp object| cmpConfiguration object| nodeScript object| ggeac object| google_js_reporting_queue object| _comscore object| confiant boolean| liModuleEnabled object| apscustom undefined| google_measure_js_timing object| COMSCORE object| launchPad object| launchPadConfiguration function| __launchpad

5 Cookies

Domain/Path Name / Value
leafshutter.info/ Name: __adblocker
Value: false
leafshutter.info/ Name: ccuid
Value: ce406642-843d-4087-a8b0-4823fd947fac
leafshutter.info/ Name: ccsid
Value: 47cbffe5-2378-4515-b4f0-17f2a8ce8789
.leafshutter.info/ Name: gdpr-auditId
Value: df353224bbdb4c6c93b5ac58cdb8626a
.leafshutter.info/ Name: geo-location
Value: {"country":"GB","region":""}

2 Console Messages

Source Level URL
Text
network error URL: https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://c01f.app.slickstream.com/d/page-boot-data?site=17F3Z60Q&url=https%3A%2F%2Fleafshutter.info%2F
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ads.adthrive.com
app.slickstream.com
assets.flodesk.com
c.amazon-adsystem.com
c01f.app.slickstream.com
cdn.confiant-integrations.net
cdn.jwplayer.com
cmp-consent-tool.privacymanager.io
config.aps.amazon-adsystem.com
gdpr-wrapper.privacymanager.io
gdpr.privacymanager.io
geo.privacymanager.io
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
leafshutter.info
pb-ing.ccgateway.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
www.googletagmanager.com
pb-ing.ccgateway.net
172.217.16.130
172.64.144.166
18.238.243.113
18.238.243.122
18.239.18.35
18.239.36.15
18.239.36.75
18.239.68.199
18.239.69.94
18.239.70.203
18.239.94.66
18.65.39.29
188.166.169.182
2600:9000:20a0:3000:11:2a6a:9480:93a1
2600:9000:238d:4600:1:a3fa:7cc0:93a1
2600:9000:2394:4800:16:f82a:8600:93a1
2600:9000:25e8:e000:f:b2f5:a240:93a1
2606:4700:10::6816:2e76
2606:4700:10::6816:2f76
2a00:1450:4001:82f::2008
52.12.161.136
054da332249bf5c962839268002d1106db1bf8d156a4c235f654cad3b60493db
068fcfb02c6a1bb3605aa25f2ca8f71cd9317c4fd909dd2a682defc8189fd35f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a0e723c814649151898b8920fa20ddb6c83b560981dc82d250621d31c943932
0ab24d196bfbacc47b91766381cd1dcfb376e8f1aa327ac3f5da64ecd67796dd
0caaf9008495a062d3f4aadc4e754f16561e99edcb749c88b4c7e16c48d6d3c1
1517ad61166c911dda2db59102f03ce78b9ad5ca3d27046c8390db3c267e1014
19fabe0a716fc7192e5c36c1c710a8e40a19bbe8424895a398a4329756db156a
1bc741f7e4c28b38fb6f193b8e5601c0510e72d600cb243b9721516d7fda9836
1c6e26b982bc6b92e0ce4a662471f2cd0336c566471049bf13c1786d35e212af
1f9039ef60afcb7ab8a184fc96366d5b6c590e789f5e57107aabfc295cba0066
2048ba5841c503230da6fd05c97826e0565818936803396cf28aeef18f56fd50
23688bc851614453f26aa9982f3154ffe5e0fbb5b8a9850c047c3a60a4dd5ee3
24255282ed181498c2aa9df8c30dfcf598317daa537df8a65437dac4718bdcf9
247b772f54eeb63505282c28c60ffc758842e61a8266249f8ef4e824120a669c
27f62274d9858073e8f3e5643a6bf652b6a1576e00dae337f8c7e12f6b91b97c
3641580a6cd03b723c7d2cf945217524dd75df302d76c862a1dba9b0cca2f39f
3d9ee626d0eaa55feae2939bd1d628c33ec77ba3b493279394bbedeaffa0463b
3e15f920cff73579a76009d3810093072e7f5faa9aaf8f9676c0a61f3dee5579
41eb608739bf4a67697c42793a5af1166bfa7ac3eed991db58e19db78ccc776d
48461dc42f0db35469bc84b181bba0dc32e1b37067cf21b6982201d1742f46fa
4898a43e840321fee40dba027fa7eacecf05ea88ee417abd8ae29c806ad605dd
4ab3a11d7e73ba02eefffb7a963e4f25b508cd518842226a2407e330cf1db49b
520cc688ff2c94bc94bd07a5747a1216e47514a9145cd07bba2c793d69ce41ad
52c2e10ea695393380ecf72ad7d7247994529619e0405db3d433c8d12c1625ad
56bac9ea6760f3ff6fdd160ab7a566367558c996a5a1453b796d85f37208845f
58c8e6e0ae274de20ed5f0c47f704de948659e6b8595df77e3e0c2875718d9ef
5beb872339dd388527958245dd0efbdfbb0729c075532d1f572545f7a78f2976
5e7a71ff8755ed5e4aa209be56a0448bb6c7a4776d4e219ac7ae2a51c01306ff
689b73bfdbec6e41e162f52507257b5da67eb295221ef27709ba191a147fa44b
68de83f94bc078ea092750f4bf2603b5f7942bddbcedf80e39bc688b63c8c2e9
68eaee1dfb1182af9bbb1cd60df98aceb32c2de546d8afe7f6480ac94679b350
6bcc3b8e91d8880decefbb9a1474f61b78bb5855de076f9552cba22710b1695c
6c892a3b81f32ff562d0c8f44e909e65c8366453aa55cc88c8d136bb51578375
6cf87d2575f74b183a396b1b1804a1776a0040740ab6c5830a1ef386917d2d13
73e8fdebeab4f384cac905005edbc1b1cc6c9fcbd18c111103d5066401abdded
746cc557cbc565c9d30ec866de272a6b28f82dc5aa4e82ce46ea2ee72c8ba106
82387103be0ead955d8e521893c1c10ca03447a8eb2420812557901c17e60d00
83fb5073665d9434da512303204b7628f0e5905071c54bb50f0d46bf807b1963
8411e71d8318107dba2dd3d2a40032dfb37c89cc59f6aeb2754f9e471fb4454f
983b11fd0939fb86fa5b98b5c2ecbc51e0687d39d698123286e67c0fdbef9a4a
9d8ed4ca489c25f4e040740a80afd25ede9f9e6b56f4bf0fde73779599ac9791
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07
b8bb1da4bab6b59f2b47c54a5c532eae35f5a9fc2cc81548832855532675019a
bc75e94100c2db188c1f41790059d0418edd1c209c3ab76fe82c68bb34225500
cc19b26c57237c2ef77e6ed92982ec7389de7ce7eb5e92adb08f148cffe5f1aa
d18297aca0d0d757a579f373c626a08618ba054d6ad9e04e49a48fbd908be923
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d5c0709fc80e90df7e93d71eb34e7f6be113f47caa96557c3d21f158f698042b
d5e5d744687f0732a848d8a67aae6b031bb8f9de551d3112dd8bb8237a7b2cf3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e776a7f761e5975d81c3d8a5ece5139fc9ac0dd13e3c494a941cf34c7a426ef8
e9bacc445ab897c1acf21abe9e3dbf6e87accae8818269dba0b67ac05cde5979
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d
f591b166dd915c5582fcb1510afc2dc88995b1a4f319f69b9e0419b7fe9637d7
f9ac5d9aa19574f9b5c369b5ce18c5bfe60a1d6e0e6f0f662b1c644d9ebc0827