r2finance.leadpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://r2finance.leadpages.co/
Effective URL:
https://r2finance.leadpages.co/
Submission: On March 11 via api (March 11th 2024, 8:55:06 pm UTC) from US — Scanned from US

Summary HTTP 54 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 27 IPs in 1 countries across 25 domains to perform 54 HTTP transactions. The main IP is 35.202.21.90, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is r2finance.leadpages.co.
TLS certificate: Issued by R3 on February 21st 2024. Valid for: 3 months.

This is the only time r2finance.leadpages.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	34.120.132.252 34.120.132.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2607:f8b0:400... 2607:f8b0:4006:820::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
5	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 _) (CDN77 _)
2	18.238.49.45 18.238.49.45	16509 (AMAZON-02) (AMAZON-02)
3	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:141b:1c0... 2600:141b:1c00:31::1739:5a51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.235.23 35.186.235.23	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:5a9a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e7a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4dba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:4006:824::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1f::9a	15169 (GOOGLE) (GOOGLE)
54	27

2 35.202.21.90 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

r2finance.leadpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.leadpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.120.132.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.132.120.34.bc.googleusercontent.com

user.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::2001 (United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 _, GB)

cdn.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hits-i.iubenda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.238.49.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-49-45.jfk52.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:31::1739:5a51 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.235.23 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 23.235.186.35.bc.googleusercontent.com

cdn4.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:5a9a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e7a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4dba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1f::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6596	3 KB
5	iubenda.com cdn.iubenda.com — Cisco Umbrella Rank: 11674 cs.iubenda.com — Cisco Umbrella Rank: 13823 hits-i.iubenda.com — Cisco Umbrella Rank: 13407	93 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	432 KB
5	lpcontent.net user.lpcontent.net — Cisco Umbrella Rank: 172551	139 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 148	875 B
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	4 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 375	14 KB
3	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 41221	1 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4679 forms.hscollectedforms.net — Cisco Umbrella Rank: 4787	26 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2237	23 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	70 KB
2	leadpages.com static.leadpages.com — Cisco Umbrella Rank: 303450	5 KB
2	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 11310	18 KB
2	center.io js.center.io — Cisco Umbrella Rank: 48124	15 KB
2	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 46	42 KB
2	leadpages.co 1 redirects r2finance.leadpages.co	19 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2406	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3504	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2220	21 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3210	4 KB
1	mxpnl.com cdn4.mxpnl.com — Cisco Umbrella Rank: 12328	19 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2484	1 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 781	17 KB
1	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 47024	26 KB
54	25

	Domain	Requested by
5	www.googletagmanager.com	r2finance.leadpages.co www.googletagmanager.com js.hsadspixel.net
5	user.lpcontent.net	r2finance.leadpages.co user.lpcontent.net
4	px.ads.linkedin.com	3 redirects snap.licdn.com
3	bat.bing.com	r2finance.leadpages.co bat.bing.com
3	api.leadpages.io	js.center.io
3	cdn.iubenda.com	www.googletagmanager.com cdn.iubenda.com
2	analytics.google.com	www.googletagmanager.com
2	www.google.com	r2finance.leadpages.co
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	connect.facebook.net	r2finance.leadpages.co connect.facebook.net
2	static.leadpages.com	www.googletagmanager.com
2	public.profitwell.com	r2finance.leadpages.co
2	js.center.io	r2finance.leadpages.co js.center.io
2	lh3.googleusercontent.com	r2finance.leadpages.co
2	r2finance.leadpages.co	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	track.hubspot.com
1	www.facebook.com	r2finance.leadpages.co
1	api.hubapi.com	js.hsadspixel.net
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	px4.ads.linkedin.com	r2finance.leadpages.co
1	www.linkedin.com	1 redirects
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	cdn4.mxpnl.com	r2finance.leadpages.co
1	hits-i.iubenda.com	cdn.iubenda.com
1	js.hs-scripts.com	www.googletagmanager.com
1	snap.licdn.com	r2finance.leadpages.co
1	cs.iubenda.com	cdn.iubenda.com
1	static.leadpages.net	r2finance.leadpages.co
54	32

This site contains links to these domains. Also see Links.

Domain
www.leadpages.com
my.leadpages.com
lp.leadpages.com

Subject Issuer	Validity	Valid
*.leadpages.co R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
static.leadpages.net GTS CA 1D4	`2024-02-10` - `2024-05-10`	3 months	crt.sh
user.lpcontent.net GTS CA 1D4	`2024-02-11` - `2024-05-11`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
js.center.io GTS CA 1D4	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.iubenda.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-01` - `2025-03-03`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.leadpages.io R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
static.leadpages.com GTS CA 1D4	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-20` - `2024-03-19`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.mxpnl.com GeoTrust TLS RSA CA G1	`2023-07-12` - `2024-08-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
hubapi.com E1	`2024-03-06` - `2024-06-04`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2024-01-06` - `2024-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://r2finance.leadpages.co/
Frame ID: 8E13333BDD9D9D4CA5E494C2D9807B30
Requests: 53 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 380DA4E7A09A7F4639A5DC0E1FACF027
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

404 Error

Page URL History Show full URLs

http://r2finance.leadpages.co/ HTTP 301
https://r2finance.leadpages.co/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Iubenda (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

iubenda\.com/cookie-solution/confs/js/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Page Statistics

54
Requests

98 %
HTTPS

74 %
IPv6

25
Domains

32
Subdomains

27
IPs

1
Countries

993 kB
Transfer

2876 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadpages.com/
Title: .css-qcy3kw{display:inline-block;vertical-align:middle;max-width:6012px;}@media (max-width:530px){.site-header .composite .widget .css-qcy3kw{max-width:calc(100% - 80px);}}

Search URL Search Domain Scan URL

URL: https://my.leadpages.com/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://lp.leadpages.com/free-trial
Title: Sign Up Free

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://r2finance.leadpages.co/ HTTP 301
https://r2finance.leadpages.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62142%26time%3D1710190499959%26li_adsId%3D1ff7119e-fd59-4a3a-a402-b433e18f3f05%26url%3Dhttps%253A%252F%252Fr2finance.leadpages.co%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQLQhyhnv41pbAAAAY4vTBqX4t0A-7z2omnOQh1uVCz4XFmWIX9jAqFfpBjDdEoVVbOdiA

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request / Show response
r2finance.leadpages.co/
Redirect Chain

http://r2finance.leadpages.co/
https://r2finance.leadpages.co/

98 KB
18 KB

406ms
291ms

Document
text/html

35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.21.202.35.bc.googleusercontent.com
Software: Leadpages /
Resource Hash: 5494ffe6a4e4683455c4ae9e3f1126a710ccad353f5ca3db2842fc2e40c81f13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Mon, 11 Mar 2024 20:54:58 GMT
server: Leadpages
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Mon, 11 Mar 2024 20:54:58 GMT
Location: https://r2finance.leadpages.co/
Server: Leadpages
Strict-Transport-Security: max-age=15768000

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 100 KB
26 KB 176ms
40ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:54:29 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 2304029
etag: "EqK-AA"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: ec25af1826b95db68f25d720ad577fec
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26836
expires: Thu, 13 Feb 2025 04:54:29 GMT

GET
H2 200 c7HHm2unNp3hi8ghK3bQ6V.css
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/ 786 B
1 KB 171ms
37ms Stylesheet
text/css 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3def9a50a9e6fd7ad93a7c0b5040e4c60c15215b1b7fcf40f15e313d7f292d36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:50:18 GMT
via: 1.1 google
age: 280
x-guploader-uploadid: ABPtcPpagDtZCVr39WVyfGyenuGfLuQaic85BfEsOQnuCbvtk6ZTApHC3VIDTNKMhcLY-qpZl-ZlDaRXkw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 786
last-modified: Wed, 12 May 2021 19:47:04 GMT
server: UploadServer
etag: "2826942559f7b28429635b3cec7e297b"
x-goog-generation: 1620848824936216
x-goog-hash: crc32c=GBQdDA==, md5=KCaUJVn3soQpY1s87H4pew==
access-control-allow-origin: *
access-control-expose-headers: content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 786
accept-ranges: bytes
content-type: text/css
expires: Mon, 11 Mar 2024 21:50:18 GMT

GET
H2 200 FBgakARR2Ssfv2iQ68iZjg.css
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/ 1 KB
1 KB 173ms
39ms Stylesheet
text/css 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 807d72e55b4c3cb21d7bc66fb69f957218a0e3ea149492495a2403ac301e0896

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:40:19 GMT
via: 1.1 google
age: 879
x-guploader-uploadid: ABPtcPqhguhbsT9cGrEwou1kNY9-Ms__TmBccp5NZ6QrrM11cppGOAhPi0fIjF3gfZQbU82GQgRkvjM_ug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1175
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "f0a316ab7fb54aeff2e380ed51f5705b"
x-goog-generation: 1620848896855294
x-goog-hash: crc32c=X3vwHg==, md5=8KMWq3+1Su/y44DtUfVwWw==
access-control-allow-origin: *
access-control-expose-headers: content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 1175
accept-ranges: bytes
content-type: text/css
expires: Mon, 11 Mar 2024 21:40:19 GMT

GET
H2 200 LIcVKv_Qh7-UNXEl9SQFS9iTwg4L2OdSs73GC0Zlq-oFBgGQJgTJBCwFzPxeW4Kp3Zl-DPrRPhETWJsH6dwtxg=w1064
lh3.googleusercontent.com/ 40 KB
41 KB 127ms
44ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/LIcVKv_Qh7-UNXEl9SQFS9iTwg4L2OdSs73GC0Zlq-oFBgGQJgTJBCwFzPxeW4Kp3Zl-DPrRPhETWJsH6dwtxg=w1064

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0a8d654bc7d7b0f8b63e8fa009a185174cb87636c1311d0933967bbcd8ceb328

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 19:47:46 GMT
x-content-type-options: nosniff
age: 4032
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41369
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Mar 2024 19:47:46 GMT

GET
H2 200 3MGPQa8ZEYlGGcQy08PtflX7z0ik_OzbsDnRc0UHj7h2Eh4vrpX9jkCxdAb6mLxA1sJc2F-88J3sO1CJjT7-XWA=s0
lh3.googleusercontent.com/ 1 KB
2 KB 117ms
35ms Image
image/png 2607:f8b0:4006:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/3MGPQa8ZEYlGGcQy08PtflX7z0ik_OzbsDnRc0UHj7h2Eh4vrpX9jkCxdAb6mLxA1sJc2F-88J3sO1CJjT7-XWA=s0

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9da1d24acad38b9a23a0ff180b0162475b86100412f5006c869830b09938f090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 19:34:27 GMT
x-content-type-options: nosniff
age: 4831
cross-origin-resource-policy: cross-origin
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1418
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 12 Mar 2024 19:34:27 GMT

GET
H2 200 center.js Show response
js.center.io/ 12 KB
12 KB 265ms
59ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:51:41 GMT
server: Google Frontend
age: 198
etag: "OMWYXg"
content-type: application/javascript
x-cloud-trace-context: d57a1468ccab461eb6a78c1e56768e00
cache-control: public, max-age=300
content-length: 12555
expires: Mon, 11 Mar 2024 20:56:41 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
102 KB 182ms
89ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a5e046fc6bb5587483c1aa8eb98988aa233c640a04c0fe96b25918811b510c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 20:54:58 GMT

GET
H2 200 VpHK3tNeBcNAQpQHrQioTA.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/ 46 KB
46 KB 236ms
145ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/VpHK3tNeBcNAQpQHrQioTA.woff2?time=1620848896
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 09d982564a92075d07999eae4fb9e1e8051397e2a8ad41931df5545ed4f78777

Request headers

Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Origin: https://r2finance.leadpages.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:52:58 GMT
via: 1.1 google
age: 120
x-guploader-uploadid: ABPtcPqpxeeOIAnEq5ZjUb2cOrLwXw3e2YqdWLHJsuIpk6hUxP_HfoD0zrJH1E07AlDxYa7y_TU
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46860
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "8b6b3d38d4715faa322b5042bd8c5f57"
x-goog-generation: 1620848896205234
x-goog-hash: crc32c=X4AixA==, md5=i2s9ONRxX6oyK1BCvYxfVw==
access-control-allow-origin: *
access-control-expose-headers: content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 46860
accept-ranges: bytes
content-type: fonts/woff2
expires: Mon, 11 Mar 2024 21:52:58 GMT

GET
H2 200 dS2BiEmhUsz4GphQQRmemS.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/ 46 KB
46 KB 196ms
108ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg/dS2BiEmhUsz4GphQQRmemS.woff2?time=1620848896
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e21a2c50512b98f3bf118815326b95419de9931513e177d5ff7b99bbcf812f58

Request headers

Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/FBgakARR2Ssfv2iQ68iZjg.css?time=1620848897
Origin: https://r2finance.leadpages.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:15:20 GMT
via: 1.1 google
age: 2378
x-guploader-uploadid: ABPtcPoqwW12l3Km2veKs4boJiaAeZnBQAM8FJcxK2FKxsd9oIXo3YxvaJG-TWQ3nWA45Hf6Tn4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46896
last-modified: Wed, 12 May 2021 19:48:16 GMT
server: UploadServer
etag: "b76049f7b22b3bdc063bd1d394eabffc"
x-goog-generation: 1620848896135412
x-goog-hash: crc32c=57xZ7w==, md5=t2BJ97IrO9wGO9HTlOq//A==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 46896
accept-ranges: bytes
content-type: fonts/woff2
expires: Mon, 11 Mar 2024 21:15:20 GMT

GET
H2 200 Gg8NMQJCLMy6e2h6qq4z76.woff2
user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V/ 44 KB
44 KB 134ms
47ms Font
fonts/woff2 34.120.132.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V/Gg8NMQJCLMy6e2h6qq4z76.woff2?time=1620848824
Requested by: Host: user.lpcontent.net
URL: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.132.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.132.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 36e2569671518a30e97f06b180abb3d8a2e31640fb731048b8e6d4070c8e38ff

Request headers

Referer: https://user.lpcontent.net/fonts/SWj8CcTJn4MW4eGBBDcRXg/c7HHm2unNp3hi8ghK3bQ6V.css?time=1620848825
Origin: https://r2finance.leadpages.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:15:35 GMT
via: 1.1 google
age: 2363
x-guploader-uploadid: ABPtcPoX_A6KKxsr8g10JoBR5qJyKkCl3gN3bgtTq6XgIWA0sKU8ZIIFvGEA6NojETJoK704waUu3PxRGA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44672
last-modified: Wed, 12 May 2021 19:47:04 GMT
server: UploadServer
etag: "e3ca664444800ac8b93636dc52cd7334"
x-goog-generation: 1620848824314391
x-goog-hash: crc32c=oOZDJA==, md5=48pmRESACsi5NjbcUs1zNA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, content-type
cache-control: public, max-age=3600
x-goog-stored-content-length: 44672
accept-ranges: bytes
content-type: fonts/woff2
expires: Mon, 11 Mar 2024 21:15:35 GMT

GET
H2 200 identify.html Show response
js.center.io/ Frame 380D 4 KB
2 KB 47ms
46ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110

Request headers

Referer: https://r2finance.leadpages.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 242
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Mon, 11 Mar 2024 20:50:57 GMT
etag: "OMWYXg"
expires: Mon, 11 Mar 2024 20:55:57 GMT
server: Google Frontend
x-cloud-trace-context: 6c6deb27341694489179e31cef1d99ba

GET
H2 200 stub.js Show response
cdn.iubenda.com/cs/ccpa/ 4 KB
2 KB 176ms
44ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/ccpa/stub.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 60f3978fd96db4f213d594e2c6b6ad6811f6ef809988c09a0050c7957b681dbc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: br
cdn-edgestorageid: 885
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/11/2024 20:54:59
cdn-pullzone: 954456
last-modified: Mon, 11 Mar 2024 12:28:02 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65eef8d2-5f6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 52f7ff3daa649376016903dd715c65a4
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 194ms
84ms Script
application/javascript 18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=52b5ac26c22bd2bd209d040d7465d0b7
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-45.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding: gzip
via: 1.1 20292965cdbba1b959488426be2ef49e.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 20:55:00 GMT
last-modified: Thu, 21 Dec 2023 14:58:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
x-amz-server-side-encryption: AES256
etag: W/"40097cdf413c1f1f303c66489742cb44"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: Vj_MJuHl7Wbu_oapPDpbAtXiY7F-o7Sn_gAj-J2-IhaPQ7KvZp8ayQ==

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
668 B 206ms
65ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=YnZqAcs7vPqAxVABjoh5H9&v=&e=&st=&lc=en-US&pid=wVxPjLuS24uynHELZfsPrV&uid=ZYb4xvQqQYcsWHV4UjphC9&sid=UoL4B4ZxdRhJJgojGqKE7H&cid=lp-YnZqAcs7vPqAxVABjoh5H9&uri=https%3A%2F%2Fr2finance.leadpages.co%2F&rf=&rx=1600&ry=1200&tz=-10%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 20:54:59 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://r2finance.leadpages.co
X-Forwarded-For: 96.9.249.34
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 01qhk6rmma2bchgone50

GET
H2 200 iubenda_cs.js Show response
cdn.iubenda.com/cs/ 698 B
869 B 55ms
54ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 4b22e452233404585db053cc35b0375afe9279fec6a13ab9252863f18f1ba38c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: br
cdn-edgestorageid: 885
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/11/2024 20:54:59
cdn-pullzone: 954456
last-modified: Mon, 11 Mar 2024 12:28:02 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65eef8d2-15e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
cdn-requestid: 336126fdf1d46823af68d03d73d0cdc4
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 core-en.js Show response
cdn.iubenda.com/cookie_solution/iubenda_cs/1.56.0/ 475 KB
89 KB 61ms
61ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.56.0/core-en.js
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cs/iubenda_cs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: af330a4df2d93651452b3ff1896b0902c235fc0667378dcb11c777979a99cf82

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: br
cdn-edgestorageid: 885
p3p: CP="DSP NOI COR", policyref="http://www.iubenda.com/w3c/p3p.xml"
cdn-cachedat: 03/11/2024 20:54:59
cdn-pullzone: 954456
last-modified: Mon, 11 Mar 2024 12:28:01 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "65eef8d1-160c9"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: BYPASS
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=31536000
cdn-requestid: 657dfe7335aa66e1b7a83a2e23d4e57f
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 14952535.js Show response
cs.iubenda.com/cookie-solution/confs/js/ 204 B
778 B 51ms
38ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL

https://cs.iubenda.com/cookie-solution/confs/js/14952535.js

Requested by

Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.56.0/core-en.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

287c6bd687162409f07cdc941c0458cfe637c9ad50c3254a6486203a75a98e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

cdn-requestpullsuccess: True
date: Mon, 11 Mar 2024 20:54:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cdn-edgestorageid: 885
cdn-cachedat: 03/08/2024 00:17:08
cdn-pullzone: 1019485
last-modified: Thu, 07 Mar 2024 23:50:50 GMT
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"65ea52da-cc"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
cache-control: public, max-age=3600
access-control-allow-credentials: true
cdn-requestid: ab38545ae0b215948ffe015566714729
cdn-requestcountrycode: US
cdn-status: 200
expires: Fri, 08 Mar 2024 01:17:08 GMT

GET
H2 200 mixdown.js Show response
static.leadpages.com/mktg/mixdown/current/ 9 KB
3 KB 179ms
42ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.com/mktg/mixdown/current/mixdown.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: fc78e072732d24a90a63cbcdee55789b7f3d98ef159707ba81241e76913c26fe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:53:03 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 116
etag: "EqK-AA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: a43b6c7973f8110d29a4c1a98753ed98
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3434
expires: Mon, 11 Mar 2024 20:58:03 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 69ms
68ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-975363878&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f28743ccf74de4f32185120dcd22349d6468b01413fa0fe55beaba0c1a8f56a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79464
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 19:50:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Mar 2024 20:54:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 215 KB
58 KB 129ms
42ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Mar 2024 20:54:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57348
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=12, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: CCQ26wPugzhGtWGPyJ+5sh1RB5LugGU2b2Oc1gpMyQ7KfZr4mv+QQD2Kyk36c43y5in/+o2rD1/K+yjH7lLHgg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 211ms
62ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 11 Mar 2024 20:54:59 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 52DF7070811E4B58AC1ABC8D76AADD2E Ref B: EWR311000108031 Ref C: 2024-03-11T20:54:59Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 48 KB
17 KB 175ms
48ms Script
application/javascript 2600:141b:1c00:31::1739:5a51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:31::1739:5a51 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Mar 2024 16:03:53 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=68974
accept-ranges: bytes
content-length: 17224

GET
H2 200 attribution-syncer.js Show response
static.leadpages.com/mktg/attribution-syncer/current/ 4 KB
2 KB 170ms
40ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.com/mktg/attribution-syncer/current/attribution-syncer.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 6b68baa257dae3591e46d6e9b1bbc3aef1ebb5ee112bedbd1fb418afe2a38293

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:50:32 GMT
content-encoding: gzip
via: 1.1 google
server: Google Frontend
age: 267
etag: "EqK-AA"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: d86b36d0d891b5d9ca02066273b96326
cache-control: public, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1832
expires: Mon, 11 Mar 2024 20:55:32 GMT

GET
H2 200 21794907.js Show response
js.hs-scripts.com/ 2 KB
1 KB 162ms
58ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21794907.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413181623e740f27f46393269fb85e8b01008b7aa1db498ebdeb1fe45b173a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:54:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 73b82d02-3c24-4681-992c-b9b5f925d1cf
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2012
age: 51
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 73b82d02-3c24-4681-992c-b9b5f925d1cf
cf-bgj: minify
last-modified: Mon, 11 Mar 2024 20:54:08 GMT
server: cloudflare
x-trace: 2B609A59D5C60F22A8A96D5393C6A0283ABC6D045B000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://jeremyklae036.lpages.co
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-8fqsk
x-evy-trace-virtual-host: all
access-control-allow-credentials: true
cache-control: public, max-age=90
cf-ray: 862e71605a631791-EWR
expires: Mon, 11 Mar 2024 20:56:29 GMT

POST
H2 204 write Show response
hits-i.iubenda.com/ 0
653 B 296ms
171ms XHR
text/plain 2a02:6ea0:c454::1
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://hits-i.iubenda.com/write?db=hits1
Requested by: Host: cdn.iubenda.com
URL: https://cdn.iubenda.com/cookie_solution/iubenda_cs/1.56.0/core-en.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 _, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://r2finance.leadpages.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
cdn-edgestorageid: 885
x-influxdb-build: OSS
x-influxdb-version: 1.8.2
cdn-cachedat: 03/11/2024 20:55:00
cdn-pullzone: 967785
request-id: a00ef18d-dfe9-11ee-bc91-0242ac110002
x-request-id: a00ef18d-dfe9-11ee-bc91-0242ac110002
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 204
access-control-allow-methods: DELETE, GET, OPTIONS, POST, PUT
access-control-allow-origin: https://r2finance.leadpages.co
cdn-uid: a7bd0c3f-43db-400a-80e2-073f933f3c99
access-control-expose-headers: Date, X-InfluxDB-Version, X-InfluxDB-Build
cache-control: public, max-age=0
cdn-requestid: 6c0f46e847a5d69621b43fe338759235
cdn-requestcountrycode: US
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Length, Content-Type, X-CSRF-Token, X-HTTP-Method-Override
cdn-requestpullsuccess: True

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/ 2 KB
2 KB 195ms
77ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/?random=1710190499905&cv=11&fst=1710190499905&bg=ffffff&guid=ON&async=1&gtm=45be4360v9105622081z86789581za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fr2finance.leadpages.co%2F&hn=www.googleadservices.com&frm=0&tiba=404%20Error&npa=0&us_privacy=1---&pscdl=noapi&uamb=0&uaw=0&fdr=QA&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-975363878&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c576c57122c107ecdd1e054c40f1c370e87fb0112fe8805b28d7dd94009c679c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1253
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn4.mxpnl.com/libs/ 54 KB
19 KB 159ms
38ms Script
text/javascript 35.186.235.23
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.235.23 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 23.235.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:52:51 GMT
content-encoding: gzip
age: 129
x-guploader-uploadid: ABPtcPp0QD-m-slDnKdMlhHra2f5gtKr2jaahGmYgbh_AakQpCz8rJcfiTlfAr_N9lFlRHmP1DqMmn0-lg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18490
last-modified: Tue, 06 Feb 2024 00:09:36 GMT
server: UploadServer
etag: "eb0675a8749ea5d76345796217db928f"
vary: Accept-Encoding
x-goog-generation: 1707178176338436
x-goog-hash: crc32c=fWmQwA==, md5=6wZ1qHSepddjRXliF9uSjw==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 18490
accept-ranges: bytes
expires: Mon, 11 Mar 2024 21:02:51 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21794907/ 70 KB
23 KB 169ms
49ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21794907/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e728b195c7623d42d99725f134b28e1d5193a03159b7eed959d5b61c17bcb4ff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-amz-version-id: TtYh.83EjX0UOfMzWrbYiXXSHp6Nxn7s
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: JBCWV832RDSG1Y9Z
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 96260b07-847e-4870-b663-ac5de0d0b9e4
age: 153
x-envoy-upstream-service-time: 28
x-amz-id-2: WXotF+R9cR2rr+OBFOY3gTB1FQP9ybRUuWQDIvb/An+QW/P/YNkSSlxhdODrSaeCKBmWNuj3CJ4=
x-evy-trace-listener: listener_https
x-request-id: 96260b07-847e-4870-b663-ac5de0d0b9e4
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 11 Mar 2024 18:49:03 GMT
server: cloudflare
etag: W/"9849aeec92059f66566aebf869c3d27a"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://backtoherroots.lpages.co
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-pbs6d
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 862e71618c931889-EWR
expires: Mon, 11 Mar 2024 20:57:27 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 184ms
63ms Script
application/javascript 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://r2finance.leadpages.co/
Origin: https://r2finance.leadpages.co
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-amz-version-id: VTCx5Wpr_CjwKFe_1K6ShUsHQL37oHcJ
via: 1.1 53b70ac9dc46d1c13992b291cf22a9aa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 103f9211-5837-4fe3-9065-fa9ee9e1e3ae
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.468/bundles/project.js&cfRay=862e71618c16c32c-EWR
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 103f9211-5837-4fe3-9065-fa9ee9e1e3ae
last-modified: Wed, 21 Feb 2024 09:36:07 UTC
server: cloudflare
etag: W/"0892458d49ed5681928e6be69131caa7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-2qqmj
cf-ray: 862e71618c16c32c-EWR
x-amz-cf-id: EBo9lfCmcb6MjaREPEaJxb9fEUyhaZ_QmTfEpXMDrA4R15Ct3V28Iw==
x-hs-target-asset: collected-forms-embed-js/static-1.468/bundles/project.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 192ms
52ms Script
application/javascript 2606:4700::6811:e7a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e7a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd47bb5c3c79ece4cd4b9fd66d3d9e3775150737494912c71663ea52040decd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-amz-version-id: fZfwxa8ceO6pVp7hFS6JvPrOzh5PJhey
via: 1.1 e21fbbed60133ff896ee44224814dc5c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 44
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.537/bundles/pixels-release.js&cfRay=862e704dff3518bc-EWR
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a31ef763-226e-4b5c-b8af-aed2c7693908
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a31ef763-226e-4b5c-b8af-aed2c7693908
last-modified: Fri, 08 Mar 2024 14:46:21 UTC
server: cloudflare
etag: W/"1b9f1161785ce805353591d6396d2715"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-58mtb
cf-ray: 862e7161abfe0f64-EWR
x-amz-cf-id: A87ZKLA2RJPw_DlilbFLg4z8rG-3f1_A6EqkeLCZz3m3WkVW58K04A==
x-hs-target-asset: adsscriptloaderstatic/static-1.537/bundles/pixels-release.js

GET
H2 200 21794907.js Show response
js.hs-analytics.net/analytics/1710190200000/ 66 KB
21 KB 188ms
53ms Script
text/javascript 2606:4700::6810:4dba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1710190200000/21794907.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21794907.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4dba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6468d9f1cdfa69c3978ab69eec424d11034ac3c217b596341a9986ad87ae3586

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 0RBEARMAWJEQSZ4W
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: adc0d8a9-2e89-4440-a827-0977cbbfaac9
age: 257
x-envoy-upstream-service-time: 264
x-amz-id-2: N+jdyJUrf4XROCxxwAl1S6zXF5kPoGINYjxGQqLc3lrh0LTYTPiLrjB4cYphldt5uMnzZ3ooSS+KmQ06X7dXHvf372ucPC4M
x-evy-trace-listener: listener_https
x-request-id: adc0d8a9-2e89-4440-a827-0977cbbfaac9
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 06 Mar 2024 16:08:16 GMT
server: cloudflare
etag: W/"eb06862521807179eeb208eb03cd033d"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-8555f56d-phrfm
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 862e7161a92f42e2-EWR
expires: Mon, 11 Mar 2024 20:55:43 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D62142%26time%3D1710190499959%26li_adsId%3D1ff7119e-fd59-4a3a-a402-b433e18f3f05%26...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true&e...

0
488 B

226ms
89ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQLQhyhnv41pbAAAAY4vTBqX4t0A-7z2omnOQh1uVCz4XFmWIX9jAqFfpBjDdEoVVbOdiA
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 89C19D7EA0174E549654C03B16AA2198 Ref B: YTO01EDGE0808 Ref C: 2024-03-11T20:55:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYTaMFLVwQXRVhMPugevw==

Redirect headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9271DCE661CD49B4A2395078882B4509 Ref B: NYCEDGE1618 Ref C: 2024-03-11T20:55:00Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=62142&time=1710190499959&li_adsId=1ff7119e-fd59-4a3a-a402-b433e18f3f05&url=https%3A%2F%2Fr2finance.leadpages.co%2F&cookiesTest=true&liSync=true&e_ipv6=AQLQhyhnv41pbAAAAY4vTBqX4t0A-7z2omnOQh1uVCz4XFmWIX9jAqFfpBjDdEoVVbOdiA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYTaMFHwQrMf2HNOY/yLA==

GET
H2 204 5129109.js Show response
bat.bing.com/p/action/ 0
117 B 64ms
63ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5129109.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 11 Mar 2024 20:54:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E887B06479A04CC1918C36701528C396 Ref B: EWR311000108031 Ref C: 2024-03-11T20:55:00Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
361 B 140ms
135ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5129109&Ver=2&mid=a7719e25-586b-44cc-8bdc-2259070591d0&sid=a00279a0dfe911eeaec5a5ac6a6be95b&vid=a002ba60dfe911eeaeb12d7e4b518a96&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=404%20Error&p=https%3A%2F%2Fr2finance.leadpages.co%2F&r=&lt=939&evt=pageLoad&sv=1&rn=25222

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 11 Mar 2024 20:54:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 746085640E1F4F2A8743D4DA8BEC3A43 Ref B: EWR311000108031 Ref C: 2024-03-11T20:55:00Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1482449758700184 Show response
connect.facebook.net/signals/config/ 55 KB
12 KB 443ms
441ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1482449758700184?v=2.9.148&r=stable&domain=r2finance.leadpages.co&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb8deded02f8831df1264dc17d64b34e0a04610f416a0a882ccaa680354770a5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 11 Mar 2024 20:55:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=64, mss=1294, tbw=62449, tp=-1, tpl=-1, uplat=393, ullat=0
pragma: public
x-fb-debug: 2KWhcqwa2bYc0Kmib7Sa+LzUwWpp0bB40v+HmKuAyS3FnPMd6vNc64pCx976pfhv2XoAK0hkNyYjTPnxpiXK+Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/975363878/ 42 B
455 B 147ms
55ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975363878/?random=1710190499905&cv=11&fst=1710187200000&bg=ffffff&guid=ON&async=1&gtm=45be4360v9105622081z86789581za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fr2finance.leadpages.co%2F&frm=0&tiba=404%20Error&npa=0&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqr86qx9MTw8ELdukI8OurNauEMZpb_Q&random=1785211116&rmt_tld=0&ipr=y

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 5 B
148 B 136ms
53ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/21794907/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21152971983ab0f08638f7bc1619a54efd4d9f3115ffdef92c151b9b9d1a109d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 862e7162ce8c80d9-EWR
content-length: 5

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
438 B 94ms
68ms XHR
application/json 2606:4700::6811:5a9a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21794907&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:5a9a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef77a1693495d5a9674bbe9d86a224aea85ebeb31fc20d2e7a87224b2f08c063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://r2finance.leadpages.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9afb2f05-a17d-4bf5-9801-662b930e596f
x-envoy-upstream-service-time: 12
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9afb2f05-a17d-4bf5-9801-662b930e596f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://r2finance.leadpages.co
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-576f9d768-4p57r
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 862e7162bd2cc32c-EWR

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 115 B
1 KB 284ms
139ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21794907

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63a9f4889487bed03e5ebcfe035afaa83a1c5ba470c0256ce2a0c17e572243fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1dbddc95-a13b-477c-9cb3-869c6ae15601
content-encoding: br
x-envoy-upstream-service-time: 54
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1dbddc95-a13b-477c-9cb3-869c6ae15601
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://r2finance.leadpages.co
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-59d6fb747d-62gmh
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivZd6Fub0RkWXx8d8F3HpqfXm%2FwAAycBjVtNy4UhxdDfPxUF8YpEKKRiMDpkOPxeHW4KxwqVB5RbD8cBLQgeU5qA0e3uU3j3SenEUZqHCPyXkzm%2Bj8lI0h%2BLBecsFiOg0PbOa4oyGY%2FMcMkR"}],"group":"cf-nel","max_age":604800}
cf-ray: 862e71640a99428e-EWR
access-control-allow-headers: *

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 150ms
41ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1482449758700184&ev=PageView&dl=https%3A%2F%2Fr2finance.leadpages.co%2F&rl=&if=false&ts=1710190500529&sw=1600&sh=1200&v=2.9.148&r=stable&ec=0&o=4126&fbp=fb.2.1710190500513.1139275152&ler=empty&cdl=API_unavailable&it=1710190500041&coo=false&rqm=GET

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1294, tbw=2800, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 11 Mar 2024 20:55:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 78ms
76ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975363878

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e140ec9bbd08377b19c2bde48fb0adc3cb25430a96ee3c008e61b95f66206b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79388
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 19:50:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Mar 2024 20:55:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 75ms
74ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-975363878&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

283f1a420dbf7ec8c696375c52c94f5ea8adcede9c28a7d0a08c4b831fd412d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79585
x-xss-protection: 0
last-modified: Mon, 11 Mar 2024 19:50:03 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Mar 2024 20:55:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/ 2 KB
2 KB 82ms
81ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/975363878/?random=1710190500802&cv=11&fst=1710190500802&bg=ffffff&guid=ON&async=1&gtm=45be4360v9105622081za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fr2finance.leadpages.co%2F&hn=www.googleadservices.com&frm=0&tiba=404%20Error&did=dZTQ1Zm&gdid=dZTQ1Zm&npa=0&us_privacy=1---&pscdl=noapi&auid=193720940.1710190501&uamb=0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-975363878

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041739f941a6bda1ed3ebb916c5c6bdd13701617dc424f3b0fd6fb8e46962de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
199 B 111ms
110ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://r2finance.leadpages.co/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 11 Mar 2024 20:55:00 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5DB4689A9A0E43CFB4D8DF256601761E Ref B: NYCEDGE1618 Ref C: 2024-03-11T20:55:00Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://r2finance.leadpages.co
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYTaMFN3YeyTrDWZBCi3g==

GET
H2 200 /
www.google.com/pagead/1p-user-list/975363878/ 42 B
108 B 57ms
56ms Image
image/gif 2607:f8b0:4006:824::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/975363878/?random=1710190500802&cv=11&fst=1710187200000&bg=ffffff&guid=ON&async=1&gtm=45be4360v9105622081za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fr2finance.leadpages.co%2F&frm=0&tiba=404%20Error&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQB7FLtq9pCyfAtZvjzEHGEF62IjACmr8HY2F8Ku_BOokBzNnpsyS2xf&random=887313534&rmt_tld=0&ipr=y

Requested by

Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 225ms
103ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3281433755&v=1.1&a=21794907&pu=https%3A%2F%2Fr2finance.leadpages.co%2F&t=404+Error&cts=1710190500998&vi=076885db464304e052b1270e14101cee&nc=true&u=212233099.076885db464304e052b1270e14101cee.1710190500987.1710190500987.1710190500987.1&b=212233099.1.1710190500987&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 18c5a4de-c671-49cb-aa4d-b4fd399c0b25
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 16
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 18c5a4de-c671-49cb-aa4d-b4fd399c0b25
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bctJ7J2UZlMVOyi0Kch6g0gAbvbeGLka2fw2YQYCh2so7t%2FwfRJYvNxsoIN5%2B3d8pLbiqrCZH8NV466Ho9fYqkSHPIRIHMTiFHSxM0W6%2BVosQzILe7buOSjCbaF8Ug%2F%2FEIrn4LTGw5erkfKJgonl"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-68f68ffdf9-zrmfx
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 862e71683c9b32fa-EWR
x-robots-tag: none

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
353 B 65ms
64ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=0,112,292,406,2,412,667,669,2842,2870
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 20:55:01 GMT
Server: Stargate
Transfer-Encoding: chunked
X-Forwarded-For: 96.9.249.34
Content-Type: image/gif
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 01qhk793t1obd5q1kei0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 317 KB
97 KB 68ms
67ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9J0988HL3V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QF22W

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e3de8b5579097cb7385259fe1838a0461bd860bea3e5fd835b8c23445cb32e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 20:55:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99124
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Mar 2024 20:55:01 GMT

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 41ms
40ms Script
application/javascript 18.238.49.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=52b5ac26c22bd2bd209d040d7465d0b7
Requested by: Host: r2finance.leadpages.co
URL: https://r2finance.leadpages.co/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-238-49-45.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-amz-version-id: uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding: gzip
via: 1.1 20292965cdbba1b959488426be2ef49e.cloudfront.net (CloudFront)
date: Mon, 11 Mar 2024 20:55:00 GMT
last-modified: Thu, 21 Dec 2023 14:58:22 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 2
x-amz-server-side-encryption: AES256
etag: W/"40097cdf413c1f1f303c66489742cb44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bZgr6rtNTN6y5IT-3YWY-ERKYHg-LgWtSjFcTfHXRrPMcQ2r9LTPiQ==

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 168ms
54ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9J0988HL3V&gtm=45je4360v869192864z86789581za200&_p=1710190498770&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTQ1Zm&cid=1713812330.1710190501&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=1&sid=1710190501&sct=1&seg=0&dl=https%3A%2F%2Fr2finance.leadpages.co%2F&dt=404%20Error&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3488
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9J0988HL3V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r2finance.leadpages.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 165ms
55ms Ping
text/plain 2607:f8b0:4004:c1f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9J0988HL3V&cid=1713812330.1710190501&gtm=45je4360v869192864z86789581za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9J0988HL3V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1f::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r2finance.leadpages.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 92ms
55ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-9J0988HL3V&gtm=45je4360v869192864z86789581za200&_p=1710190498770&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTQ1Zm&cid=1713812330.1710190501&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EA&_s=2&sid=1710190501&sct=1&seg=0&dl=https%3A%2F%2Fr2finance.leadpages.co%2F&dt=404%20Error&en=404%20Page%20Viewed&_et=5&tfd=3567
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9J0988HL3V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Mar 2024 20:55:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://r2finance.leadpages.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
443 B 56ms
56ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=zveQQV4utWirHDsq9n5tAM&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=279.9000015258789,95.5999984741211,1,208.5999984741211
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://r2finance.leadpages.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Mon, 11 Mar 2024 20:55:03 GMT
Server: Stargate
access-control-max-age: 600
Transfer-Encoding: chunked
Content-Type: image/gif
access-control-allow-origin: https://r2finance.leadpages.co
X-Forwarded-For: 96.9.249.34
access-control-expose-headers: LP-Security-Token
access-control-allow-credentials: true
Connection: keep-alive
x-request-id: 01qhk7rfcotq1hhmsj1g

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-20 19:04:36	Name: view.wVxPjLuS24uynHELZfsPrV.YnZqAcs7vPqAxVABjoh5H9 Value: 1710190499000
js.center.io/	1970-01-21 04:39:10	Name: centerVisitorId Value: ZYb4xvQqQYcsWHV4UjphC9
.r2finance.leadpages.co/	1970-01-20 19:04:36	Name: _uetsid Value: a00279a0dfe911eeaec5a5ac6a6be95b
.r2finance.leadpages.co/	1970-01-21 04:24:46	Name: _uetvid Value: a002ba60dfe911eeaeb12d7e4b518a96
.bing.com/	1970-01-21 04:24:46	Name: MUID Value: 25839D475B78658535E689785A7F649F
.bat.bing.com/	1970-01-20 19:13:15	Name: MR Value: 0
.linkedin.com/	1970-01-20 21:12:46	Name: li_sugr Value: 573875b9-e1f2-4e02-b1fd-e2a624e73452
.linkedin.com/	1970-01-21 03:48:46	Name: bcookie Value: "v=2&b3eff9c7-8f01-418c-8cf5-4ff051448e4a"
.linkedin.com/	1970-01-20 19:04:36	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2968:u=1:x=1:i=1710190500:t=1710276900:v=2:sig=AQHHWK4nT8kHMUz2v0RhnvKXvBhxc_WT"
.linkedin.com/	1970-01-20 19:46:22	Name: UserMatchHistory Value: AQIuH8qAlsriggAAAY4vTBmvoIPo_Cl9z6R5qstTP6m9PmWacVeRq2wxmqHHSpxm065Jbx906w8jTg
.linkedin.com/	1970-01-20 19:46:22	Name: AnalyticsSyncHistory Value: AQLtt_CzJRwDOgAAAY4vTBmvwSQ7fepYG4qkxbePNDPzEeSdhr1eO9EtdkboOMT3O7HGr5wmxFaN7GiIO-8dcQ
.www.linkedin.com/	1970-01-21 03:48:46	Name: bscookie Value: "v=1&20240311205500ec21fe52-eadd-4606-8982-ab313ee62fc0AQE6vwCvNDyx0vK13jdRq21HXyVkcX1n"
.r2finance.leadpages.co/	1970-01-20 21:12:46	Name: _fbp Value: fb.2.1710190500513.1139275152
.r2finance.leadpages.co/	1970-01-20 21:12:46	Name: _gcl_au Value: 1.1.193720940.1710190501
.doubleclick.net/	1970-01-21 04:39:10	Name: IDE Value: AHWqTUmkit5z41oQ0PNvYF78eg7G6MvV3Kcnmc-X1GDRJOh1D_5JywUS1T77U8w4
r2finance.leadpages.co/	1970-01-20 23:22:22	Name: __hstc Value: 212233099.076885db464304e052b1270e14101cee.1710190500987.1710190500987.1710190500987.1
r2finance.leadpages.co/	1970-01-20 23:22:22	Name: hubspotutk Value: 076885db464304e052b1270e14101cee
r2finance.leadpages.co/	1969-12-31 23:59:59	Name: __hssrc Value: 1
r2finance.leadpages.co/	1970-01-20 19:03:12	Name: __hssc Value: 212233099.1.1710190500987
.hubspot.com/	1970-01-20 19:03:12	Name: __cf_bm Value: GK6Yvd0IBwhjawwoEaFFJ2kOlJZ8MEahSWxluMIwa6o-1710190501-1.0.1.1-QRBpCXkVHhwU_jz5rd3iw8UlE9JGJH1ouDpD0rWEzNq56yIhYqZ2PVAi0CswebnNmqq8ZU6iG6FSgYwBJU7fSA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 5jw38W3o0gSap1nznPSaRulz9YZHu1XJQn_m_7Ikc9k-1710190501205-0.0.1.1-604800000
.r2finance.leadpages.co/	1970-01-21 04:39:10	Name: _ga Value: GA1.1.1713812330.1710190501
.r2finance.leadpages.co/	1970-01-21 04:39:10	Name: _ga_9J0988HL3V Value: GS1.1.1710190501.1.0.1710190501.60.0.0

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://r2finance.leadpages.co/ Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1482449758700184?v=2.9.148&r=stable&domain=r2finance.leadpages.co&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://r2finance.leadpages.co/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.hubapi.com
api.leadpages.io
bat.bing.com
cdn.iubenda.com
cdn4.mxpnl.com
connect.facebook.net
cs.iubenda.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
hits-i.iubenda.com
js.center.io
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
lh3.googleusercontent.com
public.profitwell.com
px.ads.linkedin.com
px4.ads.linkedin.com
r2finance.leadpages.co
snap.licdn.com
static.leadpages.com
static.leadpages.net
stats.g.doubleclick.net
track.hubspot.com
user.lpcontent.net
www.facebook.com
www.google.com
www.googletagmanager.com
www.linkedin.com
13.107.42.14
18.238.49.45
2001:4860:4802:36::15
2001:4860:4802:38::181
2600:141b:1c00:31::1739:5a51
2606:4700:4400::ac40:991b
2606:4700::6810:4dba
2606:4700::6810:bd59
2606:4700::6811:5a9a
2606:4700::6811:cbcc
2606:4700::6811:e7a3
2606:4700::6813:9a53
2607:f8b0:4004:c1f::9a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81f::2002
2607:f8b0:4006:820::2001
2607:f8b0:4006:824::2004
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c454::1
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.107.203.240
34.120.132.252
35.186.235.23
35.192.151.63
35.202.21.90
041739f941a6bda1ed3ebb916c5c6bdd13701617dc424f3b0fd6fb8e46962de4
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
09d982564a92075d07999eae4fb9e1e8051397e2a8ad41931df5545ed4f78777
0a8d654bc7d7b0f8b63e8fa009a185174cb87636c1311d0933967bbcd8ceb328
0efa1e4687032588dae8d6d3a00a92e504a3a14b9d1bb23c19670a47c9792110
0f28743ccf74de4f32185120dcd22349d6468b01413fa0fe55beaba0c1a8f56a
21152971983ab0f08638f7bc1619a54efd4d9f3115ffdef92c151b9b9d1a109d
283f1a420dbf7ec8c696375c52c94f5ea8adcede9c28a7d0a08c4b831fd412d2
287c6bd687162409f07cdc941c0458cfe637c9ad50c3254a6486203a75a98e3d
36e2569671518a30e97f06b180abb3d8a2e31640fb731048b8e6d4070c8e38ff
3def9a50a9e6fd7ad93a7c0b5040e4c60c15215b1b7fcf40f15e313d7f292d36
413181623e740f27f46393269fb85e8b01008b7aa1db498ebdeb1fe45b173a66
44dbbb0a1da3d1a2b3f637ba2eff82150de83164b3caf824fc0fc46633588de3
4b22e452233404585db053cc35b0375afe9279fec6a13ab9252863f18f1ba38c
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
5494ffe6a4e4683455c4ae9e3f1126a710ccad353f5ca3db2842fc2e40c81f13
5e3de8b5579097cb7385259fe1838a0461bd860bea3e5fd835b8c23445cb32e5
60f3978fd96db4f213d594e2c6b6ad6811f6ef809988c09a0050c7957b681dbc
63a9f4889487bed03e5ebcfe035afaa83a1c5ba470c0256ce2a0c17e572243fd
6468d9f1cdfa69c3978ab69eec424d11034ac3c217b596341a9986ad87ae3586
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b68baa257dae3591e46d6e9b1bbc3aef1ebb5ee112bedbd1fb418afe2a38293
7a5e046fc6bb5587483c1aa8eb98988aa233c640a04c0fe96b25918811b510c3
7c690a6ebb2eef51e8ccc66161b02197c22f388f1fc23c89e0f5c7b70e1eac50
807d72e55b4c3cb21d7bc66fb69f957218a0e3ea149492495a2403ac301e0896
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
85a881fba590ac097d83e7d5397c82c99d9538ac482af8f10a3e5886393cfc85
9da1d24acad38b9a23a0ff180b0162475b86100412f5006c869830b09938f090
af330a4df2d93651452b3ff1896b0902c235fc0667378dcb11c777979a99cf82
bd47bb5c3c79ece4cd4b9fd66d3d9e3775150737494912c71663ea52040decd8
c576c57122c107ecdd1e054c40f1c370e87fb0112fe8805b28d7dd94009c679c
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
e140ec9bbd08377b19c2bde48fb0adc3cb25430a96ee3c008e61b95f66206b57
e21a2c50512b98f3bf118815326b95419de9931513e177d5ff7b99bbcf812f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e728b195c7623d42d99725f134b28e1d5193a03159b7eed959d5b61c17bcb4ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef77a1693495d5a9674bbe9d86a224aea85ebeb31fc20d2e7a87224b2f08c063
fb8deded02f8831df1264dc17d64b34e0a04610f416a0a882ccaa680354770a5
fc78e072732d24a90a63cbcdee55789b7f3d98ef159707ba81241e76913c26fe

r2finance.leadpages.co Open in urlscan Pro 35.202.21.90 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

98 %HTTPS

74 %IPv6

25 Domains

32 Subdomains

27 IPs

1 Countries

993 kBTransfer

2876 kBSize

23 Cookies

3 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

r2finance.leadpages.co Open in urlscan Pro
35.202.21.90 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

98 %
HTTPS

74 %
IPv6

25
Domains

32
Subdomains

27
IPs

1
Countries

993 kB
Transfer

2876 kB
Size

23
Cookies

54 HTTP transactions
0 data transactions