page.firstleaf.club Open in urlscan Pro
2606:4700:10::ac43:1a84 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://clicks.procastnetworks.com/email/S-1705@32869@kQ4rffZyB0n6q_8xVlnHEwQAOcYpWtrci9uEe1VLpnY.@
Effective URL:
https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=2...
Submission: On October 24 via manual (October 24th 2020, 10:48:02 pm UTC) from US

Summary HTTP 91 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 37 IPs in 8 countries across 33 domains to perform 91 HTTP transactions. The main IP is 2606:4700:10::ac43:1a84, located in United States and belongs to CLOUDFLARENET, US. The main domain is page.firstleaf.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2020. Valid for: a year.

This is the only time page.firstleaf.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	185.105.66.16 185.105.66.16	16376 (SYSGROUP-...) (SYSGROUP-PLC SysGroup Plc)
3	2606:4700:10:... 2606:4700:10::ac43:1a84	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	192.229.133.208 192.229.133.208	15133 (EDGECAST) (EDGECAST)
2	2600:9000:205... 2600:9000:2057:d200:b:dc44:3680:21	16509 (AMAZON-02) (AMAZON-02)
3	35.222.120.150 35.222.120.150	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
9	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
4	104.27.174.181 104.27.174.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.132.146.241 3.132.146.241	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	143.204.201.121 143.204.201.121	16509 (AMAZON-02) (AMAZON-02)
1	35.244.142.80 35.244.142.80	15169 (GOOGLE) (GOOGLE)
1 2	34.204.239.36 34.204.239.36	14618 (AMAZON-AES) (AMAZON-AES)
2 2	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.28.129.122 52.28.129.122	16509 (AMAZON-02) (AMAZON-02)
3	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
1	216.239.36.21 216.239.36.21	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
1	104.18.71.113 104.18.71.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:2ae0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	3.92.172.78 3.92.172.78	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.176.88.2 35.176.88.2	16509 (AMAZON-02) (AMAZON-02)
1	35.193.67.164 35.193.67.164	15169 (GOOGLE) (GOOGLE)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
91	37

1 185.105.66.16 (United Kingdom) 1 redirects

ASN16376 (SYSGROUP-PLC SysGroup Plc, GB)

clicks.procastnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:1a84 (United States)

ASN13335 (CLOUDFLARENET, US)

page.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 192.229.133.208 (United States)

ASN15133 (EDGECAST, US)

v.fastcdn.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:d200:b:dc44:3680:21 (United States)

ASN16509 (AMAZON-02, US)

d1hdjv7b05hja2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.222.120.150 (United States)

ASN15169 (GOOGLE, US)
PTR: 150.120.222.35.bc.googleusercontent.com

heatmap-events-collector.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
anthill.instapage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.27.174.181 (United States)

ASN13335 (CLOUDFLARENET, US)

getrockerbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.132.146.241 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-146-241.us-east-2.compute.amazonaws.com

collector-7547.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-121.fra53.r.cloudfront.net

cdn.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.142.80 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com

cdn.pdst.fm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.204.239.36 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-239-36.compute-1.amazonaws.com

trkn.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.129.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-129-122.eu-central-1.compute.amazonaws.com

pixel.mediaiqdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

amplifypixel.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.36.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2415.1e100.net

jelly.mdhv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.71.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2ae0 (United States)

ASN13335 (CLOUDFLARENET, US)

ct.firstleaf.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-adaptive-growth.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.92.172.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-172-78.compute-1.amazonaws.com

api.datasteam.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:8004:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK, US)

cx.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.53.111 (United States)

ASN13335 (CLOUDFLARENET, US)

penrosehill.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.88.2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-88-2.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.193.67.164 (United States)

ASN15169 (GOOGLE, US)
PTR: 164.67.193.35.bc.googleusercontent.com

p.alcmpn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	fastcdn.co v.fastcdn.co	2 MB
10	zdassets.com static.zdassets.com ekr.zdassets.com	551 KB
5	taboola.com cdn.taboola.com trc.taboola.com trc-events.taboola.com	23 KB
5	google-analytics.com www.google-analytics.com	55 KB
4	datasteam.io cdn.datasteam.io api.datasteam.io	25 KB
4	getrockerbox.com getrockerbox.com	9 KB
4	outbrain.com amplify.outbrain.com amplifypixel.outbrain.com tr.outbrain.com	4 KB
4	firstleaf.club page.firstleaf.club images.firstleaf.club ct.firstleaf.club	49 KB
3	facebook.com 1 redirects www.facebook.com	545 B
3	instapage.com heatmap-events-collector.instapage.com anthill.instapage.com	5 KB
2	zendesk.com penrosehill.zendesk.com	2 KB
2	cloudfunctions.net us-central1-adaptive-growth.cloudfunctions.net
2	yahoo.com sp.analytics.yahoo.com	2 KB
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	trkn.us 1 redirects trkn.us	1 KB
2	yimg.com s.yimg.com	7 KB
2	tvsquared.com collector-7547.tvsquared.com	9 KB
2	bing.com bat.bing.com	9 KB
2	facebook.net connect.facebook.net	92 KB
2	gstatic.com fonts.gstatic.com	27 KB
2	cloudfront.net d1hdjv7b05hja2.cloudfront.net	24 KB
1	twitter.com analytics.twitter.com	649 B
1	alcmpn.com p.alcmpn.com	185 B
1	agkn.com aa.agkn.com	395 B
1	atdmt.com cx.atdmt.com	425 B
1	doubleclick.net stats.g.doubleclick.net	89 B
1	t.co t.co	448 B
1	mdhv.io jelly.mdhv.io	235 B
1	mediaiqdigital.com pixel.mediaiqdigital.com	501 B
1	pdst.fm cdn.pdst.fm	6 KB
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	procastnetworks.com 1 redirects clicks.procastnetworks.com	386 B
91	33

	Domain	Requested by
20	v.fastcdn.co	page.firstleaf.club
9	static.zdassets.com	www.googletagmanager.com static.zdassets.com page.firstleaf.club
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com page.firstleaf.club
4	getrockerbox.com	page.firstleaf.club getrockerbox.com
3	trc-events.taboola.com	cdn.taboola.com
3	api.datasteam.io	cdn.datasteam.io
3	www.facebook.com	1 redirects page.firstleaf.club
2	penrosehill.zendesk.com	static.zdassets.com
2	us-central1-adaptive-growth.cloudfunctions.net	cdn.pdst.fm
2	sp.analytics.yahoo.com	s.yimg.com
2	ct.firstleaf.club	images.firstleaf.club
2	tr.outbrain.com	amplify.outbrain.com page.firstleaf.club
2	secure.adnxs.com	2 redirects
2	trkn.us	1 redirects page.firstleaf.club
2	s.yimg.com	page.firstleaf.club s.yimg.com
2	collector-7547.tvsquared.com	page.firstleaf.club
2	bat.bing.com	www.googletagmanager.com page.firstleaf.club
2	connect.facebook.net	page.firstleaf.club connect.facebook.net
2	fonts.gstatic.com	v.fastcdn.co
2	heatmap-events-collector.instapage.com	page.firstleaf.club heatmap-events-collector.instapage.com
2	d1hdjv7b05hja2.cloudfront.net	page.firstleaf.club d1hdjv7b05hja2.cloudfront.net
1	analytics.twitter.com	static.ads-twitter.com
1	p.alcmpn.com	page.firstleaf.club
1	aa.agkn.com	cdn.datasteam.io
1	cx.atdmt.com	page.firstleaf.club
1	trc.taboola.com	cdn.taboola.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	t.co	page.firstleaf.club
1	ekr.zdassets.com	static.zdassets.com
1	jelly.mdhv.io	page.firstleaf.club
1	amplifypixel.outbrain.com	page.firstleaf.club
1	pixel.mediaiqdigital.com	page.firstleaf.club
1	images.firstleaf.club	page.firstleaf.club
1	cdn.pdst.fm	page.firstleaf.club
1	cdn.datasteam.io	www.googletagmanager.com
1	cdn.taboola.com	page.firstleaf.club
1	static.ads-twitter.com	www.googletagmanager.com
1	amplify.outbrain.com	page.firstleaf.club
1	anthill.instapage.com	page.firstleaf.club
1	www.googletagmanager.com	page.firstleaf.club
1	page.firstleaf.club
1	clicks.procastnetworks.com	1 redirects
91	42

This site contains links to these domains. Also see Links.

Domain
www.firstleaf.club
offers.firstleaf.club
help.firstleaf.club
firstleafblog.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-13` - `2021-08-13`	a year	crt.sh
v.fastcdn.co DigiCert SHA2 Secure Server CA	`2020-05-05` - `2022-07-14`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
heatmap-events-collector.instapage.com Let's Encrypt Authority X3	`2020-08-30` - `2020-11-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
anthill.instapage.com Let's Encrypt Authority X3	`2020-09-15` - `2020-12-14`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-20` - `2020-11-26`	6 months	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2021-12-31`	a year	crt.sh
*.tvsquared.com Amazon	`2020-10-16` - `2021-11-14`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-06` - `2020-11-25`	2 months	crt.sh
cdn.datasteam.io Amazon	`2019-12-17` - `2021-01-17`	a year	crt.sh
cdn.pdst.fm GTS CA 1D2	`2020-09-13` - `2020-12-12`	3 months	crt.sh
trkn.us Go Daddy Secure Certificate Authority - G2	`2020-03-20` - `2021-03-20`	a year	crt.sh
*.mediaiqdigital.com Amazon	`2020-05-11` - `2021-06-10`	a year	crt.sh
jelly.mdhv.io GTS CA 1D2	`2020-09-12` - `2020-12-11`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-08-01` - `2021-01-28`	6 months	crt.sh
misc.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.datasteam.io Amazon	`2020-08-28` - `2021-09-28`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2020-10-10` - `2021-01-08`	3 months	crt.sh
penrosehill.zendesk.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
*.alcmpn.com Let's Encrypt Authority X3	`2020-08-06` - `2020-11-04`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Frame ID: 04C6D2209951717350B302D8BAF7D298
Requests: 79 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2FTheFirstleaf%2Fvideos%2F1530763923626434%2F&show_text=0&width=560
Frame ID: 39781CDD054CFBFABC1DBC7862280477
Requests: 1 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/preload.6b57097bff6b7b2f3c7e.js
Frame ID: 8D2C5FF3B9279A5586CCBF40FD69EF95
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://clicks.procastnetworks.com/email/S-1705@32869@kQ4rffZyB0n6q_8xVlnHEwQAOcYpWtrci9uEe1VLpnY.@ HTTP 302
https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Page Statistics

91
Requests

100 %
HTTPS

36 %
IPv6

33
Domains

42
Subdomains

37
IPs

8
Countries

3079 kB
Transfer

6205 kB
Size

21
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.firstleaf.club/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://offers.firstleaf.club/invitation/starter-packred?tests=page-genpack&utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Title: Red

Search URL Search Domain Scan URL

URL: https://offers.firstleaf.club/invitation/starter-packwhite?tests=page-genpack&utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Title: White

Search URL Search Domain Scan URL

URL: https://offers.firstleaf.club/invitation/starter-pack?tests=page-genpack&utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Title: Mixed

Search URL Search Domain Scan URL

URL: https://help.firstleaf.club/hc/en-us
Title: HELP

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/press
Title: PRESS

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/how-it-works
Title: HOW IT WORKS

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/team
Title: TEAM

Search URL Search Domain Scan URL

URL: https://firstleafblog.com/
Title: BLOG

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/terms
Title: TERMS AND CONDITIONS

Search URL Search Domain Scan URL

URL: https://www.firstleaf.club/privacy
Title: PRIVACY POLICY

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://clicks.procastnetworks.com/email/S-1705@32869@kQ4rffZyB0n6q_8xVlnHEwQAOcYpWtrci9uEe1VLpnY.@ HTTP 302
https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://trkn.us/pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293 HTTP 302
https://trkn.us/pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293;ip=82.102.19.136;cuidchk=1

Request Chain 41

https://secure.adnxs.com/px?id=1395168&seg=24308663&order_id=undefined&value=undefined&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1395168%26uid%3D%24%7BUID%7D&t=2&gtmcb=452588176 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1395168%26seg%3D24308663%26order_id%3Dundefined%26value%3Dundefined%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%253D1395168%2526uid%253D%2524%257BUID%257D%26t%3D2%26gtmcb%3D452588176 HTTP 302
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1395168&uid=5595115344819458052

Request Chain 69

https://www.facebook.com/tr/?id=1669030446688031&ev=Microdata&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&rl=&if=false&ts=1603579663490&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf%22%2C%22meta%3Adescription%22%3A%22Firstleaf%20brings%20you%20the%20best%20wines%20that%20fit%20your%20individual%20taste%20when%20you%20become%20a%20member%20of%20our%20award-winning%20wine%20club%22%2C%22meta%3Akeywords%22%3A%22wine%2Cwine%20club%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Discover%20Award-Winning%20Wines%20From%20Around%20The%20World%20That%20Are%20Personalized%20To%20Your%20Individual%20Taste%22%2C%22og%3Adescription%22%3A%22Our%20world-class%20winemakers%20will%20send%20you%20the%20best%20wines%2C%20specific%20to%20your%20individual%20palate%2C%20at%20a%20value%20that%20can%27t%20be%20beat.%22%2C%22og%3Asite_name%22%3A%22Discover%20Award-Winning%20Wines%20From%20Around%20The%20World%20That%20Are%20Personalized%20To%20Your%20Individual%20Taste%22%2C%22og%3Aurl%22%3A%22http%3A%2F%2Fpage.firstleaf.club%2Fgenpack%22%2C%22og%3Aimage%22%3A%22http%3A%2F%2Fv.fastcdn.co%2Fu%2F814df80e%2F34504091-0-Unboxing03-132-1.jpg%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fv.fastcdn.co%2Fu%2F814df80e%2F34504091-0-Unboxing03-132-1.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1603579662986.19648033&it=1603579662628&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://cx.atdmt.com/?c=7822580060098252466&f=AYyZ--toqCigh0uX-RfVxy7D2y4ctS1MxZPB3xZr-3GQz_gzmzoGRQ9GtfhJ51JI7hI7PwPJu8HmkIZWQoKSeVv2&id=1669030446688031&l=3&v=0

91 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request genpack Show response
page.firstleaf.club/
Redirect Chain

https://clicks.procastnetworks.com/email/S-1705@32869@kQ4rffZyB0n6q_8xVlnHEwQAOcYpWtrci9uEe1VLpnY.@
https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

134 KB
20 KB

214ms
178ms

Document
text/html

2606:4700:10::ac43:1a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1a84 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a4b247236dee00aec7dc830a10a01df7637f10632865b25644e61071f871c09d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: page.firstleaf.club
:scheme: https
:path: /genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Sat, 24 Oct 2020 22:47:42 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d3b615a1e4dfb524095a63913c8f714671603579662; expires=Mon, 23-Nov-20 22:47:42 GMT; path=/; domain=.firstleaf.club; HttpOnly; SameSite=Lax instapage-variant-20381620=AH; Path=/; Expires=Sun, 24 Oct 2021 22:47:42 GMT
x-powered-by: Express
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
cf-cache-status: DYNAMIC
cf-request-id: 05fe64e6ce0000c2f44c334000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5e773db7bd2ec2f4-FRA
content-encoding: br

Redirect headers

Server: nginx
Date: Sat, 24 Oct 2020 22:47:41 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
location: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
X-server-tag: ldex-app-003
X-Instiller-Secure-Track: : true

GET
H2 200 css
v.fastcdn.co/f/ 4 KB
872 B 133ms
70ms Stylesheet
text/css 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://v.fastcdn.co/f/css?family=Montserrat:400,700

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.208 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ESF /

Resource Hash

a4088dbd5ae05ef25b50ae71d76c9dd70464744529a15d087babfd1ede1ba00f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 24 Oct 2020 22:28:30 GMT
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 24 Oct 2020 22:47:42 GMT

GET
H2 200 pageserver.page2.02e1082d15a730c03ccf97fef398fffb.css
v.fastcdn.co/a/b2c25f00ca361f1653c9e12969491693f9121a61/ 219 KB
36 KB 88ms
25ms Stylesheet
text/css 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://v.fastcdn.co/a/b2c25f00ca361f1653c9e12969491693f9121a61/pageserver.page2.02e1082d15a730c03ccf97fef398fffb.css
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B83) /
Resource Hash: bdf99df20adb49a3db00134afc1f57c5faad7432c66641ee79bc88634d6965c6

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
age: 1985
status: 200
x-guploader-uploadid: ABg5-UyLcK_Rbv1yi1lsC59j2oT82oz3P4sezsD7RZNSnhs42JZRy9c4O9tuex328xJjC4EPF1DetLOP-kW7hjEqKvGbf-Gaew
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36089
last-modified: Thu, 22 Oct 2020 08:50:10 GMT
server: ECS (amb/6B83)
etag: "c30e1c3b8edb55cd8004754ea53ec617"
vary: Accept-Encoding
x-goog-hash: crc32c=LdYV/g==, md5=ww4cO47bVc2ABHVOpT7GFw==
x-goog-generation: 1603356610866985
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 36089
accept-ranges: bytes
content-type: text/css
expires: Sat, 24 Oct 2020 23:47:42 GMT

GET
H2 200 pageserver.page2.es5.5b21834dba20bc7881af.bundle.js Show response
v.fastcdn.co/a/b2c25f00ca361f1653c9e12969491693f9121a61/ 547 KB
158 KB 106ms
44ms Script
application/javascript 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://v.fastcdn.co/a/b2c25f00ca361f1653c9e12969491693f9121a61/pageserver.page2.es5.5b21834dba20bc7881af.bundle.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B93) /
Resource Hash: 90c3b8d97df103749c4e56e06e581a6f36ddf166e218e0b7ad7f018c1443b7c7

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
age: 1985
status: 200
x-guploader-uploadid: ABg5-UzeFqQhbAMNMcS9684xXkgIIGjzWIVNdkfZaVCSoeDjo-4rIZhvvM9pZf0ww_eU94qonQR61b0epD6HGTLxsWQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 161922
last-modified: Thu, 22 Oct 2020 08:50:16 GMT
server: ECS (amb/6B93)
etag: "04ad72d4bcf21042dba77a315c1d099a"
vary: Accept-Encoding
x-goog-hash: crc32c=T5iOpA==, md5=BK1y1LzyEELbp3oxXB0Jmg==
x-goog-generation: 1603356616837494
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 161922
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 24 Oct 2020 23:47:42 GMT

GET
H2 200 caslon.css
d1hdjv7b05hja2.cloudfront.net/fonts/ 2 KB
1 KB 49ms
8ms Stylesheet
text/css 2600:9000:2057:d200:b:dc44:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:b:dc44:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c77d5979a9eb0e45bd243053b0724ea63b2d3381a0b43a3ec80ad58df66cf781

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 20 Oct 2020 13:32:32 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2017 18:11:11 GMT
server: AmazonS3
age: 378911
etag: W/"b57f1c931d356c98dde8a5d98c98605d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 5740cyPFe58AVcOFlDN22VSL2rTbgvHNgqZC_quVwBwUYV5yCgufaQ==
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront)

GET
H2 200 23347461-0-FL-Logotype-White.png
v.fastcdn.co/u/814df80e/ 15 KB
16 KB 37ms
18ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/23347461-0-FL-Logotype-White.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7A) /
Resource Hash: 2e94a788e3548290a70050319dc32425a9062444abc9931021227213111e4aad

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31895275
status: 200
x-guploader-uploadid: AEnB2UpZmm3-obQlIeBImaeENbt-nEM8ZHbfbzE9e8rcPuzm98K-cOEIiMw0H5-zTAk1ws_KJUVia9v5QFUsaQh0HF5WN3LxfI1ctCcN2andz5YUzed4pBM
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 07 Dec 2018 11:23:21 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 15854
last-modified: Mon, 16 Oct 2017 19:23:21 GMT
server: ECS (amb/6B7A)
etag: "87a74dd868116e611a45e15fe2e0e078"
x-goog-hash: crc32c=Kglldg==, md5=h6dN2GgRbmEaReFf4uDgeA==
content-type: image/png
x-goog-generation: 1508181802047803
cache-control: max-age=315360000, public
x-goog-stored-content-length: 15854
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 48481140-0-arrow.png
v.fastcdn.co/u/814df80e/ 6 KB
7 KB 20ms
20ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/48481140-0-arrow.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC3) /
Resource Hash: b53ee934ef09cf5882e9a53b318d39145695f63d41378b1e8907d0305204ba6f

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 23187645
status: 200
x-guploader-uploadid: AEnB2Urg1huKS4zmSV6kNl9LinSTMfeTe7Im7zjCTeA0F0vSCFYrUmCgIl2jq8swsfyR0JF3mUr3r4IZqMivy0NdKO5pZx7rmA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 05 Mar 2021 13:57:48 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6401
last-modified: Mon, 13 Jan 2020 21:57:48 GMT
server: ECS (amb/6BC3)
etag: "1c7ae6341961bd3ffc851fceafa7f288"
x-goog-hash: crc32c=GnOONg==, md5=HHrmNBlhvT/8hR/Or6fyiA==
content-type: image/png
x-goog-generation: 1578952668989371
cache-control: max-age=315360000, public
x-goog-stored-content-length: 6401
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914831-0-thumbs-down.png
v.fastcdn.co/u/814df80e/ 4 KB
4 KB 46ms
43ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914831-0-thumbs-down.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 784eef2bd9b090b59a21415c301374d957f01f4a2a9c36f7befd59f3c44b82f1

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 35830339
status: 200
x-guploader-uploadid: AEnB2Uqctar5rn_hNlQyiv-eDzlQnMXpbP810liDjKt5u8_gYJj-q4BYPzH_KcofyzjK7P7lG_lg5R4LuCHZ0F2Kspwe93OA1KyHWP35GPGN6jhCQjjTXKk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:10:34 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4241
last-modified: Fri, 22 Dec 2017 18:10:34 GMT
server: ECS (amb/6BBF)
etag: "43e5eee3d5b720694ec3f4b6687614dc"
x-goog-hash: crc32c=eqv65A==, md5=Q+Xu49W3IGlOw/S2aHYU3A==
content-type: image/png
x-goog-generation: 1513966234469712
cache-control: max-age=315360000, public
x-goog-stored-content-length: 4241
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914821-0-thumbs-up-solid.png
v.fastcdn.co/u/814df80e/ 3 KB
3 KB 21ms
18ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914821-0-thumbs-up-solid.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BA5) /
Resource Hash: a2deda29d1371229ed501ce62b57e607cb796cebb792410fc70054e69cd262b1

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 35830338
status: 200
x-guploader-uploadid: AEnB2UolicpQ_Qmab4MOQiphYDsBs81ntQFm0o6rPWABbbZ1cZCCFIKNtmInnUEfXl1lhGpWpH_bTJspkL6K96ysE0wr81LD2Wmk8__ugWxdRtK9DPF6nYg
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:10:14 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 3055
last-modified: Fri, 22 Dec 2017 18:10:14 GMT
server: ECS (amb/6BA5)
etag: "528b25379923e84ad6bc2f313b2c1d4d"
x-goog-hash: crc32c=AZ91Mg==, md5=UoslN5kj6ErWvC8xOywdTQ==
content-type: image/png
x-goog-generation: 1513966214312934
cache-control: max-age=315360000, public
x-goog-stored-content-length: 3055
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914856-0-bottle-swap-icon.png
v.fastcdn.co/u/814df80e/ 6 KB
6 KB 22ms
19ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914856-0-bottle-swap-icon.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B72) /
Resource Hash: eafb5c7e73d4a9f221b583f15b15728b8e09f5b43974291b160cd05cb84a576e

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31755977
status: 200
x-guploader-uploadid: AEnB2Uq9jP9qDSQv5AlR0OvvilgoAtrxS7s_AmaWcbrQU3b1k-ou8px5VP3GA_JGZrFB-9lB5Ye1Ptc0VaUmYT9UIP5YQojZgQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:11:09 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6255
last-modified: Fri, 22 Dec 2017 18:11:09 GMT
server: ECS (amb/6B72)
etag: "fdb079410e524d150de6275be023bf44"
x-goog-hash: crc32c=0FyrlA==, md5=/bB5QQ5STRUN5idb4CO/RA==
content-type: image/png
x-goog-generation: 1513966269342040
cache-control: max-age=315360000, public
x-goog-stored-content-length: 6255
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914846-0-glass-save.png
v.fastcdn.co/u/814df80e/ 13 KB
13 KB 23ms
21ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914846-0-glass-save.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B74) /
Resource Hash: 810993e7140a3ee8854a0710b65e674282813a582c5d78b3847b6881f35358bc

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31908154
status: 200
x-guploader-uploadid: AEnB2UqEmDBMcWJP3QDntQLbiFGmuE4znqtZ0rPbuajsKediI5Bn4z3MNEmFu2bUK_jUK5j0r6zdMO508vu6-uiqPwFD8pGJIA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:10:57 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 12954
last-modified: Fri, 22 Dec 2017 18:10:57 GMT
server: ECS (amb/6B74)
etag: "f5eb1c64feb059a30b5ea4fb47489c9e"
x-goog-hash: crc32c=CURzCQ==, md5=9escZP6wWaMLXqT7R0icng==
content-type: image/png
x-goog-generation: 1513966257514273
cache-control: max-age=315360000, public
x-goog-stored-content-length: 12954
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914966-0-sunset-light-purple.png
v.fastcdn.co/u/814df80e/ 5 KB
5 KB 21ms
19ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914966-0-sunset-light-purple.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB1) /
Resource Hash: 3b2952b68071e053969f57eeaeea5edaae13cd177cf4045c170f52f42a4dbff9

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 15550874
status: 200
x-guploader-uploadid: AAANsUl7sKuuEfLvFIp3w37IdEIFLfO9RC8J59953L7g584_469-QOirkLG6Hgw06Sa-5FLqGfpu51dTUqYDee5M4_rnptGw_g
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:14:37 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4620
last-modified: Fri, 22 Dec 2017 18:14:37 GMT
server: ECS (amb/6BB1)
etag: "b8ee5dac174b8f815532431d401c8cfc"
x-goog-hash: crc32c=0HkhVw==, md5=uO5drBdLj4FVMkMdQByM/A==
content-type: image/png
x-goog-generation: 1513966477235462
cache-control: max-age=315360000, public
x-goog-stored-content-length: 4620
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914981-0-cooking-light-light-.png
v.fastcdn.co/u/814df80e/ 6 KB
6 KB 22ms
20ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914981-0-cooking-light-light-.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBB) /
Resource Hash: f300ec69084196b7ccaf336632ba239f9eede00b1ded121009d8c5af9c9724c8

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 27375922
status: 200
x-guploader-uploadid: AEnB2UrB-ycJFK7q84sbZ6uCVxiX6_3SszzjNiX7YiFpDm5PvnW2YenvzaSzV5Y407SOWxhdY6lsfcrWdMJR8SUwdXn6aD74TQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:15:05 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 5664
last-modified: Fri, 22 Dec 2017 18:15:06 GMT
server: ECS (amb/6BBB)
etag: "5e31ee9e9b058a974f06a9eecd7a6127"
x-goog-hash: crc32c=IR71PQ==, md5=XjHunpsFipdPBqnuzXphJw==
content-type: image/png
x-goog-generation: 1513966506085922
cache-control: max-age=315360000, public
x-goog-stored-content-length: 5664
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914971-0-food-and-wine-light-.png
v.fastcdn.co/u/814df80e/ 4 KB
5 KB 25ms
22ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914971-0-food-and-wine-light-.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8E) /
Resource Hash: 18aa0928793ae52418d244d18064885a0457aa59d1aa34a5bd60cb8a0ac9c2c4

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 35830338
status: 200
x-guploader-uploadid: AEnB2Uposc-AuJIMH1kPyi0l7NMLgqkt2uwthtpTWc5jXUfZBZYh1s3QoUCMAbj3aTEi97UrX49aGEvCpqiRIaMCKPE6z7l9EA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:14:53 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4536
last-modified: Fri, 22 Dec 2017 18:14:53 GMT
server: ECS (amb/6B8E)
etag: "2d40b41ece9076db5d1a966bed769435"
x-goog-hash: crc32c=xoohng==, md5=LUC0Hs6QdttdGpZr7XaUNQ==
content-type: image/png
x-goog-generation: 1513966493220212
cache-control: max-age=315360000, public
x-goog-stored-content-length: 4536
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914956-0-travel-and-leisure-l.png
v.fastcdn.co/u/814df80e/ 4 KB
5 KB 22ms
20ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914956-0-travel-and-leisure-l.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 8045839b1c3c3a07a461ef4e3d3a1dba52e2a3e76e55ba81af5616eb121f24d4

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 10804745
status: 200
x-guploader-uploadid: AAANsUmlHUJb5LBa2BTSKZ1HvcQgYLL5hVFa_J7oKi7KPZp0uclboAuONgs_d0QG4gDVPWRPm8eJ5MijNt0Mp40raIjXdRiD-Q
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:14:24 GMT
x-goog-meta-content-length: 0
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4254
last-modified: Fri, 22 Dec 2017 18:14:24 GMT
server: ECS (amb/6B9D)
etag: "3872ad166bb193f27753dc0300538770"
x-goog-hash: crc32c=CZT2NA==, md5=OHKtFmuxk/J3U9wDAFOHcA==
content-type: image/png
x-goog-generation: 1513966464808621
cache-control: max-age=315360000, public
x-goog-stored-content-length: 4254
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 49307795-0-Arrow-f9f9f9.svg
v.fastcdn.co/u/814df80e/ 303 B
710 B 25ms
23ms Image
image/svg+xml 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/49307795-0-Arrow-f9f9f9.svg
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9B) /
Resource Hash: 4bc0e7ea8db971d9dabd62c45f816186f3b5673b6872fbab1f20cf29026700bb

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
age: 18327487
status: 200
x-guploader-uploadid: AEnB2UrfT_oCdQbSbBwF5VPeokP_ztcwknPTJ8iODgbAA7-pyI7A3PWMVP_G5Bc2pUpxRPfKwgoXFEPybRML9JfJbefFT9cjXw
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-meta-expires: Fri, 16 Apr 2021 08:19:51 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 234
last-modified: Mon, 24 Feb 2020 16:19:51 GMT
server: ECS (amb/6B9B)
etag: "24163a9a448fde328f2784df5d0987cc"
vary: Accept-Encoding
x-goog-hash: crc32c=YwB2pQ==, md5=JBY6mkSP3jKPJ4TfXQmHzA==
content-type: image/svg+xml
x-goog-generation: 1582561191544414
cache-control: max-age=315360000, public
x-goog-stored-content-length: 234
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 42924872-0-wine-concierge-1.png
v.fastcdn.co/u/814df80e/ 2 MB
2 MB 25ms
23ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/42924872-0-wine-concierge-1.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B7C) /
Resource Hash: b173e30ca5264235daeaca0ef667a001256d4c945e656e5f6c7c6d5ae9f5fd96

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31755979
status: 200
x-guploader-uploadid: AEnB2UoW524OpZtmWlBTZvZgYFvvrR17bmEL-rGMbkqAO1gD6J7q7HqeyveOcWIhe1tF2Xgdhaz2tpu7nDa6ucV69lTGIOwObzMjK1tMaeVOS3WT3B9FRco
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 03 Jul 2020 15:43:23 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1608245
last-modified: Mon, 13 May 2019 23:43:24 GMT
server: ECS (amb/6B7C)
etag: "86fedc50c04823404b98fd39d886d80e"
x-goog-hash: crc32c=6hVpVQ==, md5=hv7cUMBII0BLmP052IbYDg==
content-type: image/png
x-goog-generation: 1557791004179763
cache-control: max-age=315360000, public
x-goog-stored-content-length: 1608245
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 25914951-0-winner-bottle-no-.png
v.fastcdn.co/u/814df80e/ 6 KB
7 KB 51ms
49ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/25914951-0-winner-bottle-no-.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB5) /
Resource Hash: d60d19dc30c3505c7c128e2d4d302f9e75902b7839b80b629415d330fced652d

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31785958
status: 200
x-guploader-uploadid: AEnB2Uqk58ZbI1R9gAhWWp8KOYkh4Dr5xkfN4WImvBYupOfktyR--0M-2jwKdP-O6PXvT5n9lK5MiTti_DA1HyP-4ZXPzzGKQB8VpeTdn1TDJOHhyXedPrk
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Tue, 12 Feb 2019 10:14:12 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 6417
last-modified: Fri, 22 Dec 2017 18:14:12 GMT
server: ECS (amb/6BB5)
etag: "2f4446df4b42ccc9f2969467b5a57d99"
x-goog-hash: crc32c=HnE2xQ==, md5=L0RG30tCzMnylpRntaV9mQ==
content-type: image/png
x-goog-generation: 1513966452595299
cache-control: max-age=315360000, public
x-goog-stored-content-length: 6417
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 23346866-0-firstleaf-icon.png
v.fastcdn.co/u/814df80e/ 6 KB
6 KB 50ms
49ms Image
image/png 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/23346866-0-firstleaf-icon.png
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B87) /
Resource Hash: b2190f77f214349ff4d6bc095e0e5382216763eb51a150694495af066c7b8517

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 18993979
status: 200
x-guploader-uploadid: AEnB2Urcz3dBAGQVUOx1ni2StNljqW6hxdQh1KpJcGmvgYHA7OA_tibfK7vX4gEwkNV16u-JOJ6l7FK2fppc8MVwFFFlbUPwnQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Fri, 07 Dec 2018 11:12:30 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 6349
last-modified: Mon, 16 Oct 2017 19:12:30 GMT
server: ECS (amb/6B87)
etag: "644d2dae4f6c063383fcac49b7a41fa9"
x-goog-hash: crc32c=mbt2sA==, md5=ZE0trk9sBjOD/KxJt6QfqQ==
content-type: image/png
x-goog-generation: 1508181150199335
cache-control: max-age=315360000, public
x-goog-stored-content-length: 6349
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 lib.js Show response
heatmap-events-collector.instapage.com/static/ 10 KB
4 KB 389ms
121ms Script
application/javascript 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/static/lib.js

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

40d2e5f16c476f6256135317980af1368ce7cb0533ca4377ee20b0a424d16a4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
strict-transport-security: max-age=315360000; includeSubDomains
content-length: 3676
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 21 Oct 2020 08:59:52 GMT
x-frame-options: SAMEORIGIN
x-download-options: noopen
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, must-revalidate, public
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 24 Oct 2020 22:52:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
57 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc01f4603e91d51cbb047f2a8d5c9352b6340eaaf92700e87c993985f2a3d8d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58396
x-xss-protection: 0
last-modified: Sat, 24 Oct 2020 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Oct 2020 22:47:42 GMT

GET
H2 200 video.php
www.facebook.com/plugins/ Frame 3978 0
0 179ms
179ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2FTheFirstleaf%2Fvideos%2F1530763923626434%2F&show_text=0&width=560

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/video.php?href=https%3A%2F%2Fwww.facebook.com%2FTheFirstleaf%2Fvideos%2F1530763923626434%2F&show_text=0&width=560
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Response headers

status: 200
vary: Accept-Encoding
pragma: no-cache
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: Dai6e/z6PkGMRgDXkA/WpW/Wf3ZH4NaLfQzSS8k0D8N63ImKyWJvw89F8D2AqOPVoRKiD9BCTJcvQfO6noyPLg==
date: Sat, 24 Oct 2020 22:47:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 40875131-0-firstleaf-unboxing.jpg
v.fastcdn.co/u/814df80e/ 138 KB
138 KB 42ms
41ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/40875131-0-firstleaf-unboxing.jpg
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB5) /
Resource Hash: b55d8bf76fad21d722c9f365e1f6521d68d0e69e93d021b937767c2886aa3080

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 31755980
status: 200
x-guploader-uploadid: AEnB2Uq5THi0mbFe67UWZX6klfsuTtdeuXuRs-feoxZa6f-ZZxD_HSxAPUCv4aRoFObq0MUFWO3I_kwvAHYI3O82xQpIiwoJKQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 25 Apr 2020 20:45:55 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 140975
last-modified: Wed, 06 Mar 2019 04:45:55 GMT
server: ECS (amb/6BB5)
etag: "3df4b96df5a15fa54e27907a13ed5c39"
x-goog-hash: crc32c=kTPaAg==, md5=PfS5bfWhX6VOJ5B6E+1cOQ==
content-type: image/jpeg
x-goog-generation: 1551847555706820
cache-control: max-age=315360000, public
x-goog-stored-content-length: 140975
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 40873821-0-firstleaf-wines-grou.jpg
v.fastcdn.co/u/814df80e/ 127 KB
128 KB 40ms
39ms Image
image/jpeg 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/u/814df80e/40873821-0-firstleaf-wines-grou.jpg
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B94) /
Resource Hash: 4fdc600e438b930705234651d0e5f9dc60176d1fc4212b0cfb1e0f9e908d91fa

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
age: 35830336
status: 200
x-guploader-uploadid: AEnB2UrsL4BGWe2HMGP6SkrQcmZzJvxvuzdbOmnbRkbEQgORPoHAbcZoeRKXVKMr9tH08ibGrh589sZF1EHPJxSvCntlgvP2iQ
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-meta-expires: Sat, 25 Apr 2020 19:43:29 GMT
x-goog-meta-content-length: 0
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 130357
last-modified: Wed, 06 Mar 2019 03:43:29 GMT
server: ECS (amb/6B94)
etag: "f8bf313a608104ad7660a0648a58609c"
x-goog-hash: crc32c=h4SEEA==, md5=+L8xOmCBBK12YKBkilhgnA==
content-type: image/jpeg
x-goog-generation: 1551843809949039
cache-control: max-age=315360000, public
x-goog-stored-content-length: 130357
accept-ranges: bytes
expires: Sun, 24 Oct 2021 22:47:42 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: v.fastcdn.co
URL: https://v.fastcdn.co/f/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://page.firstleaf.club
Referer: https://v.fastcdn.co/f/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 11:20:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 300428
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Thu, 21 Oct 2021 11:20:34 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: v.fastcdn.co
URL: https://v.fastcdn.co/f/css?family=Montserrat:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://page.firstleaf.club
Referer: https://v.fastcdn.co/f/css?family=Montserrat:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 11:20:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:14 GMT
server: sffe
age: 473221
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
expires: Tue, 19 Oct 2021 11:20:41 GMT

GET
H2 200 2F5835_2_0.woff2
d1hdjv7b05hja2.cloudfront.net/fonts/webfonts/ 23 KB
23 KB 38ms
22ms Font
binary/octet-stream 2600:9000:2057:d200:b:dc44:3680:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1hdjv7b05hja2.cloudfront.net/fonts/webfonts/2F5835_2_0.woff2
Requested by: Host: d1hdjv7b05hja2.cloudfront.net
URL: https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:d200:b:dc44:3680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a2e3d4429fdfe6045263556fe47666cc7fe0343f7b1fec6d49362486db09327

Request headers

Origin: https://page.firstleaf.club
Referer: https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 18 Oct 2020 18:58:59 GMT
via: 1.1 9810d82af8847b51b9c3048141069a65.cloudfront.net (CloudFront)
age: 532124
x-cache: Hit from cloudfront
status: 200
content-length: 23365
last-modified: Mon, 25 Sep 2017 16:45:24 GMT
server: AmazonS3
etag: "6bf34ffc407bb3b83a5eb6a6d068831a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: f0f1zaZruiAXuVx9-dXILW_YLims2zSCff3mBvem_74dRqtHF7YLIw==

GET
H2 200 visit
anthill.instapage.com/api/v3/projects/56c2f3d796773d0a7e96a536/events/ 35 B
293 B 386ms
126ms Image
application/octet-stream 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://anthill.instapage.com/api/v3/projects/56c2f3d796773d0a7e96a536/events/visit?data=eyJvd25lcl9pZCI6MTk3MzQ3NiwiY3VzdG9tZXJfaWQiOjIzNDQwOTEsInVzZXJfaWQiOjE5NzM0NzYsInBhZ2VfaWQiOjIwMzgxNjIwLCJwdWJsaXNoZWRfdmVyc2lvbiI6NSwicXVhbnRpdHkiOjEsInN0YXRpY19wYWdlIjpmYWxzZSwidmFyaWF0aW9uX25hbWUiOiJBSCIsInZhcmlhdGlvbl9pZCI6NjUsImxpbmtlZF92YXJpYXRpb25faWQiOjY2LCJpbml0aWFsX3Jlc3BvbnNpdmVfbW9kZSI6bnVsbCwidmlzaXRvcl9pcCI6IjEwLjk5LjguNSIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzE0XzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84My4wLjQxMDMuNjEgU2FmYXJpLzUzNy4zNiIsImphdmFzY3JpcHQiOnRydWUsInZhcmlhdGlvbiI6IkFIIiwiZ2VuZXJhdGlvbl90aW1lIjoiMTIiLCJyZXNwb25zaXZlX21vZGUiOm51bGwsInZpc2l0ZWQiOjAsImNhbXBhaWduX2lkIjpmYWxzZSwiYWRfaWQiOmZhbHNlLCJjYW1wYWlnbl9zb3VyY2UiOmZhbHNlLCJyZWYiOm51bGx9&t=1603579662529&jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6IjEifQ.eyJpc3MiOiJhcHAiLCJzdWIiOiJmcm9udGVuZDphcHA6dHAyMDM4MTYyMCIsImF1ZCI6WyJhbnRoaWxsIl0sImV4cCI6MTYzNDkwMjcyOX0.v4hvrMF5h_NXA8uCxF9XxxqMWQVMzqxT6ILphQxFpgvav8dFAC1Yeyqw6ubNXOLfYNHj2ufXrTkKxQPLYFTjKS60Bm1qzGWv-F3XzRXMtylSnA2B4vv_mT4R_FUZhYwgwPcSOc1RBcMUbNT1BuMd6ddXi_RTZ0P9yEkZHIirtquirEACjjs7qbP1VtAsDy7MTqODoLy0Y1tDKMT7f4jPX8LD3NYNHUHIX-6clJ6z8C3y10GVfyAwo1d-DbDtFsEC2vKjKZBXs35Mh3GDVyPVb4gnz5fQrG1A5TF4LyrHw-QYqA4npNF6KaxzSJF1oR1BeIoSCjuZDMPvi5ZEFc8UyA

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
referrer-policy: same-origin
x-powered-by: Express
x-frame-options: SAMEORIGIN
content-type: application/octet-stream
status: 200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
vary: Accept-Encoding, Origin
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3497
date: Sat, 24 Oct 2020 21:49:25 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Sat, 24 Oct 2020 23:49:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: zCanNzFAX5ZWBzhL1W9wBDQ/E1MQ9XYoPs5tO6sT0X9jiko4Y78yONJEyCHQUO4T3FGzce7vqfOrxe+R8euLkg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Sat, 24 Oct 2020 22:47:42 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 96ms
40ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf2e59f0d930e9303ab7e02d216b9d6a09ea183b711185b3a8895950f375dfdc

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:42 GMT
Content-Encoding: gzip
X-Check-Cacheable: YES
Server: AkamaiNetStorage
X-Akamai-Pragma-Client-IP: 2.16.186.135, 149.6.140.226
ETag: "64bc0fbc47f08b53eeeff53a04818915:1602789042.047561"
X-Serial: 10883
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Last-Modified: Thu, 15 Oct 2020 19:10:42 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2890
Expires: Sat, 24 Oct 2020 23:07:42 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 47ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 6ADB0DCD939748DA9D9BD3E11F04D582 Ref B: FRAEDGE1309 Ref C: 2020-10-24T22:47:42Z
status: 200
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 76ms
23ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
age: 4509
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1958
x-served-by: cache-hhn4029-HHN
last-modified: Wed, 21 Oct 2020 21:46:56 GMT
x-timer: S1603579663.646921,VS0,VE0
etag: "a4cc3f907681b24a3efd540acd5d2996+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 24 KB
7 KB 79ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 41
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: C0CA8848DCD3CEAF
x-amz-id-2: xnbzxiI4FAXHXRkL5htU6Jj+cXP9o45eoXEvsFQ+Xr1gd+M/QMGy4OaiTqT+tF74rVjE5MhAALk=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: QzcBmfzwuCnSPtNhWyKUV.rVnAqAKY6a
cf-request-id: 05fe64e93800002056661a3000000001
cf-ray: 5e773dbb8d5c2056-AMS

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1046601/ 62 KB
21 KB 175ms
125ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1046601/tfa.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ee37b0b701492a970b74f447f018a57e15b07e5507adacd9ece58af818f9ac4b

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .M_iy9VbE4tltoXl1NQumeAF6i1iENfc
content-encoding: gzip
etag: "d2c31f6af613c33c7fda278f233192b2"
age: 0
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 21275
x-amz-id-2: Sb3XE4s8WqqYRU0/3QBbGGMr5Sh0PzHaPbIuef5b0M69SCA3sVZ5A0KXQ2ATZXfWx7gvoOdiDj4=
x-served-by: cache-hhn4067-HHN
last-modified: Mon, 19 Oct 2020 10:24:29 GMT
server: AmazonS3
x-timer: S1603579663.647415,VS0,VE106
date: Sat, 24 Oct 2020 22:47:42 GMT
vary: Accept-Encoding
x-amz-request-id: 0B18A5B07BA756FA
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 10
x-cache-hits: 1

GET
H2 200 wxyz.js Show response
getrockerbox.com/assets/ 33 KB
8 KB 222ms
128ms Script
application/javascript 104.27.174.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/assets/wxyz.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.174.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5014231e08e901a2730bec0757b5b1624c206da4b34dd13bc028ce86880e9540

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NX1EJtxaURkXtPark4qzc%2FPgTekLdZ55uqj8sTZXyIMsNDjxvM7lkqYUWPp767a8nyN72R1wPxknnV0vYYubtHJ%2F8Wgq649qgVBFOJnxm0xT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
status: 200
cf-ray: 5e773dbbdd4932ad-CDG
cf-request-id: 05fe64e967000032ad3088a000000001

GET
H/1.1 200
OK tv2track.js Show response
collector-7547.tvsquared.com/ 20 KB
9 KB 497ms
111ms Script
application/javascript 3.132.146.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-7547.tvsquared.com/tv2track.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.146.241 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-146-241.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Sep 2020 11:44:51 GMT
Server: nginx
ETag: "5f649db3-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Sat, 24 Oct 2020 22:57:43 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 68ms
22ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Sat, 24 Oct 2020 21:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3593
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
content-length: 5581
x-amz-id-2: 3eziX8Zvhx9gTuK5UeoEiYblCdqhDQLycnhczLpWJzC35KGyRyuVONcM+rtrpIuOzjKR67Ifsyw=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 30 Oct 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 24 Sep 2020 23:08:16 GMT
server: ATS
etag: "49db10c8315384e8dad2e92a6841ed81-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 32BC8817C68BDCBC
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: swANRqp_TdPZf97XDKuCKoVnrp7c.h.0
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 D22CCB709CDC50.js Show response
cdn.datasteam.io/js/ 70 KB
23 KB 158ms
23ms Script
application/x-javascript 143.204.201.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.datasteam.io/js/D22CCB709CDC50.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-121.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 631c2fa0722f28283a53ace40b98a338caf41f8f13be6cede3c89b819fc75abf

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 14:39:30 GMT
content-encoding: gzip
last-modified: Thu, 08 Oct 2020 15:00:17 GMT
server: AmazonS3
age: 29293
etag: W/"8e587df68ea7c8e60fbb9b7d8406934e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=600,s-maxage=86400
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: muLgBt3oubtDbXxgNUCPxyt9ppkJ4Ka_VKdlgcoGsuCtKmg9c8SwIg==
via: 1.1 e7377cc861b31102786678df3616bf69.cloudfront.net (CloudFront)

GET
H2 200 ping.min.js Show response
cdn.pdst.fm/ 25 KB
6 KB 117ms
19ms Script
application/javascript 35.244.142.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pdst.fm/ping.min.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.142.80 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 80.142.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4a405f02a3a7d40426db85769f1e6c8ac96d4f5580600d2f906334e7b95eddbc

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:07:25 GMT
content-encoding: gzip
age: 2417
x-guploader-uploadid: ABg5-Ux74xYnD0nPCPZQLesCFOdYoi6GxAYWypnnFQi1Zsd7DrQRVL4kIvR6ElrFKRMXeYUNeWGoSeLS4ES8z7pV70YEF0aw3g
x-goog-storage-class: MULTI_REGIONAL
status: 200
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 5778
last-modified: Fri, 31 Jul 2020 14:03:52 GMT
server: UploadServer
etag: "2228048559818b2e5da91bfc5e819f44"
vary: Accept-Encoding
x-goog-hash: crc32c=VK6OUg==, md5=IigEhVmBiy5dqRv8XoGfRA==
x-goog-generation: 1596204232179322
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 5778
accept-ranges: bytes
content-type: application/javascript;
expires: Sat, 24 Oct 2020 23:07:25 GMT

GET
H2 200 sp-at-v2-14-0.js Show response
images.firstleaf.club/js/ 97 KB
29 KB 91ms
64ms Script
application/javascript 2606:4700:10::ac43:1a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://images.firstleaf.club/js/sp-at-v2-14-0.js
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
via: 1.1 507b5edb20d0e1a0b73c8687f53defa9.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA6-C1
cf-polished: origSize=100349
x-cache: Hit from cloudfront
status: 200
content-encoding: br
cf-request-id: 05fe64e96a0000c2f4322cc000000001
last-modified: Mon, 27 Jul 2020 04:28:00 GMT
server: cloudflare
etag: W/"8dba669b94e3865c9205ef8fd15ee4d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=5356800
cf-ray: 5e773dbbdb7fc2f4-FRA
x-amz-cf-id: XJwNyHfIL5Si2WfFhbC3QvUxTV6q9PfSzrvribmtJc1XsPTGS0zUxQ==
cf-bgj: minify

GET
H/1.1

200
OK

ppt=8312;g=sitewide;gid=27870;ord=undefined
trkn.us/pixel/conv/
Redirect Chain

https://trkn.us/pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293
https://trkn.us/pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293;ip=82.102.19.136;cuidchk=1

42 B
758 B

114ms
112ms

Image
image/gif

34.204.239.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trkn.us/pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293;ip=82.102.19.136;cuidchk=1

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.204.239.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-239-36.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Oct 2020 22:47:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sun, 9 Nov 1980 12:59:00 GMT
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
X-Content-Type-Options: nosniff
Server: Apache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: /pixel/conv/ppt=8312;g=sitewide;gid=27870;ord=undefined?gtmcb=469100293;ip=82.102.19.136;cuidchk=1
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 0

GET
H/1.1

200
OK

pixel
pixel.mediaiqdigital.com/
Redirect Chain

https://secure.adnxs.com/px?id=1395168&seg=24308663&order_id=undefined&value=undefined&redir=https%3A%2F%2Fpixel.mediaiqdigital.com%2Fpixel%3F%26pixel_id%3D1395168%26uid%3D%24%7BUID%7D&t=2&gtmcb=45...
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1395168%26seg%3D24308663%26order_id%3Dundefined%26value%3Dundefined%26redir%3Dhttps%253A%252F%252Fpixel.mediaiqdigital.com%252Fpixel%253F%2526pixel_id%2...
https://pixel.mediaiqdigital.com/pixel?&pixel_id=1395168&uid=5595115344819458052

2 B
501 B

149ms
36ms

Image
application/json

52.28.129.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.mediaiqdigital.com/pixel?&pixel_id=1395168&uid=5595115344819458052

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.129.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-129-122.eu-central-1.compute.amazonaws.com

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Server: nginx/1.19.0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Access-Control-Allow-Origin,x-requested-with,origin,Content-Type,accept,X-PINGARUNER
Content-Length: 2

Redirect headers

Pragma: no-cache
Date: Sat, 24 Oct 2020 22:47:42 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid: b18b9238-191c-427a-bc47-a8639799fc38
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.mediaiqdigital.com/pixel?&pixel_id=1395168&uid=5595115344819458052
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixel
amplifypixel.outbrain.com/ 43 B
256 B 399ms
90ms Image
image/gif 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplifypixel.outbrain.com/pixel?mid=003984529eb2a496e5ebded96e34081bbf
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Cache-Control: no-cache
X-TraceId: 280c5aecd5351cac8fdf0257d7eb2abc
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H2 200 star.gif
jelly.mdhv.io/v1/ 43 B
235 B 220ms
126ms Image
image/gif 216.239.36.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jelly.mdhv.io/v1/star.gif?pid=S1QWtdGepedvdhZ2jCn2PVKP4IsF&src=mh&evt=hi&url=/genpack&ifa=[device_id]&uid=undefined&ord=undefined&rev=undefined
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.36.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: any-in-2415.1e100.net
Software: Google Frontend /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:42 GMT
server: Google Frontend
content-type: image/gif
status: 200
x-cloud-trace-context: 270fcf277c2980e74db658784e660ee6
cache-control: no-store,no-cache,must-revalidate,max-age=0,post-check=0,pre-check=0
content-length: 43
expires: -1

GET
H3-Q050 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
2 KB 31ms
10ms Script
text/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:14:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2015
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Sat, 24 Oct 2020 23:14:07 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 93 KB
35 KB 52ms
38ms Script
application/javascript 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-WRCDBFX&t=gtm3&cid=1113403273.1603579663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b38112f6a8fe239e85a248823d9f0d2eb4dae4095ff764415150f971402aeab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35777
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 24 Oct 2020 22:47:42 GMT

GET
H2 200 1669030446688031 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1669030446688031?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45f867420decee6bbb824473854db411c5ed858f73a903cf6f5d6dc764b4f9e7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: NaPEKL5o6d7+9VTlLKi9hSOo5As9M2a9GOw9Q4tUb8wLwGwnNC48o3RYd2ouRlR+f51a+/TxE08+qt9AAv+iXA==
x-fb-trip-id: 664085054
date: Sat, 24 Oct 2020 22:47:42 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 86ms
71ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5565374&Ver=2&mid=34c0de13-de42-4235-9972-b7c1ebb5d113&sid=ed1fa5e0164a11eba6905f749346f5db&vid=ed2134b0164a11eb8b258b5de11836b8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&kw=wine,wine%20club&p=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&r=&lt=726&evt=pageLoad&msclkid=N&sv=1&rn=681568
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Sat, 24 Oct 2020 22:47:42 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 81AF036C372546079DA9EECD0C920B1F Ref B: FRAEDGE1309 Ref C: 2020-10-24T22:47:42Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10118330.json Show response
s.yimg.com/wi/config/ 2 B
496 B 210ms
120ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10118330.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 0P8ZEH0P7G8K9XFG
x-amz-id-2: 7p+5wbPWFCQRKrhZb1lHGbjwPrmITxo73SJCRAfCwRgtVozsR2xl7CRzvUC+3XI9qlM0R89kx7I=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 b253b5fa-0522-4fcb-b2f3-9056b25ec9b1 Show response
ekr.zdassets.com/compose/ 822 B
845 B 835ms
744ms XHR
application/json 104.18.71.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.71.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6150332954412903283a4eb54f798387c39140d1a123118cf65821bc5e3ee494

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200, 200 OK
strict-transport-security: max-age=0
cf-request-id: 05fe64e9c900000c8d460a3000000001
x-request-id: a18684f5-ac75-4962-96b7-ee23535f837f
x-runtime: 0.003217
server: cloudflare
etag: W/"6150332954412903283a4eb54f798387"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 5e773dbc7a160c8d-AMS

GET
H2 200 adsct
t.co/i/ 43 B
448 B 207ms
136ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nzfyd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Sat, 24 Oct 2020 22:47:42 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 687f5feaa08d6e0a138d55a341d7b8f0
x-transaction: 00e2d47a00c79b28
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
258 B 393ms
98ms Script
application/javascript 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=003984529eb2a496e5ebded96e34081bbf
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: gzip
Connection: close
X-TraceId: 1e3d3312a6a79ffe5bd30ab3cc9a5dc8
Content-Length: 56
Content-Type: application/javascript

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
146 B 14ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1752113732&t=pageview&_s=1&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&ul=en-us&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEALQAAAAC~&jid=848896157&gjid=361729607&cid=1113403273.1603579663&tid=UA-68049103-4&_gid=138988728.1603579663&_r=1&gtm=2wgae1TKCVNW&z=847561710

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
120 B 6ms
6ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1752113732&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&ul=en-us&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page&ea=page-genpack&el=%2Fgenpack&_u=aGDACEALRAAAAC~&jid=&gjid=&cid=1113403273.1603579663&tid=UA-68049103-4&_gid=138988728.1603579663&gtm=2wgae1TKCVNW&z=1583018393

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 09:03:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 49448
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
89 B 16ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-68049103-4&cid=1113403273.1603579663&jid=848896157&gjid=361729607&_gid=138988728.1603579663&_u=aGDAAEAKQAAAAC~&z=361733221

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Oct 2020 22:47:42 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/1046601/trc/3/ 765 B
747 B 93ms
41ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1046601/trc/3/json?tim=1603579662819&data=%7B%22id%22%3A322%2C%22ii%22%3A%22%2Fgenpack%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1603579662815%2C%22cv%22%3A%2220201019-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22http%3A%2F%2Fpage.firstleaf.club%2Fgenpack%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dpenrosehill-firstleafclub-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22supv%22%3Atrue%2C%22mpv%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1046601/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ba96ecb2eef97dd00fd98cea891b6602b061e1d625d1a7de50958c06d55d7e6

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 22
date: Sat, 24 Oct 2020 22:47:42 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4067-HHN
server: nginx
x-timer: S1603579663.881322,VS0,VE22
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

OPTIONS
H2 200 pipeline
ct.firstleaf.club/prh/ Frame 0
0 500ms
444ms Other 2606:4700:10::6816:2ae0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Protocol: H2
Server: 2606:4700:10::6816:2ae0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://page.firstleaf.club
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Sat, 24 Oct 2020 22:47:43 GMT
content-length: 0
access-control-allow-origin: https://page.firstleaf.club
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-max-age: 5
cf-cache-status: DYNAMIC
cf-request-id: 05fe64ea7400009abc7c8ba000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5e773dbd886c9abc-FRA

POST
H2 200 pipeline Show response
ct.firstleaf.club/prh/ 2 B
337 B 458ms
458ms XHR
text/plain 2606:4700:10::ac43:1a84
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.firstleaf.club/prh/pipeline
Requested by: Host: images.firstleaf.club
URL: https://images.firstleaf.club/js/sp-at-v2-14-0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a84 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: https://page.firstleaf.club
access-control-allow-credentials: true
cf-ray: 5e773dc049f1c2f4-FRA
content-type: text/plain; charset=UTF-8
content-length: 2
cf-request-id: 05fe64ec320000c2f497132000000001

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 143ms
62ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sat%2C%2024%20Oct%202020%2022%3A47%3A42%20GMT&n=-2d&b=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&.yp=10118330&f=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&enc=UTF-8&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 24 Oct 2020 22:47:43 GMT

GET
H/1.1 200
OK sp.pl Show response
sp.analytics.yahoo.com/ 0
857 B 145ms
65ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&.yp=10118330&f=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&enc=UTF-8&et=custom&ec=retargeting&tagmgr=gtm

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
X-Content-Type-Options: nosniff
Age: 0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Server: ATS
X-Frame-Options: DENY
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=31536000
Content-Type: application/x-javascript
Cache-Control: no-cache, private, must-revalidate
Accept-Ranges: bytes
Expires: Sat, 24 Oct 2020 22:47:43 GMT

OPTIONS
H2 200 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 0
0 143ms
123ms Other
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol: H2
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://page.firstleaf.club
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-headers: Content-Type, Accept
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id: lt1njpn009df
x-powered-by: Express
x-cloud-trace-context: c6c07c9db6a34632695ae1d8dae333ef
content-encoding: gzip
date: Sat, 24 Oct 2020 22:47:43 GMT
server: Google Frontend
cache-control: private
content-length: 22
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 204 pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 0
0 251ms
180ms Fetch
text/html 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by: Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash

Request headers

Accept: application/json
Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
server: Google Frontend
access-control-allow-headers: Content-Type, Accept
x-powered-by: Express
status: 204
access-control-allow-methods: GET, POST
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 01886cc568a30eb8fe51a538adc077b4
function-execution-id: anobmb794bf3
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 integrations Show response
getrockerbox.com/ 42 B
352 B 123ms
123ms Script
text/javascript 104.27.174.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/integrations?source=firstleaf
Requested by: Host: getrockerbox.com
URL: https://getrockerbox.com/assets/wxyz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.174.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZIr2sRRwwyHNAQeWv2Ujrc%2F%2BDtsfurkFWJpu4W62HenQgdBcdeZH9GlZ%2BbQR9QhsurJ9j9%2FZrTHjnqDuZ8q1C%2Bx0Gpvp0S7QMGId4kLQoxHW"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
status: 200
cf-ray: 5e773dbda83832ad-CDG
cf-request-id: 05fe64ea88000032adf991f000000001

GET
H2 200 jpuid Show response
getrockerbox.com/ 67 B
425 B 124ms
124ms Script
text/javascript 104.27.174.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getrockerbox.com/jpuid?jsonp=RB.jsonPUID
Requested by: Host: getrockerbox.com
URL: https://getrockerbox.com/assets/wxyz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.174.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54a8ef2c01be9d108d79f482d2293bcc12ef4162875d933bc193ef2fa06be248

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=09%2FYC6NVQbfryWdiB0QHAPAaq2LjXlCVcTwxZFVn1ubwoW01jPt7xYcikYfX8qRatxcP7Uak9hHU3H3UWB4OM%2Bg2jvqKkDL9YIk2mOhijWu%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
status: 200
cf-ray: 5e773dbda83b32ad-CDG
cf-request-id: 05fe64ea89000032ad1613d000000001

GET
H2 200 /
www.facebook.com/tr/ 44 B
240 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&rl=&if=false&ts=1603579662987&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1603579662986.19648033&it=1603579662628&coo=false&rqm=GET

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:42 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 24 Oct 2020 22:47:42 GMT

GET
H/1.1 200
OK tv2track.php
collector-7547.tvsquared.com/ 42 B
361 B 113ms
111ms Image
image/gif 3.132.146.241
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-7547.tvsquared.com/tv2track.php?action_name=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&idsite=TV-27455427-1&rec=1&r=131593&h=0&m=47&s=43&url=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&_id=55525add3e651f6c&_idts=1603579663&_idvc=0&_idn=1&_viewts=&cookie=1&res=1600x1200&gt_ms=193
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.132.146.241 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-132-146-241.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Server: nginx
Connection: keep-alive
Request-Id: d2b2a464-2fa1-474a-a59c-e79762185c61
P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Content-Length: 42
Content-Type: image/gif

GET
H2 200 rb
getrockerbox.com/v2/ 44 B
424 B 131ms
131ms Image
image/gif 104.27.174.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getrockerbox.com/v2/rb?url=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&action=view&source=firstleaf&rb_source=firstleaf&script_version=wxyz.js&sessionId=4e68e558-f0f2-4438-9836-1fdbf92f62d1&uid=rbos-2a8a9c2f-047a-4f05-a609-930c7d77ace0
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.27.174.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FEOYbX6Qn6qsoa3JUjnh46E1e2UgghTgXvaua6FcaEhq3xIIaPXFZH2dH2azdmzmV9kW%2BwRkRt5K5zNVCroiT5Fg89i7oYboGstkM49k86hV"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
status: 200
cf-ray: 5e773dbe798e32ad-CDG
cf-request-id: 05fe64eb09000032add31ae000000001

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
275 B 373ms
98ms Image
image/gif 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=003984529eb2a496e5ebded96e34081bbf&obApiVersion=1.1&obtpVersion=1.3.3&name=PAGE_VIEW&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa&optOut=false&bust=06412169811268815
Requested by: Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Cache-Control: no-cache
Connection: close
X-TraceId: 33f7deda3321a352a537343bd0e2fb5d
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H/1.1 200
OK 2CCB709CDC50 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 416ms
104ms Script
text/plain 3.92.172.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/2CCB709CDC50?v=f77a5ffc-21f5-40cc-ac70-62df82e90a64&m=a0703016-285f-4b2d-b9d2-2785d787adbc&se=e927c06a-945b-40ca-b6b2-7b09e32cec10&d=eyJ2IjoiZjc3YTVmZmMtMjFmNS00MGNjLWFjNzAtNjJkZjgyZTkwYTY0IiwibSI6ImEwNzAzMDE2LTI4NWYtNGIyZC1iOWQyLTI3ODVkNzg3YWRiYyIsImNzaSI6IiIsInNlIjoiZTkyN2MwNmEtOTQ1Yi00MGNhLWI2YjItN2IwOWUzMmNlYzEwIiwibiI6MSwicCI6IjFlOTM3N2YxLTdiNDQtNDgzYi1hNmVhLTRlY2FlODViNDdhZCIsInUiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwbiI6Ii9nZW5wYWNrIiwiciI6IiIsInQiOiJCdXlpbmcgQXdhcmQtV2lubmluZyBXaW5lIElzIFNpbXBsZSBXaXRoIEZpcnN0bGVhZiIsImMiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwciI6IjlDREM1MCIsInV0bV9zIjoid29ybGRhdGEiLCJ1dG1fbSI6InBhaWRlbWFpbCIsInV0bV9jIjoid29ybGRhdGFfY3BhX3EzXzIwMjAiLCJzIjoxLCJ2cyI6MSwibCI6IlBhZ2VMb2FkIn0%3D&callback=cb80a28489b1d3a
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D22CCB709CDC50.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.172.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-172-78.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 311d65c3d630eee262de82a8c430aac593e650c46d75e58b657c8520d8431bcd

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H2

200

/
cx.atdmt.com/
Redirect Chain

https://www.facebook.com/tr/?id=1669030446688031&ev=Microdata&dl=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%2...
https://cx.atdmt.com/?c=7822580060098252466&f=AYyZ--toqCigh0uX-RfVxy7D2y4ctS1MxZPB3xZr-3GQz_gzmzoGRQ9GtfhJ51JI7hI7PwPJu8HmkIZWQoKSeVv2&id=1669030446688031&l=3&v=0

43 B
425 B

44ms
30ms

Image
image/gif

2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cx.atdmt.com/?c=7822580060098252466&f=AYyZ--toqCigh0uX-RfVxy7D2y4ctS1MxZPB3xZr-3GQz_gzmzoGRQ9GtfhJ51JI7hI7PwPJu8HmkIZWQoKSeVv2&id=1669030446688031&l=3&v=0

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: public
x-fb-debug: QxZqFPkNn4n/by2IzrW5qzGPwSt0x5/hPXNimMU4bvsWQU2Sdn2U7B93bzcIwaQKbnZm7OEIC7wH7bSo6Ql7vA==
content-encoding: br
x-content-type-options: nosniff
x-frame-options: DENY
date: Sat, 24 Oct 2020 15:47:43 PDT
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: public, max-age=0
expires: Sat, 24 Oct 2020 15:47:43 PDT

Redirect headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:43 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=7822580060098252466&f=AYyZ--toqCigh0uX-RfVxy7D2y4ctS1MxZPB3xZr-3GQz_gzmzoGRQ9GtfhJ51JI7hI7PwPJu8HmkIZWQoKSeVv2&id=1669030446688031&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
expires: 0

GET
H2 200 preload.6b57097bff6b7b2f3c7e.js Show response
static.zdassets.com/web_widget/latest/ Frame 8D2C 61 KB
18 KB 30ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/preload.6b57097bff6b7b2f3c7e.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a807ab89ec894ee2127b8b35c22c17f2aa04bdad4075ceef531f6ef7fb4440

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 257673
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 3F7E9D8092AD6525
x-amz-id-2: rR3yjqijaGA5zh0xjoarMg5/q0iTTLDCEyA9eXW9gXUC8R6JC2zKOF6UnTS663zhHolRb76RxlQ=
last-modified: Wed, 21 Oct 2020 06:13:29 GMT
server: cloudflare
etag: W/"58f2e3f49ec5f50011cd19b7817b03aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CZddpzopNvQxmlLRJNFqjg.JlZM1mDDr
cf-request-id: 05fe64ecb800002056900a4000000001
cf-ray: 5e773dc12d4f2056-AMS
expires: Thu, 21 Oct 2021 06:13:28 GMT

GET
H2 200 web_widget.ba9a857f2bb01785a8d1.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 8D2C 4 KB
2 KB 27ms
26ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/web_widget.ba9a857f2bb01785a8d1.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 2070666
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 179AD7DCCD209A3A
x-amz-id-2: wqZFDQdPnqTho3Iv5n+zlQolAukFG4r0tHRiYg6DyD8756zYRQqfuT0QIYZkfHsd3rTd2Br7DMA=
last-modified: Wed, 30 Sep 2020 07:35:35 GMT
server: cloudflare
etag: W/"cd48dbd15438789692901c3abe7fad0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: o6hpYGxYvzSDIpEF.6kgZPoLjTYpTVm2
cf-request-id: 05fe64ecb90000205661969000000001
cf-ray: 5e773dc12d512056-AMS
expires: Thu, 30 Sep 2021 07:35:34 GMT

GET
H2 200 vendors~web_widget.ca239eb7094b76c34e1a.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8D2C 1 MB
282 KB 37ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/vendors~web_widget.ca239eb7094b76c34e1a.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5991a85568c553f8faf24407b27015791a41a241a133f1cae46d976f4a825647

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 113482
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 91C1C46893E9815D
x-amz-id-2: 6TZwvRVkTchvc+pq4hO5HKmwi9GMYJg7TtkMyEC70kMu8hSZ1sVoe/FJr4xv3gm5wlwQTcOJGg4=
last-modified: Wed, 21 Oct 2020 06:13:31 GMT
server: cloudflare
etag: W/"ca0df266e1139488aec48decba32099f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: TXqYDjoa7p5l149gWGZmCcYLDYr7UJV2
cf-request-id: 05fe64ecb900002056ad0ef000000001
cf-ray: 5e773dc12d522056-AMS
expires: Tue, 19 Oct 2021 05:39:28 GMT

GET
H2 200 web_widget.90bf2a8b18f2ce7f5dec.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8D2C 853 KB
163 KB 66ms
65ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web_widget.90bf2a8b18f2ce7f5dec.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

550936d892199957cd2fa4c32505899e240ae678f0a8ec3d8ef005621cef2a13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 257673
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 4B076D67E4F8D275
x-amz-id-2: 1lISwYd32JdgG/qv8lew7BzubpufybLiGmciWH8xc60BGbjXsD9d7elN6hcpM2WYJzx9hKr0+Uw=
last-modified: Wed, 21 Oct 2020 06:13:31 GMT
server: cloudflare
etag: W/"bb3ad603cf41ad4604b31156a55fe844"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: zYn4Y3c.jTlGNucSYZ7sIeZVjeQdxquh
cf-request-id: 05fe64ecb90000205661329000000001
cf-ray: 5e773dc12d532056-AMS
expires: Thu, 21 Oct 2021 06:13:30 GMT

GET
H2 200 chat-sdk.cec40ba63b2a85de0a9c.chunk.js Show response
static.zdassets.com/web_widget/latest/ Frame 8D2C 257 KB
50 KB 43ms
42ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/chat-sdk.cec40ba63b2a85de0a9c.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 871468
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 651D6D329D81482B
x-amz-id-2: U0igWKkUG0RBfaNMOKoHNaM6Qxq3Y1AinC/Zk08PYzSCxW3KQXs/q07dTnqW/vqAfr3TB9KcZ6w=
last-modified: Wed, 14 Oct 2020 05:14:29 GMT
server: cloudflare
etag: W/"c7b786c485c50d3373906fb0a543389a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6jncMusfjpPjh.hMjR7hDj05x8JzSWkZ
cf-request-id: 05fe64ecb900002056adb09000000001
cf-ray: 5e773dc12d552056-AMS
expires: Thu, 14 Oct 2021 05:14:28 GMT

GET
H2 200 config Show response
penrosehill.zendesk.com/embeddable/ 969 B
1 KB 170ms
122ms XHR
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://penrosehill.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42401ed65a0b273918e8749ad01e591a1b2189fc00b5b88946b9e7804f176aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
cf-request-id: 05fe64ed1500000b84dc1a4000000001
x-request-id: 5e7718e03b9c02cc-SEA
x-runtime: 0.001832
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ao5t4ItXbEnFQXIdxrYDVMbt0PIhl6UI%2B6U5pXGR8N3iM0I75FNuPS2KahZJZcfXo3igTQ8xDAhZs%2FoDroMRZF2V0rLMPaIiPo2qMWwN01JiBASBXA5rMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
x-zendesk-origin-server: embeddable-app-server-cdd756c5-9dqsv
cf-ray: 5e773dc1beed0b84-AMS

GET
H2 200 en-us-json.cc8e73e5fe307bb27426.chunk.js Show response
static.zdassets.com/web_widget/latest/locales/ Frame 8D2C 25 KB
5 KB 25ms
24ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/locales/en-us-json.cc8e73e5fe307bb27426.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.6b57097bff6b7b2f3c7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 8187019
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: AEFE79F66C7EBC1F
x-amz-id-2: zpwv65XFe49wftw1PecBmuA4sM32FIZ0WF0xzhWGFJx4v8F7g4WWCsLyd/Cyco/YGs/dsfWFyM4=
last-modified: Wed, 22 Jul 2020 04:05:08 GMT
server: cloudflare
etag: W/"c94e458331968060067c4539f118fd54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 5EVM6Ae5ZeloER_IP_K91Z5iUqcAli8n
cf-request-id: 05fe64ee01000020569b800000000001
cf-ray: 5e773dc338122056-AMS
expires: Thu, 22 Jul 2021 04:05:07 GMT

GET
H2 200 framework-boot.5393b3e3052c7d467736.chunk.js Show response
static.zdassets.com/web_widget/latest/lazy/ Frame 8D2C 7 KB
3 KB 25ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/lazy/framework-boot.5393b3e3052c7d467736.chunk.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/preload.6b57097bff6b7b2f3c7e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7eb4d851e46d3aa5251b190cb497da211e4fef4f9b99f734c247845ce58fa6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 257672
x-amz-server-side-encryption: AES256
status: 200
x-amz-replication-status: COMPLETED
x-amz-request-id: 7F71E41F7C8C35FA
x-amz-id-2: q7ULoRjY82k/e9zp5tuKjuEeuEJrj+BRqRCwD1XffEm+aFQPcnaoeeNBdHacaQa5f44E3A2L0SQ=
last-modified: Wed, 21 Oct 2020 06:12:40 GMT
server: cloudflare
etag: W/"bc63136840bb9d0800f5308b6a1a1dd2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: OlfUSq17FR9t0K3NnDL7iE4HqVh6EJ9g
cf-request-id: 05fe64ee01000020566ca20000000001
cf-ray: 5e773dc338142056-AMS
expires: Thu, 21 Oct 2021 06:12:39 GMT

GET
H2 200 embeddable_blip Show response
penrosehill.zendesk.com/ Frame 8D2C 0
773 B 114ms
114ms XHR
text/html 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://penrosehill.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9wYWdlLmZpcnN0bGVhZi5jbHViL2dlbnBhY2s%2FdXRtX3NvdXJjZT13b3JsZGF0YSZ1dG1fbWVkaXVtPXBhaWRlbWFpbCZ1dG1fY2FtcGFpZ249d29ybGRhdGFfY3BhX3EzXzIwMjAmdXRtX2NvbnRlbnQ9MjkuOTUtYXdhcmRfd2lubmluZyZ2b3VjaGVyPXdkY3BhIiwidGltZSI6MzYsImxvYWRUaW1lIjozNy4xNzAwMDAzNzQzMTcxNywibmF2aWdhdG9yTGFuZ3VhZ2UiOiJlbi1VUyIsInBhZ2VUaXRsZSI6IkJ1eWluZyBBd2FyZC1XaW5uaW5nIFdpbmUgSXMgU2ltcGxlIFdpdGggRmlyc3RsZWFmIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTRfNSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzgzLjAuNDEwMy42MSBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjUxZDExYTJmMjM3ZGZmOTkwMjE5NTcyODIxMDU4ZmUzIiwic3VpZCI6IjNlMGQzNWVlZTAwY2ExZWYwZTU2ZmZlNjQxZThmMTg3IiwidmVyc2lvbiI6IjcwODVlNGVmOSIsInRpbWVzdGFtcCI6IjIwMjAtMTAtMjRUMjI6NDc6NDMuOTM0WiIsInVybCI6Imh0dHBzOi8vcGFnZS5maXJzdGxlYWYuY2x1Yi9nZW5wYWNrP3V0bV9zb3VyY2U9d29ybGRhdGEmdXRtX21lZGl1bT1wYWlkZW1haWwmdXRtX2NhbXBhaWduPXdvcmxkYXRhX2NwYV9xM18yMDIwJnV0bV9jb250ZW50PTI5Ljk1LWF3YXJkX3dpbm5pbmcmdm91Y2hlcj13ZGNwYSJ9
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/vendors~web_widget.ca239eb7094b76c34e1a.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:44 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n4aFYcbdek%2F5HpzVs2qD9Zgy%2BXvAMYWXY7vygUNnZcCJRxvAHSvEOWlnTeteyZvIWN5M%2F33TQ4BE2U9z6Ads9wQRsHmoCXHO%2FMe%2FG%2F3deYd0P%2Fxefmsmpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-store, no-cache, must-revalidate
cf-ray: 5e773dc3aa070b84-AMS
cf-request-id: 05fe64ee4900000b84ba023000000001

GET
H2 200 g.jsonp Show response
aa.agkn.com/adscores/ 82 B
395 B 80ms
24ms Script
application/json 35.176.88.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.jsonp?sid=9202274878&userid=9CDC50-F77A5FFC-21F5-40CC-AC70-62DF82E90A64
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D22CCB709CDC50.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.88.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-88-2.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:44 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 82
expires: 0

GET
H2 200 idr.gif
p.alcmpn.com/idr/ven/1012/ 32 B
185 B 369ms
120ms Image
image/gif 35.193.67.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://p.alcmpn.com/idr/ven/1012/idr.gif?fpid=9CDC50-F77A5FFC-21F5-40CC-AC70-62DF82E90A64

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.193.67.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

164.67.193.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:44 GMT
last-modified: Mon, 31 Aug 2020 17:53:30 GMT
server: nginx
etag: "5f4d391a-20"
strict-transport-security: max-age=31536000;
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 32

GET
H/1.1 200
OK 2CCB709CDC50 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 106ms
105ms Script
text/plain 3.92.172.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/2CCB709CDC50?v=f77a5ffc-21f5-40cc-ac70-62df82e90a64&m=a0703016-285f-4b2d-b9d2-2785d787adbc&se=e927c06a-945b-40ca-b6b2-7b09e32cec10&d=eyJ2IjoiZjc3YTVmZmMtMjFmNS00MGNjLWFjNzAtNjJkZjgyZTkwYTY0IiwibSI6ImEwNzAzMDE2LTI4NWYtNGIyZC1iOWQyLTI3ODVkNzg3YWRiYyIsImNzaSI6IiIsInNlIjoiZTkyN2MwNmEtOTQ1Yi00MGNhLWI2YjItN2IwOWUzMmNlYzEwIiwicCI6IjFlOTM3N2YxLTdiNDQtNDgzYi1hNmVhLTRlY2FlODViNDdhZCIsInUiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwbiI6Ii9nZW5wYWNrIiwiciI6IiIsInQiOiJCdXlpbmcgQXdhcmQtV2lubmluZyBXaW5lIElzIFNpbXBsZSBXaXRoIEZpcnN0bGVhZiIsImMiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwciI6IjlDREM1MCIsImVpZCI6Im5zX3NlZ18wMDAiLCJ1dG1fcyI6IndvcmxkYXRhIiwidXRtX20iOiJwYWlkZW1haWwiLCJ1dG1fYyI6IndvcmxkYXRhX2NwYV9xM18yMDIwIiwicyI6MiwidnMiOjEsImwiOiJBY3Rpb24iLCJ2MDEiOiJFaWQiLCJ2MDIiOiJuc19zZWdfMDAwIn0%3D&callback=cb98a9db785b0cb
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D22CCB709CDC50.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.172.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-172-78.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: f267a845e6aa6f9bbfa760589029d4430fe113b65e8102eb172edc819cf3de7b

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:43 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H/1.1 200
OK 2CCB709CDC50 Show response
api.datasteam.io/v1/C/RawData/ 208 B
795 B 104ms
104ms Script
text/plain 3.92.172.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.datasteam.io/v1/C/RawData/2CCB709CDC50?v=f77a5ffc-21f5-40cc-ac70-62df82e90a64&m=a0703016-285f-4b2d-b9d2-2785d787adbc&se=e927c06a-945b-40ca-b6b2-7b09e32cec10&d=eyJ2IjoiZjc3YTVmZmMtMjFmNS00MGNjLWFjNzAtNjJkZjgyZTkwYTY0IiwibSI6ImEwNzAzMDE2LTI4NWYtNGIyZC1iOWQyLTI3ODVkNzg3YWRiYyIsImNzaSI6IiIsInNlIjoiZTkyN2MwNmEtOTQ1Yi00MGNhLWI2YjItN2IwOWUzMmNlYzEwIiwicCI6IjFlOTM3N2YxLTdiNDQtNDgzYi1hNmVhLTRlY2FlODViNDdhZCIsInUiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwbiI6Ii9nZW5wYWNrIiwiciI6IiIsInQiOiJCdXlpbmcgQXdhcmQtV2lubmluZyBXaW5lIElzIFNpbXBsZSBXaXRoIEZpcnN0bGVhZiIsImMiOiJodHRwczovL3BhZ2UuZmlyc3RsZWFmLmNsdWIvZ2VucGFjaz91dG1fc291cmNlPXdvcmxkYXRhJnV0bV9tZWRpdW09cGFpZGVtYWlsJnV0bV9jYW1wYWlnbj13b3JsZGF0YV9jcGFfcTNfMjAyMCZ1dG1fY29udGVudD0yOS45NS1hd2FyZF93aW5uaW5nJnZvdWNoZXI9d2RjcGEiLCJwciI6IjlDREM1MCIsImVpZCI6Im5zX3NlZ18wMDAiLCJ1dG1fcyI6IndvcmxkYXRhIiwidXRtX20iOiJwYWlkZW1haWwiLCJ1dG1fYyI6IndvcmxkYXRhX2NwYV9xM18yMDIwIiwicyI6MywidnMiOjEsImwiOiJBY3Rpb24iLCJ2MDEiOiJFczEifQ%3D%3D&callback=cbcf1833ae26c0f
Requested by: Host: cdn.datasteam.io
URL: https://cdn.datasteam.io/js/D22CCB709CDC50.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.92.172.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-92-172-78.compute-1.amazonaws.com
Software: Kestrel /
Resource Hash: 9612b732c8a8dc259b1fabe26bfd3a67ba855bd3cf8fb1e109d4523ae7a20437

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 24 Oct 2020 22:47:44 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 208

GET
H2 206 chat-incoming-message-notification.mp3
static.zdassets.com/web_widget/static/ Frame 8D2C 19 KB
20 KB 109ms
109ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/static/chat-incoming-message-notification.mp3

Requested by

Host: page.firstleaf.club
URL: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 24 Oct 2020 22:47:44 GMT
cf-cache-status: DYNAMIC
x-amz-request-id: 86FC76E37FBF3DC0
x-amz-server-side-encryption: AES256
cf-ray: 5e773dc68cd22056-AMS
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: kwlyCPfjvw6RXodx7R5fiKi4CjdLe7gqn/FU14ves1qNlnfLnPYzS05D6SFJsk7wd+q+E0/Mwd4=
Content-Range: bytes 0-19697/19698
last-modified: Tue, 12 Feb 2019 01:07:53 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
x-amz-version-id: 7QfN44DQ.h7tzqx9G_4CeAsccdu5t2pF
cache-control: public, max-age=31536000
cf-request-id: 05fe64f017000020565a24b000000001
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 12 Feb 2020 01:07:52 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1046601/log/3/ 0
294 B 55ms
18ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1046601/log/3/unip?en=pre_d_eng_tb&tos=1579&scd=25&ssd=1&est=1603579662817&ver=27&isls=true&src=i&invt=1500&tim=1603579664398&vi=1603579662815&ri=b281da1535aae507436ad29475fa178f&sd=v2_59162c6216eeeff1d81f500cf5ea8141_eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e_1603579662_1603579662_CNawjgYQyfA_GN-jr-bVLiABKAEwFjjqxgdA4IYQSIXq2QNQ____________AVgBYABo4qaqkbKtl-Jw&ui=eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e&ref=null&cv=20201019-6-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1046601/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:44 GMT
server: nginx
x-fastly-to-nlb-rtt: 4905
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.20.14:10213

GET
H2 200 loading_circle.svg
v.fastcdn.co/a/img/ 694 B
1 KB 19ms
18ms Image
image/svg+xml 192.229.133.208
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v.fastcdn.co/a/img/loading_circle.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.133.208 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BB3) /
Resource Hash: eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:44 GMT
age: 1839
status: 200
x-guploader-uploadid: ABg5-Uw3EU6jexinEzdkUDTr3fNjJDkGyM5j_HpCTcpgMj-zl1qNBf1gveFeDjABhLhF_G_aEzmWVIAU3HsRZPX7a90
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694
last-modified: Mon, 04 Jul 2016 13:37:12 GMT
server: ECS (amb/6BB3)
etag: "be00fc4a29d03016e78b28c9943e3f51"
x-goog-hash: crc32c=Y/o9cg==, md5=vgD8SinQMBbniyjJlD4/UQ==
content-type: image/svg+xml
access-control-allow-origin: *
x-goog-generation: 1467639432842000
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 694
accept-ranges: bytes
expires: Sat, 24 Oct 2020 23:47:44 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
649 B 190ms
140ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nzfyd&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fpage.firstleaf.club%2Fgenpack%3Futm_source%3Dworldata%26utm_medium%3Dpaidemail%26utm_campaign%3Dworldata_cpa_q3_2020%26utm_content%3D29.95-award_winning%26voucher%3Dwdcpa

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 24 Oct 2020 22:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 115
pragma: no-cache
last-modified: Sat, 24 Oct 2020 22:47:44 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e662d207d1772219d1b82a09e311134c
x-transaction: 00bbd4d00023e9c2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1046601/log/3/ 0
293 B 20ms
19ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1046601/log/3/unip?en=pre_d_eng_tb&tos=4581&scd=25&ssd=1&est=1603579662817&ver=27&isls=true&src=i&invt=3000&tim=1603579667399&vi=1603579662815&ri=b281da1535aae507436ad29475fa178f&sd=v2_59162c6216eeeff1d81f500cf5ea8141_eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e_1603579662_1603579662_CNawjgYQyfA_GN-jr-bVLiABKAEwFjjqxgdA4IYQSIXq2QNQ____________AVgBYABo4qaqkbKtl-Jw&ui=eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e&ref=null&cv=20201019-6-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1046601/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:47 GMT
server: nginx
x-fastly-to-nlb-rtt: 6265
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.41.30.18:10213

POST
H2 201 raw-data Show response
heatmap-events-collector.instapage.com/api/ 33 B
386 B 398ms
150ms Fetch
application/json 35.222.120.150
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://heatmap-events-collector.instapage.com/api/raw-data

Requested by

Host: heatmap-events-collector.instapage.com
URL: https://heatmap-events-collector.instapage.com/static/lib.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.222.120.150 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

150.120.222.35.bc.googleusercontent.com

Software

Resource Hash

aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 24 Oct 2020 22:47:52 GMT
referrer-policy: same-origin
status: 201
etag: W/"21-OGHiFV/OrNujBxibS2uM6bqKAHs"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://page.firstleaf.club
access-control-allow-credentials: true
x-content-type-options: nosniff
strict-transport-security: max-age=315360000; includeSubDomains
x-dns-prefetch-control: off
vary: Accept-Encoding, Origin, Accept-Encoding
content-length: 33
x-xss-protection: 1; mode=block

GET
H2 204 unip Show response
trc-events.taboola.com/1046601/log/3/ 0
294 B 18ms
18ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1046601/log/3/unip?en=pre_d_eng_tb&tos=10583&scd=25&ssd=1&est=1603579662817&ver=27&isls=true&src=i&invt=6000&tim=1603579673401&vi=1603579662815&ri=b281da1535aae507436ad29475fa178f&sd=v2_59162c6216eeeff1d81f500cf5ea8141_eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e_1603579662_1603579662_CNawjgYQyfA_GN-jr-bVLiABKAEwFjjqxgdA4IYQSIXq2QNQ____________AVgBYABo4qaqkbKtl-Jw&ui=eea0962a-bd5e-49c1-b9f6-a1ebcfa227bd-tuct68e348e&ref=null&cv=20201019-6-RELEASE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1046601/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://page.firstleaf.club/genpack?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Oct 2020 22:47:53 GMT
server: nginx
x-fastly-to-nlb-rtt: 11617
status: 204
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://page.firstleaf.club
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.111:10213

Verdicts & Comments Add Verdict or Comment

141 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.firstleaf.club/	1970-01-19 14:09:31	Name: rbuid Value: rbos-2a8a9c2f-047a-4f05-a609-930c7d77ace0
.firstleaf.club/	1970-01-19 22:11:55	Name: MGX_UC Value: JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZjc3YTVmZmMtMjFmNS00MGNjLWFjNzAtNjJkZjgyZTkwYTY0JTIyJTJDJTIyZSUyMiUzQTE2MDQxMDUyNjI5NjQlN0QlMkMlMjJNR1hfVSUyMiUzQSU3QiUyMnYlMjIlM0ElMjJhMDcwMzAxNi0yODVmLTRiMmQtYjlkMi0yNzg1ZDc4N2FkYmMlMjIlMkMlMjJlJTIyJTNBMTYwNDEwNTI2Mjk2NSU3RCUyQyUyMk1HWF9QWCUyMiUzQSU3QiUyMnYlMjIlM0ElMjJlOTI3YzA2YS05NDViLTQwY2EtYjZiMi03YjA5ZTMyY2VjMTAlMjIlMkMlMjJzJTIyJTNBdHJ1ZSUyQyUyMmUlMjIlM0ExNjAzNTgxNDY0MDk4JTdEJTJDJTIyTUdYX0NJRCUyMiUzQSU3QiUyMnYlMjIlM0ElMjJkMGJiODcyNC03Njc0LTQ0ZmMtYjFkOC0xMWM5ZDg1ZjAwYTklMjIlMkMlMjJlJTIyJTNBMTYwNDEwNTI2Mjk2NyU3RCUyQyUyMk1HWF9WUyUyMiUzQSU3QiUyMnYlMjIlM0ExJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTYwMzU4MTQ2NDA5OCU3RCUyQyUyMk1HWF9FSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIybnNfc2VnXzAwMCUyMiUyQyUyMnMlMjIlM0F0cnVlJTJDJTIyZSUyMiUzQTE2MDM1ODE0NjQwOTglN0QlN0Q=
page.firstleaf.club/	1970-01-19 22:11:55	Name: __pdst Value: 4ec4c58c03864c108495b44417212bce
.facebook.com/	1970-01-19 15:35:55	Name: fr Value: 08N7PyyU26rqjZR20..BflK8O..F-U.1.0.BflK8O.
.firstleaf.club/	1970-01-19 13:27:46	Name: _gid Value: GA1.2.138988728.1603579663
.firstleaf.club/	1970-01-20 06:57:31	Name: _sp_id.efdf Value: 0e90b839-6198-48e5-a981-74f2aaac379b.1603579663.1.1603579663.1603579663.d9e1f5dc-c8d2-4764-9d13-7ec65108b407
.firstleaf.club/	1970-01-19 15:35:55	Name: _gcl_au Value: 1.1.1131838006.1603579663
.firstleaf.club/	1970-01-19 13:49:43	Name: _uetvid Value: ed2134b0164a11eb8b258b5de11836b8
page.firstleaf.club/	1970-01-19 13:26:19	Name: outbrain_cid_fetch Value: true
page.firstleaf.club/	1970-01-19 22:11:55	Name: instapage-variant-20381620 Value: AH
.firstleaf.club/	1970-01-19 13:26:21	Name: FL_Referrer Value: 2
page.firstleaf.club/	1970-01-20 06:57:31	Name: _tq_id.TV-27455427-1.ed11 Value: 55525add3e651f6c.1603579663.0.1603579663..
.firstleaf.club/	1970-01-19 15:35:55	Name: _fbp Value: fb.1.1603579662986.19648033
.firstleaf.club/	1970-01-20 06:57:31	Name: _ga Value: GA1.2.1113403273.1603579663
.firstleaf.club/	1969-12-31 23:59:59	Name: query Value: ?utm_source=worldata&utm_medium=paidemail&utm_campaign=worldata_cpa_q3_2020&utm_content=29.95-award_winning&voucher=wdcpa
.firstleaf.club/	1970-01-19 13:26:19	Name: _gat_UA-68049103-4 Value: 1
.firstleaf.club/	1970-01-19 22:11:55	Name: __zlcmid Value: 10pjXBtl2PQcVSW
.firstleaf.club/	1970-01-19 22:11:55	Name: sp Value: e773df44-9c87-4205-b51e-81e096f2763d
.firstleaf.club/	1970-01-19 13:26:21	Name: _sp_ses.efdf Value: *
.firstleaf.club/	1970-01-19 13:27:46	Name: _uetsid Value: ed1fa5e0164a11eba6905f749346f5db
.firstleaf.club/	1970-01-19 14:09:31	Name: __cfduid Value: d3b615a1e4dfb524095a63913c8f714671603579662

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
amplify.outbrain.com
amplifypixel.outbrain.com
analytics.twitter.com
anthill.instapage.com
api.datasteam.io
bat.bing.com
cdn.datasteam.io
cdn.pdst.fm
cdn.taboola.com
clicks.procastnetworks.com
collector-7547.tvsquared.com
connect.facebook.net
ct.firstleaf.club
cx.atdmt.com
d1hdjv7b05hja2.cloudfront.net
ekr.zdassets.com
fonts.gstatic.com
getrockerbox.com
heatmap-events-collector.instapage.com
images.firstleaf.club
jelly.mdhv.io
p.alcmpn.com
page.firstleaf.club
penrosehill.zendesk.com
pixel.mediaiqdigital.com
s.yimg.com
secure.adnxs.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.zdassets.com
stats.g.doubleclick.net
t.co
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
trkn.us
us-central1-adaptive-growth.cloudfunctions.net
v.fastcdn.co
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.71.113
104.244.42.195
104.244.42.5
104.27.174.181
141.226.228.48
143.204.201.121
151.101.112.157
151.101.113.44
185.105.66.16
185.33.221.89
192.229.133.208
2.18.234.190
2001:4860:4802:36::36
212.82.100.181
216.239.36.21
2600:9000:2057:d200:b:dc44:3680:21
2606:4700:10::6816:2ae0
2606:4700:10::ac43:1a84
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:806::2008
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.132.146.241
3.92.172.78
34.204.239.36
35.176.88.2
35.193.67.164
35.222.120.150
35.244.142.80
52.28.129.122
64.202.112.159
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0a2e3d4429fdfe6045263556fe47666cc7fe0343f7b1fec6d49362486db09327
0b38112f6a8fe239e85a248823d9f0d2eb4dae4095ff764415150f971402aeab
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18aa0928793ae52418d244d18064885a0457aa59d1aa34a5bd60cb8a0ac9c2c4
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22a807ab89ec894ee2127b8b35c22c17f2aa04bdad4075ceef531f6ef7fb4440
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2e94a788e3548290a70050319dc32425a9062444abc9931021227213111e4aad
311d65c3d630eee262de82a8c430aac593e650c46d75e58b657c8520d8431bcd
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3b2952b68071e053969f57eeaeea5edaae13cd177cf4045c170f52f42a4dbff9
40d2e5f16c476f6256135317980af1368ce7cb0533ca4377ee20b0a424d16a4b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45f867420decee6bbb824473854db411c5ed858f73a903cf6f5d6dc764b4f9e7
4a405f02a3a7d40426db85769f1e6c8ac96d4f5580600d2f906334e7b95eddbc
4bc0e7ea8db971d9dabd62c45f816186f3b5673b6872fbab1f20cf29026700bb
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fdc600e438b930705234651d0e5f9dc60176d1fc4212b0cfb1e0f9e908d91fa
5014231e08e901a2730bec0757b5b1624c206da4b34dd13bc028ce86880e9540
52b970231b6acd054a470b232aec5aee2493e1a4fc07a54557cc524f11343c2e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a8ef2c01be9d108d79f482d2293bcc12ef4162875d933bc193ef2fa06be248
550936d892199957cd2fa4c32505899e240ae678f0a8ec3d8ef005621cef2a13
5991a85568c553f8faf24407b27015791a41a241a133f1cae46d976f4a825647
5ba96ecb2eef97dd00fd98cea891b6602b061e1d625d1a7de50958c06d55d7e6
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6150332954412903283a4eb54f798387c39140d1a123118cf65821bc5e3ee494
631c2fa0722f28283a53ace40b98a338caf41f8f13be6cede3c89b819fc75abf
63896532a7015ab5b7288359c02124980a5075e9267f0ba3fbfc7c3f5038b478
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
784eef2bd9b090b59a21415c301374d957f01f4a2a9c36f7befd59f3c44b82f1
7eb4d851e46d3aa5251b190cb497da211e4fef4f9b99f734c247845ce58fa6b5
8045839b1c3c3a07a461ef4e3d3a1dba52e2a3e76e55ba81af5616eb121f24d4
810993e7140a3ee8854a0710b65e674282813a582c5d78b3847b6881f35358bc
8231103d519b2db6114b40807697ff8a7443f6ec6e939c8cb9cb4f5dee7348b2
8247f4332667950989fe6bf790f87723343db2ec83d975503e9c5dc13a6eb5dc
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
90c3b8d97df103749c4e56e06e581a6f36ddf166e218e0b7ad7f018c1443b7c7
9612b732c8a8dc259b1fabe26bfd3a67ba855bd3cf8fb1e109d4523ae7a20437
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9e446e75dc20b6dc693b247aaf7704112e55ef434588368aa0761fc76b3a29a5
a2deda29d1371229ed501ce62b57e607cb796cebb792410fc70054e69cd262b1
a4088dbd5ae05ef25b50ae71d76c9dd70464744529a15d087babfd1ede1ba00f
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a4b247236dee00aec7dc830a10a01df7637f10632865b25644e61071f871c09d
a6e9e1722cffa254dc5061e3d89fc40a4faec0cd7d44819923657d498e8df822
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aeae628bb5c58695aeeb38d775b0d3e58f0d3448679f5f2a1c9038cc63ae2156
b173e30ca5264235daeaca0ef667a001256d4c945e656e5f6c7c6d5ae9f5fd96
b2190f77f214349ff4d6bc095e0e5382216763eb51a150694495af066c7b8517
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b53ee934ef09cf5882e9a53b318d39145695f63d41378b1e8907d0305204ba6f
b55d8bf76fad21d722c9f365e1f6521d68d0e69e93d021b937767c2886aa3080
b8882e31b1407e6da2e2dda44ffa9f1c1a9298059f7203c5fa7d50bee4899783
bdf99df20adb49a3db00134afc1f57c5faad7432c66641ee79bc88634d6965c6
c77d5979a9eb0e45bd243053b0724ea63b2d3381a0b43a3ec80ad58df66cf781
cf2e59f0d930e9303ab7e02d216b9d6a09ea183b711185b3a8895950f375dfdc
d42401ed65a0b273918e8749ad01e591a1b2189fc00b5b88946b9e7804f176aa
d60d19dc30c3505c7c128e2d4d302f9e75902b7839b80b629415d330fced652d
dc01f4603e91d51cbb047f2a8d5c9352b6340eaaf92700e87c993985f2a3d8d7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eafb5c7e73d4a9f221b583f15b15728b8e09f5b43974291b160cd05cb84a576e
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ee37b0b701492a970b74f447f018a57e15b07e5507adacd9ece58af818f9ac4b
eec2c40d8b1bb98306990239204d8b90ca030f0def0e00dfe3117ae42991e126
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f267a845e6aa6f9bbfa760589029d4430fe113b65e8102eb172edc819cf3de7b
f300ec69084196b7ccaf336632ba239f9eede00b1ded121009d8c5af9c9724c8
ffb92ab9eefa3b6e3f6313d9a4194715887b0b8442d7be6cd1a472db7e810e5a

page.firstleaf.club Open in urlscan Pro 2606:4700:10::ac43:1a84 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

100 %HTTPS

36 %IPv6

33 Domains

42 Subdomains

37 IPs

8 Countries

3079 kBTransfer

6205 kBSize

21 Cookies

11 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

page.firstleaf.club Open in urlscan Pro
2606:4700:10::ac43:1a84 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

100 %
HTTPS

36 %
IPv6

33
Domains

42
Subdomains

37
IPs

8
Countries

3079 kB
Transfer

6205 kB
Size

21
Cookies

91 HTTP transactions
0 data transactions