Submitted URL: http://firstleaf.com/
Effective URL: https://www.firstleaf.com/
Submission: On July 21 via manual from US — Scanned from DE

Summary

This website contacted 65 IPs in 9 countries across 54 domains to perform 192 HTTP transactions. The main IP is 2606:4700:10::6816:2df6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firstleaf.com.
TLS certificate: Issued by WE1 on June 23rd 2024. Valid for: 3 months.
This is the only time www.firstleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 65 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.51.111.136 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 198.199.75.202 14061 (DIGITALOC...)
2 2a03:2880:f08... 32934 (FACEBOOK)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 35.244.142.80 15169 (GOOGLE)
5 35.201.112.186 396982 (GOOGLE-CL...)
1 7 35.227.244.1 396982 (GOOGLE-CL...)
3 2600:9000:235... 16509 (AMAZON-02)
1 67.225.220.126 32244 (LIQUIDWEB)
2 35.204.89.238 396982 (GOOGLE-CL...)
8 104.18.70.113 13335 (CLOUDFLAR...)
1 2 2.17.147.120 20940 (AKAMAI-ASN1)
2 2600:9000:20e... 16509 (AMAZON-02)
3 2600:1901:1:7... 396982 (GOOGLE-CL...)
1 104.18.72.113 13335 (CLOUDFLAR...)
1 18.172.112.15 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.93.125.44 14061 (DIGITALOC...)
1 2400:52e0:1e0... 60068 (CDN77 _)
1 2600:9000:224... 16509 (AMAZON-02)
1 18.172.103.101 16509 (AMAZON-02)
3 35.186.194.58 15169 (GOOGLE)
1 35.186.247.156 15169 (GOOGLE)
4 138.197.61.175 14061 (DIGITALOC...)
1 51.77.64.70 16276 (OVH)
1 2600:1f16:ebf... 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
3 104.16.53.111 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 185.89.210.90 29990 (ASN-APPNEX)
1 18.172.112.18 16509 (AMAZON-02)
1 52.223.40.198 16509 (AMAZON-02)
17 22 35.204.74.118 396982 (GOOGLE-CL...)
1 2600:9000:273... 16509 (AMAZON-02)
1 46.228.174.117 56396 (AMOBEE)
1 76.223.111.18 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 3.127.2.55 16509 (AMAZON-02)
1 1 3.68.179.29 16509 (AMAZON-02)
2 2 2600:1901:0:8... 396982 (GOOGLE-CL...)
1 2 89.149.193.89 60781 (LEASEWEB-...)
1 2 34.254.143.3 16509 (AMAZON-02)
1 52.6.254.10 14618 (AMAZON-AES)
1 23.192.153.172 16625 (AKAMAI-AS)
1 54.217.140.248 16509 (AMAZON-02)
1 34.243.185.61 16509 (AMAZON-02)
1 35.244.174.68 396982 (GOOGLE-CL...)
1 1 142.250.181.226 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.138 26667 (RUBICONPR...)
1 35.244.159.8 396982 (GOOGLE-CL...)
1 142.250.186.34 15169 (GOOGLE)
1 52.217.161.89 16509 (AMAZON-02)
1 35.190.54.17 15169 (GOOGLE)
1 99.83.128.14 16509 (AMAZON-02)
1 20.40.202.0 8075 (MICROSOFT...)
1 50.19.227.63 14618 (AMAZON-AES)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
192 65
Apex Domain
Subdomains
Transfer
74 firstleaf.com
firstleaf.com
www.firstleaf.com
images.firstleaf.com
rbv9j7km.firstleaf.com
fbapi.firstleaf.com
ct.firstleaf.com
api.firstleaf.com
4 MB
24 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 8238
i.simpli.fi — Cisco Umbrella Rank: 6968
um.simpli.fi — Cisco Umbrella Rank: 1484
13 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 554
168 KB
9 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3854
ekr.zdassets.com — Cisco Umbrella Rank: 4356
225 KB
8 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 4178
rs.fullstory.com — Cisco Umbrella Rank: 4041
79 KB
7 shop.pe
shop.pe — Cisco Umbrella Rank: 16424
shopper.shop.pe — Cisco Umbrella Rank: 22001
app.shop.pe — Cisco Umbrella Rank: 20085
12 KB
5 cybba.solutions
files1.cybba.solutions — Cisco Umbrella Rank: 66820
app.cybba.solutions — Cisco Umbrella Rank: 64475
29 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 6250
api.lightboxcdn.com — Cisco Umbrella Rank: 7255
147 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
756 B
4 cloudfront.net
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
76 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 3773
304 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
3 zendesk.com
penrosehill.zendesk.com
981 B
3 spotify.com
pixels.spotify.com — Cisco Umbrella Rank: 5057
371 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
316 KB
2 amazonaws.com
addshoppers.s3.amazonaws.com — Cisco Umbrella Rank: 27101
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com — Cisco Umbrella Rank: 188394
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6716
127 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3519
2 KB
2 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 2269
401 B
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 4127
912 B
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 910
d.agkn.com — Cisco Umbrella Rank: 1174
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3877
15 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
3 KB
2 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 2631
insight.adsrvr.org — Cisco Umbrella Rank: 1486
5 KB
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
152 KB
2 mczbf.com
www.mczbf.com — Cisco Umbrella Rank: 8195
15 KB
2 trkn.us
trkn.us — Cisco Umbrella Rank: 4730
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
154 KB
2 typography.com
cloud.typography.com — Cisco Umbrella Rank: 14479
884 B
1 nytrng.com
nytrng.com — Cisco Umbrella Rank: 13299
1 safeopt.com
manage.safeopt.com — Cisco Umbrella Rank: 33549
835 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
265 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
239 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
23 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
99 B
1 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1396
224 B
1 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
267 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1556
447 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2757
421 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885
176 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
141 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
99 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1043
238 B
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6326
441 B
1 sentry.io
sentry.io — Cisco Umbrella Rank: 196
324 B
1 firstleaf.club
rbv9j7km.firstleaf.club
408 B
1 rtb123.com
www.rtb123.com — Cisco Umbrella Rank: 50785
2 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 5688
22 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 1019
303 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1223
7 KB
0 intentiq.com Failed
sync.intentiq.com Failed
192 54
Domain Requested by
61 www.firstleaf.com www.firstleaf.com
22 um.simpli.fi 17 redirects
11 cdn.cookielaw.org www.firstleaf.com
cdn.cookielaw.org
8 static.zdassets.com www.googletagmanager.com
static.zdassets.com
5 edge.fullstory.com www.firstleaf.com
edge.fullstory.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
www.firstleaf.com
4 app.cybba.solutions files1.cybba.solutions
4 www.lightboxcdn.com www.firstleaf.com
www.lightboxcdn.com
4 rbv9j7km.firstleaf.com www.firstleaf.com
rbv9j7km.firstleaf.com
3 app.shop.pe www.firstleaf.com
3 ib.adnxs.com 1 redirects edge.fullstory.com
3 api.firstleaf.com www.firstleaf.com
3 www.google-analytics.com www.googletagmanager.com
www.firstleaf.com
3 ct.firstleaf.com www.firstleaf.com
images.firstleaf.com
3 penrosehill.zendesk.com static.zdassets.com
3 rs.fullstory.com edge.fullstory.com
www.firstleaf.com
3 pixels.spotify.com www.firstleaf.com
edge.fullstory.com
3 d2mjzob2nc713b.cloudfront.net www.firstleaf.com
shop.pe
3 shop.pe 1 redirects d2mjzob2nc713b.cloudfront.net
3 www.googletagmanager.com www.firstleaf.com
www.googletagmanager.com
2 www.google.de
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net 1 redirects
2 loadm.exelator.com 1 redirects
2 sync.smartadserver.com 1 redirects
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 challenges.cloudflare.com 1 redirects www.firstleaf.com
2 www.facebook.com www.firstleaf.com
2 js.stripe.com www.firstleaf.com
js.stripe.com
2 www.mczbf.com www.firstleaf.com
2 trkn.us 1 redirects www.firstleaf.com
2 connect.facebook.net www.firstleaf.com
connect.facebook.net
2 cloud.typography.com 2 redirects
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com edge.fullstory.com
1 b0vbfk2zr6.execute-api.us-east-1.amazonaws.com www.firstleaf.com
1 api.lightboxcdn.com www.lightboxcdn.com
1 nytrng.com d2mjzob2nc713b.cloudfront.net
1 manage.safeopt.com www.firstleaf.com
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d2mjzob2nc713b.cloudfront.net
1 cm.g.doubleclick.net
1 us-u.openx.net
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.1rx.io
1 s.ad.smaato.net
1 insight.adsrvr.org js.adsrvr.org
1 i.simpli.fi tag.simpli.fi
1 fbapi.firstleaf.com www.firstleaf.com
1 pro.ip-api.com www.firstleaf.com
1 sentry.io www.firstleaf.com
1 js.adsrvr.org www.rtb123.com
1 d2rp1k1dldbai6.cloudfront.net www.rtb123.com
1 files1.cybba.solutions www.rtb123.com
1 rbv9j7km.firstleaf.club rbv9j7km.firstleaf.com
1 ekr.zdassets.com www.firstleaf.com
1 tag.simpli.fi www.googletagmanager.com
1 www.rtb123.com www.firstleaf.com
1 cdn.pdst.fm www.firstleaf.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 images.firstleaf.com www.firstleaf.com
1 static.cloudflareinsights.com www.firstleaf.com
1 firstleaf.com 1 redirects
0 sync.intentiq.com Failed
192 75
Subject Issuer Validity Valid
firstleaf.com
WE1
2024-06-23 -
2024-09-21
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.google-analytics.com
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
cloudflareinsights.com
WE1
2024-07-06 -
2024-10-04
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.getrockerbox.com
*.getrockerbox.com
2019-06-06 -
2049-05-29
30 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-29 -
2024-07-28
3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04
2024-06-19 -
2024-12-16
6 months crt.sh
cdn.pdst.fm
WR3
2024-07-15 -
2024-10-13
3 months crt.sh
edge.fullstory.com
WR3
2024-06-28 -
2024-09-27
3 months crt.sh
rtb123.com
R10
2024-06-28 -
2024-09-26
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
zdassets.com
E6
2024-06-29 -
2024-09-27
3 months crt.sh
www.mczbf.com
Amazon RSA 2048 M03
2024-04-20 -
2025-05-19
a year crt.sh
*.spotify.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-05 -
2025-02-04
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-06-21 -
2024-09-19
3 months crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
files1.cybba.solutions
R10
2024-07-11 -
2024-10-09
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
rs.fullstory.com
WR3
2024-06-29 -
2024-09-27
3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-22
a year crt.sh
*.cybba.solutions
Sectigo RSA Domain Validation Secure Server CA
2024-06-17 -
2025-07-18
a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh
fbapi.firstleaf.com
Amazon RSA 2048 M02
2024-05-20 -
2025-06-19
a year crt.sh
penrosehill.zendesk.com
E5
2024-07-12 -
2024-10-10
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
*.shop.pe
GlobeSSL DV CA
2024-06-13 -
2025-06-13
a year crt.sh
*.g.doubleclick.net
WR2
2024-06-24 -
2024-09-16
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.safeopt.com
GlobeSSL DV CA
2024-05-17 -
2025-06-14
a year crt.sh
nytrng.com
Amazon RSA 2048 M03
2024-02-23 -
2025-03-23
a year crt.sh
api.lightboxcdn.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1
2024-04-28 -
2024-10-28
6 months crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon RSA 2048 M02
2024-04-22 -
2025-05-20
a year crt.sh
*.google.de
WR2
2024-06-24 -
2024-09-16
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.firstleaf.com/
Frame ID: BF3FE908A23B7CA75B286EB1AC98BFBC
Requests: 223 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Frame ID: 214137AC90BD5318CE2012443AF2DDCF
Requests: 9 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: BBA81C31C15724B0A5F7466074A47C52
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: CEC2E0EB2E854CA89B17AC90FA858B94
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: DB10B3F7DB5577689A2929A609151DA9
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 4718BD2C72396BCBEE05599F9CF14117
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=l7cyjy0&ref=https%3A%2F%2Fwww.firstleaf.com%2F&upid=hm2fj8w&upv=1.1.0
Frame ID: 5851CE65F6D610EADFBC899B9F236CFC
Requests: 1 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=97d1f55ad2394eea8c52f45f27b294b1
Frame ID: 7601F2FFBA2C094F0172BD1EBF689291
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

America's #1 Awarded Wine Club Subscription - Firstleaf

Page URL History Show full URLs

  1. http://firstleaf.com/ HTTP 307
    https://firstleaf.com/ HTTP 301
    https://www.firstleaf.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

192
Requests

84 %
HTTPS

39 %
IPv6

54
Domains

75
Subdomains

65
IPs

9
Countries

5466 kB
Transfer

18023 kB
Size

59
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://firstleaf.com/ HTTP 307
    https://firstleaf.com/ HTTP 301
    https://www.firstleaf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cloud.typography.com/7410416/6307592/css/fonts.css HTTP 302
  • https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Request Chain 55
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 60
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737;ip=45.141.152.75;cuidchk=1
Request Chain 140
  • https://cloud.typography.com/7410416/6307592/css/fonts.css HTTP 302
  • https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Request Chain 148
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/b/bbfecc7f1c71/api.js
Request Chain 186
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=293B723C58454445AA1DB7E297C13247
Request Chain 187
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/293B723C58454445AA1DB7E297C13247
Request Chain 188
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=293B723C58454445AA1DB7E297C13247&dongle=yf3
Request Chain 189
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=293B723C58454445AA1DB7E297C13247
Request Chain 190
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247
Request Chain 191
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=293B723C58454445AA1DB7E297C13247 HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1721577284145&ip=45.141.152.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217053104950003104647 HTTP 302
  • https://um.simpli.fi/aa_px?sk=217053104950003104647 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 192
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=293B723C58454445AA1DB7E297C13247
Request Chain 195
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=293B723C58454445AA1DB7E297C13247;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=293B723C58454445AA1DB7E297C13247;mimetype=img;sr HTTP 302
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Request Chain 196
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0&xl8blockcheck=1
Request Chain 198
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=293B723C58454445AA1DB7E297C13247
Request Chain 199
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=293B723C58454445AA1DB7E297C13247
Request Chain 200
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=293B723C58454445AA1DB7E297C13247
Request Chain 201
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=293B723C58454445AA1DB7E297C13247
Request Chain 202
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=293B723C58454445AA1DB7E297C13247
Request Chain 203
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1721577283951&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI3-fek7-4hwMVR10eAh0vBAreMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5maXJzdGxlYWYuY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI3-fek7-4hwMVR10eAh0vBAreMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5maXJzdGxlYWYuY29tLw&is_vtc=1&cid=CAQSGwDaQooLPGQGTOD-khR6gUb1KLuWdBIv4CBW1w&random=3939032852 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI3-fek7-4hwMVR10eAh0vBAreMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5maXJzdGxlYWYuY29tLw&is_vtc=1&cid=CAQSGwDaQooLPGQGTOD-khR6gUb1KLuWdBIv4CBW1w&random=3939032852&ipr=y
Request Chain 205
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=293B723C58454445AA1DB7E297C13247 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D293B723C58454445AA1DB7E297C13247
Request Chain 206
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=293B723C58454445AA1DB7E297C13247&expires=365
Request Chain 207
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=293B723C58454445AA1DB7E297C13247
Request Chain 234
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVNWv71863389za200&auid=1282219553.1721577288 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVNWv71863389za200&auid=1282219553.1721577288

192 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.firstleaf.com/
Redirect Chain
  • http://firstleaf.com/
  • https://firstleaf.com/
  • https://www.firstleaf.com/
2 MB
332 KB
Document
General
Full URL
https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74336c8a158717a962cd1c6794e823625131d1ab5b554b8cec80ff48f87374a9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a6c5ef2fa3e9040-FRA
content-encoding
br
content-type
text/html
date
Sun, 21 Jul 2024 15:54:40 GMT
last-modified
Sun, 21 Jul 2024 08:14:48 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
x-amz-cf-id
kMtRRxxwFkECAJKR5OQePl-N8xVgUmwyCW_v97nehb6Uh2Y9xJiAOg==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

cache-control
max-age=3600
cf-ray
8a6c5ef2b9fd9040-FRA
content-length
167
content-type
text/html
date
Sun, 21 Jul 2024 15:54:40 GMT
expires
Sun, 21 Jul 2024 16:54:40 GMT
location
https://www.firstleaf.com/
server
cloudflare
vary
Accept-Encoding
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
PzcU3Ivp6w0l3AsetHXgNw==
age
29535
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:33:57 GMT
server
cloudflare
etag
0x8DCA760913FE7B3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f4bdf33c-c01e-00f4-5f0c-dab666000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef648a492b4-FRA
42EAA430EACBA7411.css
www.firstleaf.com/fonts/863556/
Redirect Chain
  • https://cloud.typography.com/7410416/6307592/css/fonts.css
  • https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
207 KB
156 KB
Stylesheet
General
Full URL
https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd78e291a52c0f56b572cac3e374c61ef924d7ddfffe94be1cf408fbf706b70

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Jun 2023 18:04:56 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"51ffa87e0ce0e4d9ad3ab7a793f98c04"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=14400
cf-ray
8a6c5efc2d259040-FRA
x-amz-cf-id
u_w1_F9tSgree1vq8oZo6JwwgKEwXP1qiYRD0weLnXUcmcqjp9uEdQ==

Redirect headers

Date
Sun, 21 Jul 2024 15:54:41 GMT
Last-Modified
Tue, 13 Jun 2023 18:10:29 GMT
Server
AkamaiNetStorage
X-HCo-pid
19
ETag
"9a52622c3b0b353cd052a5e4518bd213:1686679828.962264"
Content-Type
text/html
Location
https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Sun, 21 July 2024 15:54:41 GMT
gtm.js
www.googletagmanager.com/
403 KB
118 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2eaad8b2aaf227eecb45b0c8e185b3ca0d373d3a6dc89666cab0c0421972db18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120448
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
90pts-15e4ebaa7e7b9b01d8b91feb293cd430.png
www.firstleaf.com/static/
14 KB
14 KB
Image
General
Full URL
https://www.firstleaf.com/static/90pts-15e4ebaa7e7b9b01d8b91feb293cd430.png
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29096421d65f89dbc13eae16c384c9740d9501763d3e205b640ec6c8ec9ddead

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 fbd2b51fce9ee4f3aa7b93dbbda3d698.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14042
last-modified
Wed, 24 Aug 2022 12:51:54 GMT
server
cloudflare
etag
"f9402bea176c89b78d9e749da3df939b"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef65e5e9040-FRA
x-amz-cf-id
Y0vUSv67J1C1bHA3vXmoSVA_k477g_hkHoNmZoz3v2PVpx15-gZATg==
email-decode.min.js
www.firstleaf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
874 B
Script
General
Full URL
https://www.firstleaf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8a6c5ef65e619040-FRA
expires
Tue, 23 Jul 2024 15:54:41 GMT
app-c1b26f80c8b1379ad2e2.js
www.firstleaf.com/
7 MB
2 MB
Script
General
Full URL
https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1a06654ac6458de0dbc89a066f1478272ac72382321b8e1d7f159a4456a4dfc

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 9eb1733bea847c3a8f4910adebcc8146.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
11200
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sun, 21 Jul 2024 08:14:48 GMT
server
cloudflare
etag
W/"13856a543704982f1c8347847ce5aeca-2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5ef76fbd9040-FRA
x-amz-cf-id
82Uu8uzzyCqNmh2V7rSL-xX-W8nPPPFFeHVlakhtGuxVnrdxlWurjw==
bd1a647f-3cbc32d3695f56664f1e.js
www.firstleaf.com/
100 KB
31 KB
Script
General
Full URL
https://www.firstleaf.com/bd1a647f-3cbc32d3695f56664f1e.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a407c0f83e7696f22215e8cc9bebdb90f0348e9febb3e129e6246470bc4aa1b

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 7662c8abc46b26b811683f946db8d376.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
VIE50-P3
age
249482
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 25 Jun 2024 14:37:34 GMT
server
cloudflare
etag
W/"1d3405082538de9c81f78dace62cb5e3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5ef76fc89040-FRA
x-amz-cf-id
501p4CApV3MzFNLb-Dc5ckOgOLX3u28DUDOtzoAL8sfv6WlWajuYWg==
framework-a08bc9de2f7ae97b3053.js
www.firstleaf.com/
146 KB
46 KB
Script
General
Full URL
https://www.firstleaf.com/framework-a08bc9de2f7ae97b3053.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292105f3e2b9986f0cd0ccdbd5e7b6c77ac28631b7177931cc503b6a131a9496

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 c2c44e18165da827386e0ed36aeea344.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
672185
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 04 May 2024 08:16:28 GMT
server
cloudflare
etag
W/"fc7b78db7bf9648a0640f7723a6613ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5ef76fce9040-FRA
x-amz-cf-id
m3hCTw3OOhhOgmi2SfK8-oCGMMQZnOGI0aLzYGkCqGA51WASs1o6Fg==
webpack-runtime-36e5269afc4572b4249c.js
www.firstleaf.com/
4 KB
2 KB
Script
General
Full URL
https://www.firstleaf.com/webpack-runtime-36e5269afc4572b4249c.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28da1f0f9ade1d419632994c15025dca795a9a8280d5ff274971379dbdc29bda

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 7b85fc567b776c0d31c5ac07cc6c2ae6.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
104590
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 19 Jul 2024 15:45:40 GMT
server
cloudflare
etag
W/"c39aacc19aab518aaf321c4c27ffbe1b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5ef76fd39040-FRA
x-amz-cf-id
Ksg12bGiKgQT4evxCkcWfW2MMPZ7AlA99HtYdW11astWT-ZQ0xr2tw==
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
server
cloudflare
etag
W/"2024.6.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
8a6c5ef79fec3620-FRA
d59f7da2-0cea-4d7b-9f00-32f1d3392306.json
cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/d59f7da2-0cea-4d7b-9f00-32f1d3392306.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5079c2044ec67bf73a5e412ccd6a94937df21a933b67aa05537651d828b08688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
100
content-md5
VUgUDxTIPqfnxbrARuTO+A==
content-length
1814
x-ms-lease-status
unlocked
last-modified
Tue, 20 Feb 2024 20:31:55 GMT
server
cloudflare
etag
0x8DC3252FAC58192
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fe39f0cf-301e-00a2-413b-64039a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef6eb483a84-FRA
expires
Mon, 22 Jul 2024 15:54:41 GMT
sp-at-v2-14-0.js
images.firstleaf.com/js/
98 KB
30 KB
Script
General
Full URL
https://images.firstleaf.com/js/sp-at-v2-14-0.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 04:28:00 GMT
server
cloudflare
x-amz-cf-pop
FRA60-P9
age
100
etag
W/"8dba669b94e3865c9205ef8fd15ee4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8a6c5ef77fef9040-FRA
x-amz-cf-id
CEpyLXAxbROKHZoJxCCTpXqB64u7EOAZcmGctzqFsviAco_iG-5oow==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
66 B
303 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
8a6c5ef7a98f1ca3-FRA
access-control-allow-headers
Content-Type
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db72946d7e5de9f5eedf02409003a70621fb312a412b20ad7101dce429f4c660

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0957d3f57a55721932bb9108206408cf1ab73cb07b68c906b0bae5b33d6c86da

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
370 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
265ee206b3bbec34580c9ccd3d5c99b07aab46a6979b8b6c6d8ad7795ec8d29c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d47e495f9f683e26f67a8757fdd6053f8a9bc1d95d1ffe1c69358567105a44

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
613 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76390c8f01397fe473dd1a9689e94caea2a001592c7b71bc85410c388078d304

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1cef3c9f2d582f913f12a16fe304c7d64bd80739793a9bf8d7d8978c311e294

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
304 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
752b0df67450b460c6070644d74502a5ee3bf5f7681cde08b88b9a565ea7d900

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75abe68aefa57c71e32c2a41bc8d4e55918f581d76029cd09184f4a686e16885

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef7c3ec15e1e423c22bab123027bd62ff8d14d0905051478fd115c3fcf482d56

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
320 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df4915a52982babc1ba87778cb1c1d68184fee5fe5d8133daf63ee37916d6b4e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84202b70bdd60a2d4d292c955cb907a98ff6c96939d043aa3aeb73cddb7ff14a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b1cfc36a0f3d40f2e7750ec4c544c44148745f86a584b49f4a73eb615be70e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb90630563e30e234ad66a39f4fe11f207a37232dd0b8de2e045299a41166a4b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12a71a8d2d1307f74607a807ceb66a66f427a11d65538021190b620efcb0bb3e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49e44366a56a91fd7870e6427b68d01a63cf56679eb0d5406542b6244bb379fb

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1045430f393626478daa15a99c433956371eb7363b26a5239f721f014ba52fa0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
258d39625e15cbce053f80b72dc2f7ca999fc5a6943fb10e75e3cb2126be996e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
248545e3f805a6f3ff979c55e0e3951a2fa6f1018529b99f291e93c7a803ee1d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
631 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3235f2fbf9e2142357ed4a2a96e684976b5c0928dfe3419edde88e9b030678f9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5bb6b017ac0ac368ddddd713df7f918eeb1d86fbe3ef7895f040f170b15699

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
671 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eb1ca83acf3409e1a0553e0d84cec3787630361ec5668dd1dde93860f3bc357

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5e3256799bc9eb6a1ad57001ad69b0946e4532d103092dd0557c02d84e6b4a7

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
492 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
623c33b9ef9f3871f596b2f721d622b8c4a530b147cc6a9ec2e405f89fe68f7a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d5ac92cc9565d62cd713fe2d946793ffb805012b57f610830403afb67907030

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
568 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02d0cddb81ecbfffffc3b2eba469a45372e7cc0244222faa422b502b3046a509

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
delish-logo.webp
www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/
5 KB
5 KB
Image
General
Full URL
https://www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/delish-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fef107653c701e27e261629b2811d42812092e1a84dd37cf78505f2fc8b9263

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5296
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"6635b416d10084f4b359d8540323ee89"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef808af9040-FRA
x-amz-cf-id
_0JnbPCIB7scVoNwiwQ0eMmG1tYR4tiPCgTVO3fSr2cwtGjAoXOEwg==
et-logo.webp
www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/
2 KB
3 KB
Image
General
Full URL
https://www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/et-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b3af7627754fb77e81a93ea2f16b79b2031053d89874185cae2c56a483d08c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2556
last-modified
Wed, 24 Aug 2022 12:52:01 GMT
server
cloudflare
etag
"accddb4eea8a3c48a125329a5bd884d7"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef808b39040-FRA
x-amz-cf-id
DEnNxKyoEapQmA6zNOl-_kx0DB2LtVF9RBHSiHJJ4CxIaUJK_woLcg==
refinery-logo.webp
www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/
9 KB
10 KB
Image
General
Full URL
https://www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/refinery-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205c86a65825a5cae580606dc8db260aba5150e8e664ce82429210373dc55500

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9686
last-modified
Wed, 24 Aug 2022 12:51:48 GMT
server
cloudflare
etag
"a0edff43f8f9820869016fff9c1a9a3c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef808b49040-FRA
x-amz-cf-id
6YYpaIXiUsvHbKSB6hs-yHRaRu-Tt-CUj2p-03Wj7oOuQedRNYLRJw==
gq-logo.webp
www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/
3 KB
4 KB
Image
General
Full URL
https://www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/gq-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1415968c3140de6e284d1cfb23dea33007c6a6d330266e79285435391c5eb6ea

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3406
last-modified
Wed, 24 Aug 2022 12:51:51 GMT
server
cloudflare
etag
"ea5cc5225df2bdbb32b7a3af8e073f65"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef808b59040-FRA
x-amz-cf-id
QU7yC5eiBm1xQcs-wQ1ynNdAl0WXOqLhVzULW4LcSSX4q61qNnacxA==
vogue-logo.webp
www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/
5 KB
5 KB
Image
General
Full URL
https://www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/vogue-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daefedd2e398c22660777ab5ef9484f17e983582e7e37acf86eedc070939b5b1

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 6941fd25181b0a23e67d60483416069a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
VIE50-P3
age
188925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5128
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"cd9b8702000743983c55087bec7f8368"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef808b79040-FRA
x-amz-cf-id
AnpL8x5xh1InnByNrIUjYGZzMmIovnH2r-cyFtk-MvK7IHuVaxwjrg==
paste-logo.webp
www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/
5 KB
6 KB
Image
General
Full URL
https://www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/paste-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0984caa842a2742f3271f93672d42f9710b94712e52e03afe8cc48cd508f30c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5554
last-modified
Wed, 24 Aug 2022 12:51:46 GMT
server
cloudflare
etag
"670421e827b7cbfe23cd872e5f62c362"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef828e19040-FRA
x-amz-cf-id
q3zQ4DTY9SlUnBUCoadxNl3SD1uDzKnaVWMLxKb4BQVv4_WViJLMng==
how-it-works2.webp
www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/
206 KB
207 KB
Image
General
Full URL
https://www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/how-it-works2.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d7a648ca04cccfc1f7353206a38dfb8e8d83917581b6e4aabbb32fdf96d7b4

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 e030504e72fa75d92c1856a58b964932.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
211450
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"892a48fc8555d05a705468590846d6b4"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef828e49040-FRA
x-amz-cf-id
IorrbzjFQDPwMoelqDCITDHMF_bY5twkxP6I0bnlEfltCfYq10ripQ==
wineprint-in-mobile.webp
www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/
22 KB
22 KB
Image
General
Full URL
https://www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/wineprint-in-mobile.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22690
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"4ca1653d35f298be8a4317172979871c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef838ea9040-FRA
x-amz-cf-id
QgNNqhRuiUAaOuwfuKOh0SZvjXwda85FbFwt-_XkLTAPlmdwabDkCw==
sat-guaranteed.webp
www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/
35 KB
35 KB
Image
General
Full URL
https://www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/sat-guaranteed.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f7f75ba1ead3c1ec7462a8b611d4134ea5e35a55548555ae8740e09e53eb25

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35550
last-modified
Wed, 24 Aug 2022 12:51:50 GMT
server
cloudflare
etag
"cd6ee276c1e8d292afd03e3891f9b8a2"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef838f09040-FRA
x-amz-cf-id
zgaq0spLZljioKDEyRMdi3yu7Go4wsF_7Pnlkl3MAwx6q08z4agZDw==
new-wines.webp
www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/
51 KB
51 KB
Image
General
Full URL
https://www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/new-wines.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3fcf5221eab4ec22a205ce0368fc823df1f7331a19358975166ae170978973

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52056
last-modified
Tue, 04 Oct 2022 15:55:48 GMT
server
cloudflare
etag
"101e5f85d968afd3c0d4cbcab3491acb"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef838f49040-FRA
x-amz-cf-id
1XYb2CmyUVYnIoJYRIKgnUyLzIhMssGnh1Jnw_DvGSPecx5Ua8NgWw==
js
www.googletagmanager.com/gtag/
345 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1659eb87293cd28a8f92ff217674be95e4485ca50eb7195b00a3c6e65236e263
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109274
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 21 Jul 2024 15:54:41 GMT
wxyz.cs.js
rbv9j7km.firstleaf.com/assets/
49 KB
11 KB
Script
General
Full URL
https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.199.75.202 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
metrics.production.nyc1.004
Software
openresty /
Resource Hash
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:41 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
fbevents.js
connect.facebook.net/en_US/
224 KB
60 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jul 2024 15:54:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1328, tbw=2770, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma
public
x-fb-debug
Mo42chobKZER2OziwIzXQhMmLiCbr1srb7N2+bf0yUM6yzsuwR1nCv9Vl4ridyrOEjmLsOg+gI7zqShyzjrQuQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
49 KB
14 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Sun, 21 Jul 2024 15:54:40 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7137A17EB9DD4FB8913EF4D234ABE683 Ref B: FRAEDGE1822 Ref C: 2024-07-21T15:54:41Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
ping.min.js
cdn.pdst.fm/
22 KB
22 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:38:20 GMT
age
981
x-guploader-uploadid
ACJd0Npb2YzrstzIqXvPnnoyGCygBGQzj7CikV5K8s0-GBmtvcK3KfuhsJf1BwGgltGewwCIrVk
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22096
last-modified
Tue, 25 Jun 2024 13:55:49 GMT
server
UploadServer
etag
"4eddeec95afda969b3d1b2fb970c1eb1"
x-goog-generation
1719323749654301
x-goog-hash
crc32c=NZyeaA==, md5=Tt3uyVr9qWmz0bL7lwwesQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
22096
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 21 Jul 2024 16:38:20 GMT
fs.js
edge.fullstory.com/s/
281 KB
76 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:24:41 GMT
content-encoding
br
age
1800
x-guploader-uploadid
ACJd0NrdlrdDRz5LCjTJxldUx28_AxBy0xXYyQUcL_3yYrJHoAZz-jP-vit1U-fzMBNJEHuaR88
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77295
last-modified
Wed, 17 Jul 2024 16:21:25 GMT
server
UploadServer
etag
"095e0583b9f0b77dcfabda986e21c5e4"
vary
Accept-Encoding
x-goog-generation
1721233285230102
x-goog-hash
crc32c=oVnvFg==, md5=CV4Fg7nwt33Pq9qYbiHF5A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
77295
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Jul 2024 16:24:41 GMT
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Server
2600:9000:2359:5e00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee5805bff54a481969d8cf1293365d0f9dafe5704af66e89d7e5b40b1eccffa6

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:34:09 GMT
content-encoding
gzip
via
1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
1232
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1194
last-modified
Mon, 15 Jul 2024 14:00:33 GMT
server
AmazonS3
etag
"e0ebcb6efc676e2aba62aae237e84755"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
KCXDD1zg216txvIqRjBFdlugC3_K-fBeYy0xGD7RTT7_fuBSpPZNJA==
x-amz-meta-mtime
1721052030.1

Redirect headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
btp.js
www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/
5 KB
2 KB
Script
General
Full URL
https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS
host.rtb123.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 18:43:00 GMT
server
Microsoft-IIS/10.0
etag
"092bb8ef317da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1649
4f1bd082-d454-42cb-bafd-026640e9800e
tag.simpli.fi/sifitag/
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.89.204.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F-RFaohUf4dWZDi3TRyD
expires
Thu, 01 Jan 1970 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
58
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5xygMJNdhdu8A7lTesPu8TPuRSuWG4MjYUB3NgIRgE2Xla%2Fk49%2BrKj%2ByNbxZObNBrhx%2Fn424Wjvt%2FClzUBVBCMTbYvzHUohoZVVFufjR3XZLFpk1JE65ghC%2B3RRBCpBdE3Z%2FnQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8a6c5ef8b9b93a86-FRA
access-control-allow-headers
*
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.2.0/
429 KB
104 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65012dbad33bb892a9d4eebcebd61daeba685db0d4e49af74bbd1a26dbc7d61c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/uAp/tjl0E0OrWvE5WYCuw==
age
66213
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106699
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:25:43 GMT
server
cloudflare
etag
0x8DCA5DDD9C832F7
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
2bc598e4-801e-0070-79c7-d7e04e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef82b8a92b4-FRA
ppt=18168;g=landing_page;gid=41654;ord=1923741737;ip=45.141.152.75;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737;ip=45.141.152.75;cuidchk=1
42 B
721 B
Image
General
Full URL
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737;ip=45.141.152.75;cuidchk=1
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Server
2.17.147.120 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-147-120.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 21 Jul 2024 15:54:41 GMT
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location
/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1923741737;ip=45.141.152.75;cuidchk=1
Date
Sun, 21 Jul 2024 15:54:41 GMT
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
tag.js
www.mczbf.com/tags/11334/
47 KB
15 KB
Script
General
Full URL
https://www.mczbf.com/tags/11334/tag.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5400:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6d4001e9c4b70065299a9aac670bef2ceab981cc6a57a5a30d6e34b2ec3a4b20

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:35:55 GMT
Content-Encoding
gzip
Via
1.1 172e63b20fb363ed969de28ae3937e20.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
Age
1126
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=1800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
fYXS8tyWqqR6fvuy8Cc4wu0NJlZz5vMPftwC0jhRbi9gy9-J4FL5iA==
X-Request-ID
eb73eaac-4776-11ef-bc96-eb8aeb4d0249
1669030446688031
connect.facebook.net/signals/config/
309 KB
95 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1669030446688031?v=2.9.162&r=stable&domain=www.firstleaf.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ebaf45603a9d70c8c35cd0c6997781cb50559698029586677fdfe4f47f3912ab
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 21 Jul 2024 15:54:41 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=64, mss=1328, tbw=64182, tp=-1, tpl=-1, uplat=563, ullat=0
pragma
public
x-fb-debug
0hyabtiwx45endRc8uKgX3q3slpj4T3LzXL6Gz6niaZeiqG4kM6TlumWEPBu01phayI4juc348lr2JN+ATbqiw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ingest
pixels.spotify.com/v1/
52 B
271 B
Fetch
General
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
70466ab4ea33c0e8b4ef42de95eb6a04f2f3c413695c2c49e4bd55d8e76d42f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
grpc-status
0
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
grpc-encoding
identity
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.firstleaf.com
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grpc-accept-encoding
gzip,x-snappy-framed
ingest
pixels.spotify.com/v1/ Frame
0
0
Preflight
General
Full URL
https://pixels.spotify.com/v1/ingest
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-origin
https://www.firstleaf.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 21 Jul 2024 15:54:41 GMT
server
envoy
vary
Accept-Encoding
via
HTTP/2 edgeproxy, 1.1 google
5565374.js
bat.bing.com/p/action/
334 B
406 B
Script
General
Full URL
https://bat.bing.com/p/action/5565374.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Sun, 21 Jul 2024 15:54:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A790CA83A83D4338BC55B5ABC17F4DB9 Ref B: FRAEDGE1822 Ref C: 2024-07-21T15:54:41Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
en.json
cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/2e7c8b06-d602-4a88-beb5-ebeaca523976/
55 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/2e7c8b06-d602-4a88-beb5-ebeaca523976/en.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b62d8bb6ef0f7b2aaaffc6023c4c9f2de1a262a77cdbf55c0da18ff9a992a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
72629
content-md5
QRaoFyV4sBeQMNGFOhNHTg==
content-length
13926
x-ms-lease-status
unlocked
last-modified
Tue, 20 Feb 2024 20:32:08 GMT
server
cloudflare
etag
0x8DC3253023AF6B0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
88b30b95-a01e-0009-5169-797c50000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef90e333a84-FRA
expires
Mon, 22 Jul 2024 15:54:41 GMT
web
edge.fullstory.com/s/settings/134SPF/v1/
9 KB
3 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/134SPF/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e0607b0f050aa66d6a5c0dd12433fe3d4628a913c9875d62da6291cc38bc90ad

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-guploader-uploadid
ACJd0NqY3te6acIhqceRqePnVo0BINSs4ceqhl6CBZp2jdZuikBrSKyuEtijdfdLfZsJWJSTC8ENQO2XdA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2296
last-modified
Sun, 21 Jul 2024 15:50:47 GMT
server
UploadServer
etag
"f4ecb1e0919f2c3c385f239337c7a046"
x-goog-generation
1721577047288904
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=yUpbRQ==, md5=9Oyx4JGfLDw4XyOTN8egRg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
2296
accept-ranges
bytes
expires
Sun, 21 Jul 2024 16:09:41 GMT
0
bat.bing.com/action/
0
176 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=4b59eb22-ffa8-4a22-bdca-433f0623c0cf&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&p=https%3A%2F%2Fwww.firstleaf.com%2F&r=&lt=948&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=419834
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 15:54:40 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8B0ED63D044F4E35A106C2202161A281 Ref B: FRAEDGE1822 Ref C: 2024-07-21T15:54:41Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cedcf9e11f78c650a34bf15fbc9086e1a5dd16f90c23f6f0e3032754cce56e24
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
8a39f407ddab0ded-SEA, 8a39f407ddab0ded-SEA
x-runtime
0.013511
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"cedcf9e11f78c650a34bf15fbc9086e1"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jvGq48r13Wjj3pmz0k1%2FOwiQXS4JHBYzIRA%2Fg2k85M7HrjDptA8DpBJh7n0QgsYjVw1m1bxDXhbvMl1nm3yEBhyvIFUM3ZCdiJadmMGq0UQmqwZvex3UecR1YhdGaMccn3Y%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8a6c5ef9cb6771cb-FRA
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Rtw1HeKUT+s7FdllH11+Yg==
age
81220
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:25:36 GMT
server
cloudflare
etag
0x8DCA5DDD59B23DE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
09e36741-e01e-00c1-5c8a-d81833000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef9aef83a84-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcCenter.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dOHFt43DsGfQFfw+9sW+nA==
age
100
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12694
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:25:39 GMT
server
cloudflare
etag
0x8DCA5DDD6EB56A7
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
80d5ab34-c01e-00f4-116c-d8b666000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5ef9aef93a84-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
81241
x-ms-lease-status
unlocked
last-modified
Tue, 16 Jul 2024 21:25:49 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
68e42b78-801e-00da-1e7f-d836a1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a6c5ef9aefa3a84-FRA
pageInfo
www.mczbf.com/11334/
68 B
546 B
Fetch
General
Full URL
https://www.mczbf.com/11334/pageInfo
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:5400:16:4ed5:12c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept
*/*
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Sun, 21 Jul 2024 15:54:41 GMT
Via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
h12bzPs9EvalfYniq3ZYMetpUmryR-gamTOmljwxnXu-XH0oLq4sXQ==
X-Request-ID
8ab7f048-4779-11ef-8869-3b8b7188812b
v3
js.stripe.com/
624 KB
152 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-15.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
87ec8ad9643bd5ba302938d2cbdfab36b0c7aab73dd74605c1409fd9c1a5e446
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:53:49 GMT
content-encoding
br
via
1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
56
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 19 Jul 2024 21:01:32 GMT
server
Cloudfront
etag
W/"e644e0033dadfd876f23970895af383a"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
leUM9YdKXJJuCUo1ZseNbuKyaU-0_To6U5xa-znhSBDrEgVJ7IvvXw==
43-045885a313a9d7be16f4.js
www.firstleaf.com/
95 KB
24 KB
Script
General
Full URL
https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/webpack-runtime-36e5269afc4572b4249c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d119667c2e81e94f2b472e140074e3f61ad2e1344fc9a426c65a74f840cc803

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 8be6e843d0ee8ff03a0a07d811ce5bf8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
529614
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 17 Apr 2024 16:38:46 GMT
server
cloudflare
etag
W/"ed82ab776b0de7517f560e99aa00e706"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5efa8b819040-FRA
x-amz-cf-id
dsbdpwv1UZB2t8IshutZIGqzkjgUer3abt1ypaSKSxqQcPeynAQJ5g==
app-data.json
www.firstleaf.com/page-data/
50 B
356 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/app-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c56822b00e400b600ab3ff2bf993011a97315a3ef02eeb7a7a2bb936772ae43

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Sun, 21 Jul 2024 08:14:49 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"9c84067d9df443052458ee0a1547ebf6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efa8b869040-FRA
x-amz-cf-id
_lRtEhRKHqSYmt8l-_8KpRc4TRYk9tD8tD40Pb5nLLo7GRM6ZIzm1Q==
page-data.json
www.firstleaf.com/page-data/index/
467 B
454 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/index/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8f44264d68c7262a98c0ff3408e35c98df3173b17e4d4274554ba2050d7e4b

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"80cacce87d148cf2fd3151134632c48c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efa8b879040-FRA
x-amz-cf-id
DI_JjjgCiKZZByHKB9efWuQ-srzwbGLDUiTW_J9qUcnXAVYECckjbQ==
lightbox_speed.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
3 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1721577281839
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe6fff22e3c106457a1e72c5532d591789fa9f4e4c4db669bb6b07e45c9a738d

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
EC1m5qwg0pgvKFFw2Zvo2A==
cf-polished
origSize=5010
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 17 Jul 2024 21:21:02 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a04717bf-001e-006f-2e8f-d8b0e4000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
8a6c5efbcd34a079-FRA
expires
Sun, 21 Jul 2024 15:55:42 GMT
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/
11 KB
4 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:5e00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 14:01:31 GMT
content-encoding
gzip
via
1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
525191
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3876
last-modified
Mon, 15 Jul 2024 14:00:34 GMT
server
AmazonS3
etag
"ede3a7d01454b0b4c5ab599bb9f83880"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
10l4fZElnPuhVYkdlxcxj32nF9jQpBv4NmfbTF_C1cNVc3p3DQXa3A==
x-amz-meta-mtime
1721052030.08
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
600 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
1161
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:33:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
d78c495a-401e-00ee-5b8b-d99909000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a6c5efb98c292b4-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
495 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
14153
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:33:59 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
be4997d4-801e-0059-025b-d9960c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a6c5efba9b83a84-FRA
FL_Logotype_Purple_(3).png
cdn.cookielaw.org/logos/627cf43a-de0f-4b49-ad3a-54a9f94ef23e/8eb1dbf4-acc5-45da-85f8-9badfdf81305/49b98577-e68a-467a-877e-9da063be58e4/
17 KB
17 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/627cf43a-de0f-4b49-ad3a-54a9f94ef23e/8eb1dbf4-acc5-45da-85f8-9badfdf81305/49b98577-e68a-467a-877e-9da063be58e4/FL_Logotype_Purple_(3).png
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd678871d5c502175e5233f33bb7c2cb09eda96eebfa139f527b72683f8b92b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kb6My5twzXAEkxk7pZWjFQ==
age
13849
content-length
17202
x-ms-lease-status
unlocked
last-modified
Wed, 29 Jun 2022 19:40:58 GMT
server
cloudflare
etag
0x8DA5A074A2ECBDD
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d2af33d1-801e-0031-4f72-79d890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5efbb8e292b4-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
56139
x-ms-lease-status
unlocked
last-modified
Thu, 18 Jul 2024 19:34:00 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ccc69fb3-601e-0053-080e-da8f85000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
8a6c5efbb8e792b4-FRA
integrations
rbv9j7km.firstleaf.com/
48 B
252 B
Script
General
Full URL
https://rbv9j7km.firstleaf.com/integrations?source=firstleaf
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.199.75.202 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
metrics.production.nyc1.004
Software
openresty /
Resource Hash
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:41 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
jpuid
rbv9j7km.firstleaf.club/
67 B
408 B
Script
General
Full URL
https://rbv9j7km.firstleaf.club/jpuid?jsonp=RB.jsonPUID
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
142.93.125.44 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
metrics.production.nyc1.022
Software
openresty /
Resource Hash
08a09205a2d98713a2ee3b5d98515b0dd56c1c514379caded81a50bb2b3c400e

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:42 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
web-widget-main-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
466 KB
143 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f6256a0d8d1ba684fc7c0742b70a65f81f80a2d06b55435777d7da92bcc370b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
x-amz-version-id
jdko3xftz55HB5oWIk6XR2iq8f7CsIM8
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
2J0NB7T1XH7N2G7V
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
vA+oWMZfsEz0qg9F55OMZipELljvU+ACZjYnUBrhyfiBduFD2FonemHmfFke4uAiCQ4UK+feJfk=
last-modified
Mon, 15 Jul 2024 08:25:38 GMT
server
cloudflare
etag
W/"653b9ae717a0b8ed733d389e24913a65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4MN1z5uqYvZNvjpQ9iSKIbh488pwa97sNRLQz%2FimAN0KNUa4Z%2FPfWyMxI7DGSs8e7ZSmqutiRG8fO3Gbj1N0NpMXT37D0GDkVQ098bH6gasBR6%2B6ydxSUXOHqdHz9UymMu9qzhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efbcdf93a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:37 GMT
loader.min.js
files1.cybba.solutions/2856/
86 KB
27 KB
Script
General
Full URL
https://files1.cybba.solutions/2856/loader.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Sun, 21 Jul 2024 15:54:41 GMT
strict-transport-security
max-age=3600
content-encoding
br
cdn-edgestorageid
1079
cdn-cachedat
07/09/2024 16:53:14
cdn-pullzone
116099
last-modified
Tue, 05 Dec 2023 17:11:23 GMT
server
BunnyCDN-DE1-1079
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"656f59bb-156fe"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cdn-cache
HIT
cdn-uid
a080e070-2552-4896-b206-e42f1464eeab
cache-control
public, max-age=3600
cdn-requestid
75eea2674722606c60e04337df78d0ff
x-robots-tag
noindex
cdn-requestcountrycode
DE
cdn-status
200
expires
Tue, 09 Jul 2024 17:53:08 GMT
cybba_latest.min.js
d2rp1k1dldbai6.cloudfront.net/
78 KB
21 KB
Script
General
Full URL
https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:5a00:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c06672841feb201d51b955f1c8b63264ef181a9772f8132f69d0645b7f388195

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-amz-version-id
owGSXuvu8BzDDeLcv6lk4ZORaDB5deOq
content-encoding
gzip
via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
date
Sun, 21 Jul 2024 04:38:01 GMT
last-modified
Tue, 11 Jun 2024 15:04:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
40601
x-amz-server-side-encryption
AES256
etag
W/"fbd2e82210cc7fa9a63513df82d1f33e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
uAjzfeayAH9NZp7viaD1W_nd-mpVvWQou3b5aCsDKeJU-3F96GGpUg==
up_loader.1.1.0.js
js.adsrvr.org/
12 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-103-101.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 05:01:33 GMT
Content-Encoding
gzip
Via
1.1 360184e3d21355e6dfcea5cbe81a7f44.cloudfront.net (CloudFront)
Last-Modified
Fri, 07 Jun 2024 09:20:53 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
39188
x-amz-server-side-encryption
AES256
ETag
W/"a7eb6794e868fe870db350518165c868"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
sJIsNqSCwSK-WoPF7cmX_quNQYbPMwKsY40QnkLO5MlZqBKJjxJ0tA==
page
rs.fullstory.com/rec/
1 KB
735 B
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d1695e8439f52840d7e82c410f678cc495132eb538a09b3019a3036474d092d4

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
553
/
sentry.io/api/1397651/envelope/
2 B
324 B
Fetch
General
Full URL
https://sentry.io/api/1397651/envelope/?sentry_key=ff909656e90d411f9069253f654c00ac&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.26.0
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
widget.js
d2mjzob2nc713b.cloudfront.net/widget/
195 KB
50 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=f505aba
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2359:5e00:d:370a:51c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8feed3dafd920afc87598aeff0db3a51ab4f76db6fb4d03e0c8caf05ef5de854

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 14:01:31 GMT
content-encoding
gzip
via
1.1 c630c028c0123d2a5e8fa36e68049386.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P10
age
525191
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50496
last-modified
Mon, 15 Jul 2024 14:00:33 GMT
server
AmazonS3
etag
"b632f5645909fb843e123680ce7a2289"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
wPp_VRuGRyRprzvkdlpu2yUJTz7erZrYgBea6OTINdPEZrJN7Lr49Q==
x-amz-meta-mtime
1721052028.32
user
app.cybba.solutions/
122 B
492 B
Script
General
Full URL
https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=2856&oldUserId=undefined&email=null&_ts=54126135
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx, nginx /
Resource Hash
40e270a7cce0cfe191d00485edb059decf5f04a7c304b0c4d1ed5dacaba14a5e
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:36 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
122
x-process-time
0.0004954338073730469
Expires
Sun, 21 Jul 2024 15:54:35 GMT
/
pro.ip-api.com/json/
285 B
441 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=aUoasJP8dMuydUf
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
388ce67a54eccd1ddb8909e34d7acf178e312ffdc96c6b03d055af0ad47c2c30

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 21 Jul 2024 15:54:41 GMT
Content-Length
285
Content-Type
application/json; charset=utf-8
en-us-json-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 2141
20 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9af7421e077845c74da7b6680dc98188286382796e4bda60fedfd4a20c15ca7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
N.WRqk45CcYe_lOkjvLPUeatZjASyio_
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4B6VBQJ1Q15ZW69
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
PcHNK1Y8kMHA5nHDYNesK7UqmyLsIvell1TV2fwmznpwUfavNzvb++XCXseGzZl62trjkE5Re7s=
last-modified
Mon, 15 Jul 2024 08:25:39 GMT
server
cloudflare
etag
W/"166eb94e079b33ab287e115910c911f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SH282zAjn2ZZ%2BO52q6H2ElloQMbGzEhKExc2aUOAoYv2WA1BI8cf23NHL7X%2B1tuejtsaqJ0PJcmsD87K8jDR%2FVBOGqZZdfovdDSPAo0sKtb%2B1gqWHgO7NM96dfGUDdT80vWmp4U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f243a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:38 GMT
web-widget-4852-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
I2.taIefao7HrQHem9D88C29Faw.ydgl
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4BAA2G6YNJWG7YK
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
GtSyQQ5+4SUvvo3E04LWWQn1MdaHHC+BoNlLA77n33MewdVF6uzuZ0o5Bcao18A8DbZ6CJMEHXfW1BJs2Tb+AnlCL1Umaee8
last-modified
Mon, 15 Jul 2024 08:25:37 GMT
server
cloudflare
etag
W/"40fb729956c4a956df4256614af4b393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1GAOpLyg78%2FZ5gKYVtJRWPggKVxRwu7Sicr5SbMO8La2oHlLlk%2BnFxKzXCfommenZVvuSUjwe%2B%2BVWAh7IrttBHGr%2BkZvxQDUuCmP3Sv7yfB68gw7u5RjsssSGaNGbTNW6Gu5ExM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f273a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:36 GMT
web-widget-9527-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
29 KB
11 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
C.Ixj5I1INoEcKTANEqV8x52ixPtAebw
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4BDEFNFGSS1DZ13
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
M6jDmUQk+q+f8nHxcQBokReVQL9PNTvLJdVQ2RUS75UjLOAoTkzpOtDi2G1FAve9vVeJYwFU7qc=
last-modified
Mon, 15 Jul 2024 08:25:38 GMT
server
cloudflare
etag
W/"083d4fe56f4013855997ad6d21392f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iHoocUmu7RXn340njtl7Un4yQp1ko%2BoITwboSrq45gwIYhVNP4x2Iqam4xE%2BDz0zX42aUzYnowzTzE%2BBRcui0HxJklte3KjQAjITvVhOMOFXdy7Ri4LYcwwgS1%2FwBSzWyy9T60M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f2d3a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:37 GMT
web-widget-2306-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
14 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4d2528638f10450879984c32781e33b55cc6254558930f26d4e4d0047b74660
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
BSMgWIl_k6F8GWnNe8BMSVE8KO6kSG.P
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4B67YYAHXTK6Z2C
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
hp0GeODlIP68KFuYWUHtxWohf/KQ1tzKOmg/LlaBCXBSQxanTD7pZe3XDcJfJaPL6GWZN0P2oTE=
last-modified
Mon, 15 Jul 2024 08:25:37 GMT
server
cloudflare
etag
W/"af97f4d0d9aae07fbc0a8bf2e97aee9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErsXG3SVa5KOdn2eckceDtJ6GGrCmzCOl7NW%2FyUZriZjhabJb8MXREUSbIVFbPMiFGcnit5JeT6TWrWzZiKmvztNOHgBuAUwUdkt7qogxNckjnqVCLlAZ%2BMwzf6jMtGl4h66KoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f2f3a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:36 GMT
web-widget-198-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
10 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-198-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff28994d2b54d9ec720dfee461b74b75988d530316a673e5b3fc425ef482bd6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
txR0dWGcn8rt5k0g69nRFANVYcyuET_D
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4B7QHRKGD23A4BD
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
EiQFPPV+rf+2zpE0WGPnnpOC4EpsrhJBg0HRNN0LQGkHvPUpBfUlkzsa8Bqmoo8Hsyqa6oD8v+M=
last-modified
Mon, 15 Jul 2024 08:25:37 GMT
server
cloudflare
etag
W/"45512e4a121bcf0f0f725c4f3d6ea684"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hPnSKzhW%2FkxIy11pEZz1lvFV3Vn53G4HwBemoEYikDTZf4odkvKeZ3AbpvO%2FwINWqcKzDXgts1jtHcLVB3yKHBTFPZwQPR5ES6iHlShzlcpI7XhNZH7vIdZ3Llaxa%2FtOcTaskOI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f313a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:36 GMT
web-widget-3287-c4aa169.js
static.zdassets.com/web_widget/messenger/latest/ Frame 2141
17 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-3287-c4aa169.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15214068da53e58e0c2cb0389d12311b478c679256a033f4353260ef59991c4a
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
x-amz-version-id
AjvTAFDnZr7s_o2HzbwziTKAvvAG2hjh
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
J4B5811Z2W2JE9NQ
age
528867
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
g+p0kL7aU43bI0aDYn+gEepy1M4+bwUWhDLJXyOtbnzBNUCSv6DKQUyxseZG4273NWEz3KuAoj0=
last-modified
Mon, 15 Jul 2024 08:25:37 GMT
server
cloudflare
etag
W/"3ed5d9012de2c3ed63142b1cc8c89107"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laEMezvg6SkbGKm25S%2Be0kQoVSUYy4rsdX4xUFyF2YA6oacS8AImWC3jg39ySwkavsGgt0s8Jr2KMKB55OU3UeiAz8XMndzC%2F5gpXGb%2BseMDOjnASCnsTNtB4mWgZakFhOoCPWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8a6c5efc9f333a86-FRA
access-control-allow-headers
*
expires
Tue, 15 Jul 2025 08:25:36 GMT
28fc69a6b106b8bbf4255e58732b4429691c375c33dd91683c594606975a1e52
fbapi.firstleaf.com/events/
0
319 B
XHR
General
Full URL
https://fbapi.firstleaf.com/events/28fc69a6b106b8bbf4255e58732b4429691c375c33dd91683c594606975a1e52
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:ebf:1f00:adcd:17be:cd8c:3724 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.firstleaf.com
date
Sun, 21 Jul 2024 15:54:42 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fwww.firstleaf.com%2F&rl=&if=false&ts=1721577282074&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721577282064.379618513631216521&hmd=5b381d55f23c13eef1106b85&pl=https%3A%2F%2Fwww.firstleaf.com&eid=ob3_plugin-set_646e458a7d6f5abec93fde51486a1beca39ce68645fe97d45f861473cfc5b56a&cs_est=true&ler=empty&cdl=API_unavailable&it=1721577281378&coo=false&rqm=GET
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 21 Jul 2024 15:54:42 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fwww.firstleaf.com%2F&rl=&if=false&ts=1721577282074&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1721577282064.379618513631216521&hmd=5b381d55f23c13eef1106b85&pl=https%3A%2F%2Fwww.firstleaf.com&eid=ob3_plugin-set_646e458a7d6f5abec93fde51486a1beca39ce68645fe97d45f861473cfc5b56a&cs_est=true&ler=empty&cdl=API_unavailable&it=1721577281378&coo=false&rqm=FGET
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Sun, 21 Jul 2024 15:54:42 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7394118124327457108", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1328, tbw=3091, tp=-1, tpl=-1, uplat=167, ullat=0
pragma
no-cache
x-fb-debug
JGrffHwimKOtvA2LUqt1KH2GV/nKzpNyMv1s/SUyQ116bXvdUYB4T49lEFcxEy8sk2LPXULuSlulTcqPFswu2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7394118124327457108"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
1127810653.json
www.firstleaf.com/page-data/sq/d/
898 B
495 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1127810653.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc6dcd7a381454f1aa9968e8213c7f46620a43e4f38ac4d248aec2c422547a

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"d9e5d79a522a63af8a6e2cdcb13a408e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fc49040-FRA
x-amz-cf-id
QHosP2oIGvAA2i8Uc3PCngyhV27mHRyRLPN5WsQAG1c02Fhslv8Wrg==
1336607429.json
www.firstleaf.com/page-data/sq/d/
8 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1336607429.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce753ae3b1e52fa4eaeff638550c3fea3040a4e4822adfc070918eb4f1e0b4e

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Sep 2023 08:20:32 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"6d0f32099667dcd6d847a977984787a3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fc69040-FRA
x-amz-cf-id
h5FOUnSRwWVN6x6G1GY7sYoABlqllsAMzT5e968TVk3xNPIx9FWBxQ==
1417137468.json
www.firstleaf.com/page-data/sq/d/
15 KB
3 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1417137468.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa1c7e57a68afc812b9b2262cdaa48f2af299ce5aaced407b25798fa0542d08

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Sun, 21 Jul 2024 08:16:16 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"c5cb15221177032ff58b8be4325a1326"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fc79040-FRA
x-amz-cf-id
2FcJmzDALIR9Bcx-7KZzkIPLqWPER-l8PCDkYzB2sbbtsEW9ZBn5Xw==
1773341317.json
www.firstleaf.com/page-data/sq/d/
321 KB
57 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1773341317.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
210928d2a9a479e92e8a73df95adc1d71c89246289c5e344274c2f7c5291ce62

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Mon, 15 Jul 2024 21:35:56 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"464713f11d5f666ea8e9e95b68c12535"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fc99040-FRA
x-amz-cf-id
x81IbLvAVsuEPaCrh3niRNykA_s4WMlhEYc5X8b4TzRXPmxA959xRg==
1806462600.json
www.firstleaf.com/page-data/sq/d/
3 KB
669 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1806462600.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d4d591156a0c14d4990f575daea57d7ca5ae8bb4021fc38d66445578e77b3

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 12 Oct 2023 19:54:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"98900a93434132189ab0148c1acaf82b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fca9040-FRA
x-amz-cf-id
rha37Hp5X8JTICKI-Y9N8KwSX7Kd2BSo3XXvFwtwfuobiIjCdivxGQ==
2343482889.json
www.firstleaf.com/page-data/sq/d/
81 B
256 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2343482889.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c472f5fc6038aa27db8aa76648236f916446c78b691d4211ef95a546411ca8b

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Aug 2022 12:51:27 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"bcbe45f39971408a2e07253a116c24f7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fcc9040-FRA
x-amz-cf-id
9oSc820JmwgGD2MbBSqMYTvpIKkL6rhsymEmdk7HfozQ5easa4iwEA==
2446253125.json
www.firstleaf.com/page-data/sq/d/
2 KB
857 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2446253125.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc84cd40ef02e70aa5996747df4659e7ea7da89f8d108eabac6e589cf34090c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"220e74a11a9dd36eb3f1b15d96abe041"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fcd9040-FRA
x-amz-cf-id
gq7TiBsgKygxUaTNMQrdMEONhBoIm0d9weAvh2meDoakZOObtM2B0A==
2625547197.json
www.firstleaf.com/page-data/sq/d/
35 KB
6 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2625547197.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0589e33227a9a5575e0bc6485cf65f706bb2f53c77b847aa36960cf50064e730

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Sun, 21 Jul 2024 08:16:16 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"12e3215efb6bfc65922fc3e327bdf1f5"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fce9040-FRA
x-amz-cf-id
KCnho64eh9V0ucVOLtLA_mpQQOe72BU_kIteEzEBC8HvwuW7ojfMbg==
2727750032.json
www.firstleaf.com/page-data/sq/d/
1 KB
768 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2727750032.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d706b4e3d196efcd7c73bb6e45a2adf171af07bcb7408123f660e06ec40caee6

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"490497183ead171309c86ef43de5fc72"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fcf9040-FRA
x-amz-cf-id
E81Kzd7ugYR1w3PPrXHDXWJLaxj2f79IzKTA8JT3201gMLWdp49Z6Q==
2729198856.json
www.firstleaf.com/page-data/sq/d/
7 KB
4 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2729198856.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee917ea47cdb075cc4ad5fca582dcb91d431980ca4dadf7cdc36f34f38d5cd7f

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 18:32:04 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"5bd77ecd5663f3a66203d7c3b0ded6f1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe0fd29040-FRA
x-amz-cf-id
G1jniYeVxYyawwahtQZGMNQzUXiu2iCkSxCeccxVXn0PJnUaRwhNdQ==
2734060729.json
www.firstleaf.com/page-data/sq/d/
20 KB
5 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2734060729.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83e9b440122162e26168f780eb567cbc84a351c4728c3cc8bd3679e8e362ff9

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Jun 2024 15:01:34 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"13482419a9f2c5b5a126e6d5bd4214a8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fd99040-FRA
x-amz-cf-id
qIXRUdVYW2ugz-ZPYH-EV06aWgLLZlx-kTO_mN4j7ZezL60-mNgH9A==
2754068927.json
www.firstleaf.com/page-data/sq/d/
4 KB
1 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2754068927.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa2e6166c7e04afa18a7adecff919c61d92877b2285d2aef27127476e4b538a

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Sep 2023 23:43:05 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"9bf2a50c53bddceb6e916d9b67ae5b54"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fda9040-FRA
x-amz-cf-id
y6rS-QMFMOGvKfqFKE5KARD2-uJy2pkVF-FqYreNYn8rfSU0LHoEcw==
2764483679.json
www.firstleaf.com/page-data/sq/d/
3 KB
899 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2764483679.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bdfcbcd23b5134cd377c78bbf03971926795fa6398c62599782d4d6e381620

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Oct 2022 15:55:32 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"f2aabd68d8137b9c2a2b980847ec0644"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fdb9040-FRA
x-amz-cf-id
BILG8tNvKkoe_JyGNkDpSruHz6EMtMsGNa1UDiE4L6gXoUVln0vkVA==
2771237727.json
www.firstleaf.com/page-data/sq/d/
622 B
543 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2771237727.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4a4d483e6cb4667bed478a5f53e7c24bda8c91025757357eca32835fd69d97

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"79feae68043e971e307220f03c033a26"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fde9040-FRA
x-amz-cf-id
NDN4SP3RcwLaNYwD9cI6Z88Qtd0UyrweZVk3cbHOyHShQJa57l1B3w==
3065704166.json
www.firstleaf.com/page-data/sq/d/
607 B
421 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3065704166.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b042c650b6af4874dfcad48aa7fd53dc9b32a444a96fba1f7161a02607907a8

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 04 Aug 2023 20:23:09 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"62267b28fd2e454d403e7198dcbde8c4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fe19040-FRA
x-amz-cf-id
rpKASnNrNbFj_WmskzNLQ9FGjra3RrrannCCM_i2PGdioRU0g7WZ7g==
3079672699.json
www.firstleaf.com/page-data/sq/d/
19 KB
11 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3079672699.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bef875cb4110e02d8f52c061cfbeb46a870e9733cc9c45a647105ec3fe8e53f5

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 20 Jun 2024 08:20:32 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"00dd8e53a2791a95bb737f8b8d0bce0c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fe59040-FRA
x-amz-cf-id
okvvnPeTH1uJVsf8hdCCBhgpYuglQfDuPS5-isD8mIwJBYOYWJNODg==
3102105077.json
www.firstleaf.com/page-data/sq/d/
16 KB
8 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3102105077.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5850b054cbadbf0721bfb0b70372b9678092bf4f9ad10f3ca0c0a34ddfa96147

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Mon, 15 Jul 2024 21:35:56 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"ae0483f7bc25155aa4469b60a94c314b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fe79040-FRA
x-amz-cf-id
LYa6TgLktO4bRnf4ElOSj9Ux-1efwD1-MdL3IS79xUoCu51mLsJ7PQ==
3102962149.json
www.firstleaf.com/page-data/sq/d/
8 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3102962149.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3fa27efb7fa0336505319590fa396a9672fe9e3607dea0b2fa820329d52e763

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Apr 2024 20:37:44 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"ee16d3e928d42c463c4546c8553545ea"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fe89040-FRA
x-amz-cf-id
_KvUR5MKxI2buTlzlk4DzrQ2HzXhNIZnGdzsAvneDRHbfZeyzNCJ3A==
3205276428.json
www.firstleaf.com/page-data/sq/d/
248 KB
63 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3205276428.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1963d23c542c020e2ae2dfa65fab78ea749c3c7648d08b2a853cfc46ff6533ba

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Mon, 15 Jul 2024 21:35:56 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"5216c7d6590e33b7e233ca4c8f1f31b3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fe99040-FRA
x-amz-cf-id
mUN8txr5BvVz7RDQF0q96cgyKXD8BGCCRhSSnXgjLP3Io9ws1ZfDOw==
3522674478.json
www.firstleaf.com/page-data/sq/d/
23 KB
5 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3522674478.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21eb07dfa4fbf58620c4c6d09513a4bca648484ad69ab56d0593350f8e48f38d

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 18:32:04 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"a08ea3df8f738c79f8f78dd3cf095752"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1feb9040-FRA
x-amz-cf-id
tFuaRTEdntxdyknyOz7jeLmBX9nkixaZw3EdBQXMdULTNiKgBD_E-w==
3679669099.json
www.firstleaf.com/page-data/sq/d/
27 KB
6 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3679669099.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8d77d043a96aef2a52d4426aa82cf9df591363c3f6407ce3cb42b0ccfc2214

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Jul 2024 17:36:16 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"fa44d0c5fcb91ae0d7da8e23cf4a9b6e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fec9040-FRA
x-amz-cf-id
sZlWGxRfqTxdw4oCUZnQA5PFfR7ZVvcG46mxvN8gwgE0TCRTMLRhXg==
384391487.json
www.firstleaf.com/page-data/sq/d/
388 B
383 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/384391487.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03f3488eeb6bcad6fa76499431ef68b5e0283c9eb8d71ed52851c14ff9f5d5c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Aug 2022 12:51:28 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"af315518cf9c83f1a5039ef893a09a9e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1fee9040-FRA
x-amz-cf-id
rlbu1F99JFmVMHOrsly8yVFr3DYvfsdQ32gEzuJ0pPGfZU_y7Szrdw==
3963807967.json
www.firstleaf.com/page-data/sq/d/
424 B
611 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3963807967.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26016290e850521c9a3ef79306794f47fad48d36b2db9477e68628ba45f6032c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 04 Jul 2024 13:58:40 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"1102b4b638e2be6be932809375c3dd58"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1ff09040-FRA
x-amz-cf-id
Ilchh1gAXtUdsDZfGbjzP4-HYxy2L0xW3bgppON31t9bMvkcbRIs7w==
4049699997.json
www.firstleaf.com/page-data/sq/d/
5 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/4049699997.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236bc97a188e4940fec1bd29c0f58b4e1bcbacd475911604e5f0016c1a39f12e

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"a0e3c20823fb865018375ee933b0ea4d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1ff29040-FRA
x-amz-cf-id
Mk7JJ35cGqhWwkTFlYFLDUfNdDUUEvsrk6D58q_k1OtJiXqnqFs9DA==
4076379186.json
www.firstleaf.com/page-data/sq/d/
10 KB
3 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/4076379186.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ffd7c895462ca8be72e8a84a42febfdfb52701f2fbdb9fc2eacbe2cbb5fc6c

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 16 Jul 2024 14:27:50 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"135fee872489b41bbb9ad3cd8c11521e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1ff39040-FRA
x-amz-cf-id
oo7CH3vBRNiPUlUHKaLj3atqiFIJKtNoJmCUI-GGcKUfjqUprOF4XA==
829245689.json
www.firstleaf.com/page-data/sq/d/
2 KB
894 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/829245689.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9079e41a84e532c7a5f6363737595134c170c9b48a0ded5a2a1519524f6bf7a

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2024 17:12:54 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"62b41a52a2aee82b1c0039648ba78152"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5efe1ff49040-FRA
x-amz-cf-id
3JABhDjQvCylYhhPLWTZfOI_2vyL6weyBFP6uXsYfKw6h_XmdC1-Nw==
pv
penrosehill.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://penrosehill.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8a6c5efebdfd9b88-FRA
date
Sun, 21 Jul 2024 15:54:42 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KpBszAhEAeO7XdiN6n4BpOSfhw6YchYSUVEdPEUWlkvCKGDGERpNfOstKQq25ky1CXdCD7GVmbe9TeoXr5HTuxlmwHVPzOUTIp%2FEH%2FXAW8OX8h4JCW2K9GqmsP5W1UdLJvgeTj6MmU7D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8a6c5efebdfd9b88-FRA
x-zendesk-zorg
yes
pv
penrosehill.zendesk.com/frontendevents/ Frame 2141
0
0
Fetch
General
Full URL
https://penrosehill.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t1CNf5Ya02JCtYovZ02Y2m%2FL0G%2BfFU7QcrnaQ%2FMC5itEwRAQDZdPjS41mrRnyJ6%2FY28jGRRUvh69JlbJRRNRYDXJ2Iq9Wuc8gei1DnuHw3APbdxDY5VQFfOnNzorfJaOa1tP2Y57d4Ec"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8a6c5eff8f149b88-FRA
content-length
0
x-request-id
8a6c5eff8f149b88-FRA
config
penrosehill.zendesk.com/embeddable/ Frame 2141
763 B
981 B
Fetch
General
Full URL
https://penrosehill.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c4aa169.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e1b4e0db9a5575181873430c7f89bcc95787355fd823ccb1e6a5787c94da4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-dfbf5bf9b-klwj7
x-cached
MISS
x-request-id
8a6c5efebdfb9b88-FRA
x-runtime
0.001892
last-modified
Sun, 21 Jul 2024 15:53:02 GMT
server
cloudflare
x-zendesk-zorg
yes
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xfIYIB2oeSbFjJylEFD8HPRzbJ3n825zYXT5Ct8O4MyHeK1M%2ByaGWOhsTbGsBo7jMmCCRzrkB8Nk6jIVKiGmmQIrw8tqcWimlSvfQKAaodCPUb4hMuYN9HY1txFeJjtUrNGYZMksdbt%2F"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8a6c5efebdfb9b88-FRA
digibox.gif
www.lightboxcdn.com/z9g/
35 B
274 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1721577282341&h=www.firstleaf.com&e=p&u=44194
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:42 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
510831
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
e979446f-501e-0011-4b70-752f2b000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8a6c5efea9aba079-FRA
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?url=https%3A%2F%2Fwww.firstleaf.com%2F&action=view&source=firstleaf&rb_source=firstleaf&script_version=wxyz.rb.js&sessionId=92c7b25d-4575-4127-ae00-558ffa5864b5&uid=rbos-bc3ae709-394e-4b2c-bbbb-eaa682af773a
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.199.75.202 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
metrics.production.nyc1.004
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:42 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?url=https%3A%2F%2Fwww.firstleaf.com%2F&action=identify&source=firstleaf&rb_source=firstleaf&podsights_session_id=578d2aa65c7e4d8481d793a4e26904ae&script_version=wxyz.rb.js&sessionId=92c7b25d-4575-4127-ae00-558ffa5864b5&uid=rbos-bc3ae709-394e-4b2c-bbbb-eaa682af773a
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.199.75.202 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
metrics.production.nyc1.004
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:42 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
update
app.cybba.solutions/event/2856/
79 B
449 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/update?data=%7B%22userId%22%3A%226376550410228921%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1721577281958%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_bqstore=0&_ts=94398739
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx, nginx /
Resource Hash
d2fa0eac774aea729f9a7ff7e371fecbd2d12f27b2b28cf60b97f13326c2ec45
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:42 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.00041222572326660156
Expires
Sun, 21 Jul 2024 15:54:41 GMT
fs.js
edge.fullstory.com/s/ Frame BBA8
281 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:24:41 GMT
content-encoding
br
age
1800
x-guploader-uploadid
ACJd0NrdlrdDRz5LCjTJxldUx28_AxBy0xXYyQUcL_3yYrJHoAZz-jP-vit1U-fzMBNJEHuaR88
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77295
last-modified
Wed, 17 Jul 2024 16:21:25 GMT
server
UploadServer
etag
"095e0583b9f0b77dcfabda986e21c5e4"
vary
Accept-Encoding
x-goog-generation
1721233285230102
x-goog-hash
crc32c=oVnvFg==, md5=CV4Fg7nwt33Pq9qYbiHF5A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
77295
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Jul 2024 16:24:41 GMT
fs.js
edge.fullstory.com/s/ Frame CEC2
281 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:24:41 GMT
content-encoding
br
age
1800
x-guploader-uploadid
ACJd0NrdlrdDRz5LCjTJxldUx28_AxBy0xXYyQUcL_3yYrJHoAZz-jP-vit1U-fzMBNJEHuaR88
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77295
last-modified
Wed, 17 Jul 2024 16:21:25 GMT
server
UploadServer
etag
"095e0583b9f0b77dcfabda986e21c5e4"
vary
Accept-Encoding
x-goog-generation
1721233285230102
x-goog-hash
crc32c=oVnvFg==, md5=CV4Fg7nwt33Pq9qYbiHF5A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
77295
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Jul 2024 16:24:41 GMT
fs.js
edge.fullstory.com/s/ Frame DB10
281 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:24:41 GMT
content-encoding
br
age
1800
x-guploader-uploadid
ACJd0NrdlrdDRz5LCjTJxldUx28_AxBy0xXYyQUcL_3yYrJHoAZz-jP-vit1U-fzMBNJEHuaR88
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77295
last-modified
Wed, 17 Jul 2024 16:21:25 GMT
server
UploadServer
etag
"095e0583b9f0b77dcfabda986e21c5e4"
vary
Accept-Encoding
x-goog-generation
1721233285230102
x-goog-hash
crc32c=oVnvFg==, md5=CV4Fg7nwt33Pq9qYbiHF5A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
77295
accept-ranges
bytes
content-type
application/javascript
expires
Sun, 21 Jul 2024 16:24:41 GMT
42EAA430EACBA7411.css
www.firstleaf.com/fonts/863556/
Redirect Chain
  • https://cloud.typography.com/7410416/6307592/css/fonts.css
  • https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
207 KB
0
Stylesheet
General
Full URL
https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd78e291a52c0f56b572cac3e374c61ef924d7ddfffe94be1cf408fbf706b70

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Jun 2023 18:04:56 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"51ffa87e0ce0e4d9ad3ab7a793f98c04"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=14400
cf-ray
8a6c5efc2d259040-FRA
x-amz-cf-id
u_w1_F9tSgree1vq8oZo6JwwgKEwXP1qiYRD0weLnXUcmcqjp9uEdQ==

Redirect headers

Date
Sun, 21 Jul 2024 15:54:42 GMT
Last-Modified
Tue, 13 Jun 2023 18:10:29 GMT
Server
AkamaiNetStorage
X-HCo-pid
19
ETag
"9a52622c3b0b353cd052a5e4518bd213:1686679828.962264"
Content-Type
text/html
Location
https://www.firstleaf.com/fonts/863556/42EAA430EACBA7411.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Sun, 21 July 2024 15:54:42 GMT
truncated
/
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
23d5bcb16afb378a9d615cbbe18ce2b39bd32b9ef977102487722c6d118e0f39

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0106f314b23ace616393c7a2bec49cdd576ddd2dfc713dd8f16bb24e7c00f1e8

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
12 KB
12 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f2b62aa3a66cbbd89ab53e77076d8f31b286450fc67a7665538270d57d93799

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
18 KB
18 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66bcde261ca688d479dcf14a4e8e256b227735c8ba473f26b08bb36665b011e4

Request headers

Referer
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
pipeline
ct.firstleaf.com/prh/ Frame
0
0
Preflight
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.firstleaf.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8a6c5f01cb42928d-FRA
content-length
0
date
Sun, 21 Jul 2024 15:54:43 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
pipeline
ct.firstleaf.com/prh/
2 B
229 B
XHR
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.firstleaf.com
access-control-allow-credentials
true
cf-ray
8a6c5f049f999040-FRA
content-length
2
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 21 Jul 2024 15:41:01 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
821
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 21 Jul 2024 17:41:01 GMT
api.js
challenges.cloudflare.com/turnstile/v0/b/bbfecc7f1c71/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad
  • https://challenges.cloudflare.com/turnstile/v0/b/bbfecc7f1c71/api.js
43 KB
15 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/b/bbfecc7f1c71/api.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H3
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20ae8f3421682042d681bb7d09a6285bed4fc7bc03fedc91178576dd175490b

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
br
last-modified
Tue, 16 Jul 2024 01:52:55 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
8a6c5f021e2e18e9-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 21 Jul 2024 15:54:42 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/b/bbfecc7f1c71/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
8a6c5f01bd9318e9-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
checkouts.json
api.firstleaf.com/api/
2 KB
2 KB
XHR
General
Full URL
https://api.firstleaf.com/api/checkouts.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
907fba13a6c557c16aa2436a2ab26dfecf1d131e628a0e8cb4a042c5f47d9e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
6665198f-d017-4637-a3e3-88a122815091
x-runtime
0.156856
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"907fba13a6c557c16aa2436a2ab26dfe"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
8a6c5f01ebc135e4-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
223-93477160dda2993c6123.js
www.firstleaf.com/
3 KB
2 KB
Script
General
Full URL
https://www.firstleaf.com/223-93477160dda2993c6123.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/webpack-runtime-36e5269afc4572b4249c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c521d5535bd16fa41564dc19a2043f492e87104fc8089b9fca8040813a0f80

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
gzip
via
1.1 ecbb6ac82f8f6ff46460b69097d121ec.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
104589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 20 Jun 2023 15:54:17 GMT
server
cloudflare
etag
W/"f2c96b9ae25854b1e183ec2c3ad46955"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
8a6c5f01abd69040-FRA
x-amz-cf-id
qKTzZn9Eh6qjgCuCki7Qq8-6CB2CIl-pXG-NE7esPcZxWWHEhdqSaA==
destination
www.googletagmanager.com/gtag/
264 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-935608953&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49dd4bc902b1121ea8d72d8349cd2125c6e68b3ec54fe7ca4e97307b65c90527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93041
x-xss-protection
0
last-modified
Sun, 21 Jul 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 21 Jul 2024 15:54:42 GMT
july_promo_get2free-3bda6ef4e2ebbbb2b2da2949ca9a0370.jpg
www.firstleaf.com/static/
921 KB
922 KB
Image
General
Full URL
https://www.firstleaf.com/static/july_promo_get2free-3bda6ef4e2ebbbb2b2da2949ca9a0370.jpg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca0a275e1e0433e052641bcddde7267fb654d46ed4b1631d36077e8b514298a9

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
via
1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
942973
last-modified
Tue, 16 Jul 2024 14:26:28 GMT
server
cloudflare
etag
"d653114ea8ea920d0a03f5ed64078cc5"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5f01ec339040-FRA
x-amz-cf-id
LIsS-dP6dvvoiwutCYDsx3eS6Jlw0fb-I5rINVEXSsdqirU5Ob9nPQ==
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9e24b2a2c5ae741aba134a5764fe7267376ec85c5fa349acc18e4d21b600292

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18aeba875cb986ff0c9bad79ba5b2b36158f50923f6f4c4284e61e1f2b84536c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d171bc5152bfb08047c65650bff8f1828cc63f53d95bacd4ae24a3806607c27

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf7d99bfd85f20c422fac114ec71fa775883e8b430f1e20cdac1f5db187350a1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d3238f57e3ae44a7d0b2ef513ff2e8cf9afaf6e442f5fa5a575c4f8efd0290e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a9fb33e08a93b89c3365895199b512887263e05716811dfedac593db29a3f4

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd7e3ece391682a33c28af9cd8a27168fe9da07dfb2ce47b62142b6815c904cd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17baaf0620679e688805c54583243a34e8491165c5f1029c16977bae6a5f76c0

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
0
bat.bing.com/action/
0
228 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=4b59eb22-ffa8-4a22-bdca-433f0623c0cf&sid=8b7fafb0477911ef888eb7ddace31277&vid=8b7fb810477911efa64331a92a2e3d32&vids=1&msclkid=N&el=%2F&ec=july-2024-price-elasticity&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=july-price-get2Free&en=Y&p=https%3A%2F%2Fwww.firstleaf.com%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQET&rn=586012
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 15:54:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8A222D5D76EC42099A34C2DAF9934582 Ref B: FRAEDGE1822 Ref C: 2024-07-21T15:54:42Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
230 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=4b59eb22-ffa8-4a22-bdca-433f0623c0cf&sid=8b7fafb0477911ef888eb7ddace31277&vid=8b7fb810477911efa64331a92a2e3d32&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=page-ready&en=Y&p=https%3A%2F%2Fwww.firstleaf.com%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQET&rn=166590
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 21 Jul 2024 15:54:42 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FBEBBBF8420A4D04BCDCCD91F2F021AA Ref B: FRAEDGE1822 Ref C: 2024-07-21T15:54:42Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
714 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1043a0dd1a57bddb307b2bac12686151292cf08f095b86d5702a531f9413af

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
670 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d40b3150ea8494d850dc53c34d42806f60a5afeeddd14d64c667b4978f1921

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b333edfba237a23eccd269faed9f51d3430824ba342db01043166bf8a7d1f09

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
666 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bd4ed71008e5c241321562a82cb6d535d7db6b7fbd3783896a96ae48d5211f3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
664 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c79e4569e88f2104a0181ddd9428c78b94ee022fc5694a1c4c8805b5fe98560

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
681 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba174758f3512e1225fb25acd56d073b71f92d5cfc332f4ab54a4273765528da

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
659 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0cac1d717f7ebdef430e44e0c211f722a77f29207e553d69e69901276a7e224

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
642 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
136aadbe4eea0b2a6b68a3ec2cd24be6002dc085376ae638768db1d2834c653b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a0839a70494ec741f3d86d0a3c586be820886d3e5407016453a31ee304d0266

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
667 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87ab28f982528ab1259f99a8c040c11ceb6161e038c8ca1dce09651718058d1d

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
658 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74342d26027f9f21a160adb21dea7121e79456c5e7e05579177c6bea0553a7b3

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
wineprint-in-mobile.webp
www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/
22 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/wineprint-in-mobile.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:41 GMT
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
58981
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22690
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"4ca1653d35f298be8a4317172979871c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8a6c5ef838ea9040-FRA
x-amz-cf-id
QgNNqhRuiUAaOuwfuKOh0SZvjXwda85FbFwt-_XkLTAPlmdwabDkCw==
getuidj
ib.adnxs.com/
11 B
703 B
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:43 GMT
an-x-request-uuid
9c4f242c-6414-44d4-8e8b-afcd6f791556
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
R288528513.json
api.firstleaf.com/api/v2/cart/
919 B
476 B
XHR
General
Full URL
https://api.firstleaf.com/api/v2/cart/R288528513.json?order_token=QGSRORfq7W9O2xYbT334Iw
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a997be9fa358fff23fc9e5122297e4a9aafcc69578e829f7f7f0726bb2bc6c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
c655b2a8-38c4-4866-8e41-999ad915b361
x-runtime
0.044815
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2a997be9fa358fff23fc9e5122297e4a"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
8a6c5f0608d035e4-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ship_to_info.json
api.firstleaf.com/api/
14 B
163 B
XHR
General
Full URL
https://api.firstleaf.com/api/ship_to_info.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
717a7bda-a932-482b-bff3-10f182a2e2f5
x-runtime
0.088134
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aca66b739fcde148403f4735fd9091fb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
8a6c5f073a1b35e4-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
pipeline
ct.firstleaf.com/prh/
2 B
56 B
Ping
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Requested by
Host: images.firstleaf.com
URL: https://images.firstleaf.com/js/sp-at-v2-14-0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.firstleaf.com
access-control-allow-credentials
true
cf-ray
8a6c5f077b4f9040-FRA
content-length
2
p
i.simpli.fi/
798 B
764 B
Script
General
Full URL
https://i.simpli.fi/p?cid=449212&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
238.89.204.35.bc.googleusercontent.com
Software
openresty /
Resource Hash
2bb06507e0829652c2bee92ab692f31de2ec231927c1ec9c297e5dce3c010253

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:43 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 4718
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-18.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2841
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 15:07:23 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Tue, 09 Jul 2024 21:59:30 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
x-amz-cf-id
i0nJDvCpOPzr41pVraJl2xRZttqRUdM0cAOwF1zMxW61g50Uf5FUlQ==
x-amz-cf-pop
FRA60-P8
x-cache
Hit from cloudfront
x-content-type-options
nosniff
params
shop.pe/widget/main/init/
260 B
744 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=62725feabbf6c339ae0dfd75&product=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&product_url=https%3A%2F%2Fwww.firstleaf.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.firstleaf.com%2F&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=44178&cookie=&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=f505aba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b47bf7920b4bfd04ebdd28845a8bf2c6dc08522aef5ecb51b3c9c4bd64891461
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"c73a52f3450bcfe82109905753b15b0fc0cb0c29"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
rum
www.firstleaf.com/cdn-cgi/
0
137 B
XHR
General
Full URL
https://www.firstleaf.com/cdn-cgi/rum?
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.firstleaf.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
8a6c5f08acb29040-FRA
up
insight.adsrvr.org/track/ Frame 5851
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=l7cyjy0&ref=https%3A%2F%2Fwww.firstleaf.com%2F&upid=hm2fj8w&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash

Request headers

Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
0
content-type
text/html
date
Sun, 21 Jul 2024 15:54:44 GMT
server
Kestrel
generic
app.cybba.solutions/event/2856/
79 B
448 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/generic?data=%7B%22userId%22%3A%226376550410228921%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%220%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=67109753
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx, nginx /
Resource Hash
d2fa0eac774aea729f9a7ff7e371fecbd2d12f27b2b28cf60b97f13326c2ec45
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:44 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.0005383491516113281
Expires
Sun, 21 Jul 2024 15:54:43 GMT
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=293B723C58454445AA1DB7E297C13247
0
238 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
2600:9000:273e:400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
cache-control
no-cache, must-revalidate
via
1.1 59934e2100e012bf757855f3cda08cbc.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-P3
x-amz-cf-id
7g0tBjmrWzo-ZeDk7ycz9qPf1ptv2XBjCYEGPFctQwtQyrW1MUrfCA==
x-cache
Miss from cloudfront

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
293B723C58454445AA1DB7E297C13247
sync.1rx.io/usersync/simplifi/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/293B723C58454445AA1DB7E297C13247
0
99 B
Image
General
Full URL
https://sync.1rx.io/usersync/simplifi/293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.1rx.io/usersync/simplifi/293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=293B723C58454445AA1DB7E297C13247&dongle=yf3
37 B
141 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=293B723C58454445AA1DB7E297C13247&dongle=yf3
Protocol
H2
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=293B723C58454445AA1DB7E297C13247&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=293B723C58454445AA1DB7E297C13247
43 B
176 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
2600:1f18:612b:4232:5012:c2ca:70d1:c09 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sun, 21 Jul 2024 15:54:44 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247
95 B
429 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=293B723C58454445AA1DB7E297C13247
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=293B723C58454445AA1DB7E297C13247
  • https://d.agkn.com/pixel/10751/?che=1721577284145&ip=45.141.152.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D217053104950003104647
  • https://um.simpli.fi/aa_px?sk=217053104950003104647
  • https://um.simpli.fi/empty.gif
43 B
362 B
Image
General
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=293B723C58454445AA1DB7E297C13247
0
0

pubmatic
um.simpli.fi/
43 B
410 B
Image
General
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 Jul 2024 15:54:44 GMT
freewheel
um.simpli.fi/
43 B
410 B
Image
General
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 Jul 2024 15:54:44 GMT
getuid
sync.smartadserver.com/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=293B723C58454445AA1DB7E297C13247;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=293B723C58454445AA1DB7E297C13247;mimetype=img;sr
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D161185%26size%3D1x1%26du%3D36%26csync%3D[sas_uid]
  • https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
Protocol
HTTP/1.1
Server
89.149.193.89 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:43 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://fei.pro-market.net/engine?site=161185&size=1x1&du=36&csync=[sas_uid]&cklb=1
pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0&xl8blockcheck=1
0
771 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0&xl8blockcheck=1
Protocol
H2
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=293B723C58454445AA1DB7E297C13247&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/
43 B
410 B
Image
General
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 20 Jul 2024 15:54:44 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=293B723C58454445AA1DB7E297C13247
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=293B723C58454445AA1DB7E297C13247
Protocol
HTTP/1.1
Server
52.6.254.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-254-10.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Sun, 21 Jul 2024 15:54:44 GMT

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=293B723C58454445AA1DB7E297C13247
62 B
447 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-192-153-172.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Sun, 21 Jul 2024 15:54:44 GMT
content-length
62
content-type
image/gif

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
tpid=293B723C58454445AA1DB7E297C13247
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=293B723C58454445AA1DB7E297C13247
49 B
267 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
54.217.140.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-140-248.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.183
content-length
49
expires
0

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=293B723C58454445AA1DB7E297C13247
0
224 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
34.243.185.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-185-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
x-merge
GDPR Optout true
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=293B723C58454445AA1DB7E297C13247
0
99 B
Image
General
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1721577283951&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&psc...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscr...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI3-fek7-4hwMVR10eAh0vBAreMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5maXJzdGxlYWYuY29tLw&is_vtc=1&cid=CAQSGwDaQooLPGQGTOD-khR6gUb1KLuWdBIv4CBW1w&random=3939032852&ipr=y
Protocol
H3
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=1058027759&cv=7&fst=1721577283951&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMI3-fek7-4hwMVR10eAh0vBAreMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3d3dy5maXJzdGxlYWYuY29tLw&is_vtc=1&cid=CAQSGwDaQooLPGQGTOD-khR6gUb1KLuWdBIv4CBW1w&random=3939032852&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/
0
273 B
Image
General
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
118.74.204.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=293B723C58454445AA1DB7E297C13247
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D293B723C58454445AA1DB7E297C13247
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
an-x-request-uuid
64353dc8-4fae-4689-a945-2a055be8c427
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.75; 45.141.152.75; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
an-x-request-uuid
2d4ab9a5-1853-4cc1-93e2-556148e02381
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D293B723C58454445AA1DB7E297C13247
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.75; 45.141.152.75; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=293B723C58454445AA1DB7E297C13247&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=293B723C58454445AA1DB7E297C13247&expires=365
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=293B723C58454445AA1DB7E297C13247&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=293B723C58454445AA1DB7E297C13247
43 B
265 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=293B723C58454445AA1DB7E297C13247
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=293B723C58454445AA1DB7E297C13247
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 20 Jul 2024 15:54:44 GMT
pixel
cm.g.doubleclick.net/
170 B
410 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
params
shop.pe/widget/main/init/
1 KB
683 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=62725feabbf6c339ae0dfd75&product=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&product_url=https%3A%2F%2Fwww.firstleaf.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.firstleaf.com%2F&callback=AddShoppersWidget.load_widget&rand=18020&cookie=2%7C1%3A0%7C10%3A1721577284%7C15%3Aaddshoppers.com%7C44%3AOTdkMWY1NWFkMjM5NGVlYThjNTJmNDVmMjdiMjk0YjE%3D%7Cfb8c040bd95aeea7164c540c74a9809e15cff0059524503c52556c764db859ba&referer=
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=f505aba
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
109d22db57f69395fabf73c25c2f9a432968fae0222a1099f471802e03c732e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"63b4217270c179df744ba347c6e863772d81c498"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
ba5cd1e2255e4f75a0ae1c1cd34f0620.js
addshoppers.s3.amazonaws.com/customize/62725feabbf6c339ae0dfd75/
12 KB
3 KB
Script
General
Full URL
https://addshoppers.s3.amazonaws.com/customize/62725feabbf6c339ae0dfd75/ba5cd1e2255e4f75a0ae1c1cd34f0620.js?_t=1710932643
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=f505aba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.161.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0f2a70caf9e4a17da7c2a145e34625f90d4031f5ed7b690657a514c5c89e26cd

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:45 GMT
Content-Encoding
gzip
x-amz-version-id
M2ZIchM.jKTOWMYpMmD_1lJ.BPSUIS5B
Last-Modified
Wed, 20 Mar 2024 11:04:04 GMT
Server
AmazonS3
x-amz-request-id
A9BNTVQPH1HK4CKR
ETag
"c7f138455b360f8e7e1c0070f44ec49d"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Length
2146
x-amz-id-2
iYbQWqFflufMQ19o65C4Eyy9uWauDHWZh+X9UMvGOz0k17O6Mvo2QhWy8v/7O7k+HBnzvEV5Z4g=
input.js
shopper.shop.pe/
26 KB
9 KB
Script
General
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
17.54.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 12:20:18 GMT
content-encoding
gzip
age
12866
x-guploader-uploadid
ACJd0NoPpkrNJsYQ2-sH38Ehu0mdt0X65HyIss-LMkWuTUin4RQ9TZ3w4V-3jU4d5xz4KIbhrxysFJNaXw
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8831
last-modified
Tue, 13 Feb 2024 16:47:53 GMT
server
UploadServer
etag
"d311745e83077b078fa566c77a15d9b5"
vary
Accept-Encoding
x-goog-generation
1707842873418606
x-goog-hash
crc32c=mi0bhQ==, md5=0xF0XoMHewePpWbHehXZtQ==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8831
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Sun, 21 Jul 2024 16:20:18 GMT
status
app.shop.pe/app/datapartners/
34 B
501 B
XHR
General
Full URL
https://app.shop.pe/app/datapartners/status?usersite_id=62725feabbf6c339ae0dfd75
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
consent
manage.safeopt.com/
0
835 B
XHR
General
Full URL
https://manage.safeopt.com/consent
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
true
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options
deny
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
user.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
682 KB
143 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/user.js?cb=638568480621320480
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1721577281839
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1f6c4a03d9c6eb0cd080b2e02f37b136c56d2d854d503960cd92a0d165246e

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:44 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
p2k1ym82aCPdW0R/C5THIw==
age
324146
cf-polished
origSize=697892
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 17 Jul 2024 21:20:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
fa91e077-a01e-002d-398f-d89bf0000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
8a6c5f0b3e1ea079-FRA
expires
Mon, 21 Jul 2025 15:54:44 GMT
iframe
nytrng.com/ Frame 7601
0
0
Document
General
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=97d1f55ad2394eea8c52f45f27b294b1
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=f505aba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.128.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a954c1fc80b8251dc.awsglobalaccelerator.com
Software
gunicorn /
Resource Hash

Request headers

Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-length
416
content-type
text/html; charset=utf-8
date
Sun, 21 Jul 2024 15:54:44 GMT
server
gunicorn
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/
4 KB
1 KB
Stylesheet
General
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=638568480241159934
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/user.js?cb=638568480621320480
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 21 Jul 2024 15:54:44 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
324145
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
1bb00692-c01e-005b-668f-d81f4c000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
8a6c5f0bbee4a079-FRA
expires
Wed, 21 Aug 2024 15:54:44 GMT
z
api.lightboxcdn.com/z9gd/44194/www.firstleaf.com/jsonp/
756 B
1 KB
Script
General
Full URL
https://api.lightboxcdn.com/z9gd/44194/www.firstleaf.com/jsonp/z?cb=1721577284442&dre=l&callback=jQuery112406059340415583796_1721577284421&_=1721577284422
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/user.js?cb=638568480621320480
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d34dc3743652ad083b148ff9b80b293269dac18d73be4291552d859b420a5e36

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
pageview
app.cybba.solutions/event/2856/
79 B
448 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/pageview?data=%7B%22userId%22%3A%226376550410228921%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%3A%2F%2Fwww.firstleaf.com%2F%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CHesse%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=23483493
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx, nginx /
Resource Hash
d2fa0eac774aea729f9a7ff7e371fecbd2d12f27b2b28cf60b97f13326c2ec45
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sun, 21 Jul 2024 15:54:44 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.0007560253143310547
Expires
Sun, 21 Jul 2024 15:54:43 GMT
triggered_email_attribution
app.shop.pe/app/ Frame
0
0
Preflight
General
Full URL
https://app.shop.pe/app/triggered_email_attribution
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 21 Jul 2024 15:54:44 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-frame-options
deny
triggered_email_attribution
app.shop.pe/app/
29 B
69 B
XHR
General
Full URL
https://app.shop.pe/app/triggered_email_attribution
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
1.244.227.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
85ad9c4586b439a1f2ce5516c218bed3c64110ac93bb7c916894240392503053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2
rs.fullstory.com/rec/bundle/
29 B
83 B
XHR
General
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=134SPF&UserId=297e51da-f0ee-4385-992f-bd86d42cf757&SessionId=e74d8d93-32e2-4104-b536-4d1835ce3dfe&PageId=c293c19f-7f18-4e45-bc0d-48fe68cb0e18&Seq=1&ClientTime=1721577284855&PageStart=1721577282087&PrevBundleTime=0&LastActivity=1912&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
91e78f772b65d2585ade6325a5d17e37e531b57505821966dac4508ac5596733

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.firstleaf.com
date
Sun, 21 Jul 2024 15:54:45 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
favicon-32x32.png
www.firstleaf.com/
1 KB
1 KB
Other
General
Full URL
https://www.firstleaf.com/favicon-32x32.png?v=7b7f9aa145c31aa0e609358ef9dd6eff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1b6421aea2826dd24de09eecdb38372dc0b2d3156f6218a1ced71e5678e148

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:45 GMT
via
1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1238
last-modified
Tue, 10 Jan 2023 16:53:12 GMT
server
cloudflare
etag
"8e44e6953a41676b481d160e68df4fd6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8a6c5f0f7cad9040-FRA
x-amz-cf-id
YVbRQdYxnWXSphGM45vZ2M2L-ZZVJYUVhcoAb8lLTNUPi_3Xb0C_gQ==
existing_users_dynamo
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com/initaldeploy/
5 B
352 B
XHR
General
Full URL
https://b0vbfk2zr6.execute-api.us-east-1.amazonaws.com/initaldeploy/existing_users_dynamo?user=0&shop=2856&version=1
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
50.19.227.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-227-63.compute-1.amazonaws.com
Software
/
Resource Hash
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:45 GMT
x-amzn-trace-id
Root=1-669d2f45-659c76d36c35235906cb5e57;Parent=1fd499f2e723f04a;Sampled=0;lineage=5a5d5642:0
x-amzn-requestid
8b0f0a64-3a62-4eb0-90ee-acd15365032f
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
bRRS4Hh-IAMEErQ=
content-length
5
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
page-data.json
www.firstleaf.com/page-data/accessibility/
0
465 B
Other
General
Full URL
https://www.firstleaf.com/page-data/accessibility/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:38 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"1913489caf9a777e4668be1101f9da98"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0b9040-FRA
x-amz-cf-id
1SpccxLAPuGry-XN55KEe2d16mmP7VxsZKmEg_BH2TYJS614Y5O5Qw==
page-data.json
www.firstleaf.com/page-data/membership-plans/
0
614 B
Other
General
Full URL
https://www.firstleaf.com/page-data/membership-plans/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"c4834ca754455399901b4ad5198458b3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0c9040-FRA
x-amz-cf-id
YzBEmd2o4_zOVH_Vu-rT1RZFjuu6mBhAblCiyWmEq_qOKhWrnz_Zjg==
page-data.json
www.firstleaf.com/page-data/wine-school/home/
0
494 B
Other
General
Full URL
https://www.firstleaf.com/page-data/wine-school/home/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:29:35 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"53391a6b2ff086379f4759824dba94ab"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0d9040-FRA
x-amz-cf-id
ouFAKQKwFGO0gu3n9kK13je6vFZ00OHiehNf542sbbv9Wra7O4eQhA==
page-data.json
www.firstleaf.com/page-data/gifts/
0
679 B
Other
General
Full URL
https://www.firstleaf.com/page-data/gifts/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-c1b26f80c8b1379ad2e2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"ce9fd73297600253c85308c347be4002"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0e9040-FRA
x-amz-cf-id
gTdiA26HwH6h3UnIpgKlbG7SiN4AJ-xPW8R0ZCwmt8XRiZPzYk9Bmw==
page-data.json
www.firstleaf.com/page-data/membership-plans/
500 B
0
XHR
General
Full URL
https://www.firstleaf.com/page-data/membership-plans/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cb3005a85511b827d2a7d05daebd0c50a5d3a2a0d1b61ca59e54598016710f

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"c4834ca754455399901b4ad5198458b3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0c9040-FRA
x-amz-cf-id
YzBEmd2o4_zOVH_Vu-rT1RZFjuu6mBhAblCiyWmEq_qOKhWrnz_Zjg==
page-data.json
www.firstleaf.com/page-data/wine-school/home/
494 B
0
XHR
General
Full URL
https://www.firstleaf.com/page-data/wine-school/home/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5a4f7f4657f287ebe64ca337afa886c87aab2ba44547c21b148b69cc9617f45

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:29:35 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"53391a6b2ff086379f4759824dba94ab"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0d9040-FRA
x-amz-cf-id
ouFAKQKwFGO0gu3n9kK13je6vFZ00OHiehNf542sbbv9Wra7O4eQhA==
page-data.json
www.firstleaf.com/page-data/gifts/
1 KB
0
XHR
General
Full URL
https://www.firstleaf.com/page-data/gifts/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d54de8830b6c7b4cc3cbc089186cad13c7b91b1cf713684181d48d9304ec6a

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"ce9fd73297600253c85308c347be4002"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0e9040-FRA
x-amz-cf-id
gTdiA26HwH6h3UnIpgKlbG7SiN4AJ-xPW8R0ZCwmt8XRiZPzYk9Bmw==
ingest
pixels.spotify.com/v1/
52 B
100 B
Fetch
General
Full URL
https://pixels.spotify.com/v1/ingest
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:1:7c5:: , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
envoy /
Resource Hash
70466ab4ea33c0e8b4ef42de95eb6a04f2f3c413695c2c49e4bd55d8e76d42f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
gzip
grpc-status
0
server
envoy
via
HTTP/2 edgeproxy, 1.1 google
grpc-encoding
identity
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.firstleaf.com
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grpc-accept-encoding
gzip,x-snappy-framed
page-data.json
www.firstleaf.com/page-data/accessibility/
488 B
0
XHR
General
Full URL
https://www.firstleaf.com/page-data/accessibility/page-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7ca79df32bcaca55c2aa4e7fd9f5836507b658f43645febc482046ead14db09

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sun, 21 Jul 2024 15:54:46 GMT
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:38 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"1913489caf9a777e4668be1101f9da98"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
8a6c5f14eb0b9040-FRA
x-amz-cf-id
1SpccxLAPuGry-XN55KEe2d16mmP7VxsZKmEg_BH2TYJS614Y5O5Qw==
v2
rs.fullstory.com/rec/bundle/
29 B
43 B
XHR
General
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=134SPF&UserId=297e51da-f0ee-4385-992f-bd86d42cf757&SessionId=e74d8d93-32e2-4104-b536-4d1835ce3dfe&PageId=c293c19f-7f18-4e45-bc0d-48fe68cb0e18&Seq=2&ClientTime=1721577287297&PageStart=1721577282087&PrevBundleTime=1721577284922&LastActivity=4407&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e6a18df425f8428c4d6b7109a463773cfcc8e5d456b2fa904ee1fd707d40ab2

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.firstleaf.com
date
Sun, 21 Jul 2024 15:54:47 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVNWv71863389za2...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVN...
42 B
66 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVNWv71863389za200&auid=1282219553.1721577288
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:47 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13t3t3l2l5&tag_exp=0&rnd=736942154.1721577288&url=https%3A%2F%2Fwww.firstleaf.com%2F&dma_cps=syphamo&dma=1&npa=1&gtm=45He47h0n71TKCVNWv71863389za200&auid=1282219553.1721577288
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
256 B
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3TS4P88RE5&gtm=45je47h0v887522027z871863389za200zb71863389&_p=1721577281005&_gaz=1&gcs=G111&gcd=13t3tPl2l5&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=779642260.1721577288&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721577281&sct=1&seg=0&dl=https%3A%2F%2Fwww.firstleaf.com%2F&dt=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=7573&_z=fetch
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
256 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3TS4P88RE5&cid=779642260.1721577288&gtm=45je47h0v887522027z871863389za200zb71863389&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
210 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1754255065&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.firstleaf.com%2F&ul=de-de&de=UTF-8&dt=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=july-2024-price-elasticity&ea=july-price-get2Free&el=%2F&_u=aBDAAEABEAAAACAAI~&jid=1641486110&gjid=300305969&cid=779642260.1721577288&tid=UA-68049103-4&_gid=33839987.1721577288&_r=1&_slc=1&gtm=45He47h0n71TKCVNWv71863389za200&gcs=G111&gcd=13t3t3l2l5&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=394391079
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3TS4P88RE5&cid=779642260.1721577288&gtm=45je47h0v887522027z871863389za200zb71863389&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13t3tPl2l5&npa=1&frm=0&z=56749837
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 15:54:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1754255065&t=pageview&_s=1&dl=https%3A%2F%2Fwww.firstleaf.com%2F&dp=%2F&ul=de-de&de=UTF-8&dt=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDACEABFAAAACAAI~&jid=&gjid=&cid=779642260.1721577288&tid=UA-68049103-4&_gid=33839987.1721577288&gtm=45He47h0n71TKCVNWv71863389za200&cd1=july-price-get2Free%7Cvariant-member-pricing&cd2=july-2024-price-elasticity%7Cmember-pricing-130323&gcs=G111&gcd=13t3t3l2l5&dma_cps=syphamo&dma=1&tag_exp=0&npa=1&z=2063929969
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 21 Jul 2024 12:05:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
13780
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
page-data.json
www.firstleaf.com/page-data/store/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=293B723C58454445AA1DB7E297C13247
Domain
www.firstleaf.com
URL
https://www.firstleaf.com/page-data/store/page-data.json

Verdicts & Comments Add Verdict or Comment

351 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| gtag object| dataLayer function| OptanonWrapper object| GlobalSnowplowNamespace function| snowplow string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| RB object| f string| cookieName number| cookieValue number| expirationTime string| date number| dateTimeNow function| fbq function| _fbq function| pdst string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| AddShoppersWidgetOptions object| otStubData object| cj object| webpackChunkfirstleaf function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| __cfBeacon function| spdt function| UET function| UET_init function| UET_push object| ueto_baf01bc82b object| uetq function| onYouTubeIframeAPIReady string| _fs_loaded function| _fs_shutdown object| sifi_att_42656 object| zEWebpackACJsonp function| zE function| zEmbed object| CJApi object| cjApi object| Optanon object| OneTrust number| 2f1acc6c3a606b082e5eef5e54414ffb object| DD_RUM object| regeneratorRuntime object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers function| ju_init boolean| zEACLoaded function| setCookieCYB string| shopUrlCYB function| createCybbaPixel function| createCybbaScript function| loadTTDCybba function| waitForConfirmCYB object| _vteq object| __SENTRY__ object| Sentry object| webpackChunkStripeJSouter function| noop function| Stripe function| AddShoppersTriggerRunner function| ttd_dom_ready object| ttd_up_api function| TTDUniversalPixelApi object| ttdPixel function| incrementalityCYB function| readyOnsiteContent function| correctXCYB function| pingAff function| framePing function| dropCSSCYB function| closeOnsiteCYB function| closePromoBarCYB function| fireCampaignCYB function| fireOnConfirmCYB function| setOverlayZIndex function| mobileFixesCYB function| trackDisplayCYB function| cybCTANextSiblings function| cybClickCheck function| runAsyncTasksCYB function| forceCSSCYB function| determineOverlayClick function| copyPromoCYB function| firePromoBarCYB function| closeAppropriateCYB function| removeTrackingCYB function| trackEventCYB function| sendEventCYB function| displayOSTabCYB function| grabOSTabCYB function| geoDataCYB function| isEUCYB function| triggerDelayCYB function| processUrlsCYB function| initCYB function| gseCYB function| checkShouldMakeRequestCYB function| initAfterPromoBars function| checkNeedsClickCYB function| isURLCYB function| addCustomCSSCYB function| handlePromobarInitCYB function| determineOnloadCYB function| determinePersistenceCYB function| checkPBarCanFire function| inactivityPbar function| displayTriggersCYB function| getCookieCYB function| deleteCookieCYB function| createABSplitCYB function| simpleABCYB function| allowOnCloseCYB function| fireCybId function| onCloseHelperCYB function| xThresholdCYB function| isMousedOutCYB function| trigDataCYB function| resetZIndexCYB function| createScript function| mobileOnExitCYB function| listenersCYB function| inactivityTimerCYB function| oeSeenCYB function| pbarSeenCYB function| onOnsiteShownCYB function| attachPromoEventsCYB function| getCampaignIdsCYB function| attachProdEventsCYB function| addClickHandlerCYB function| makeRequestCYB function| setSessionMgmtCYB function| formFireNotOkay function| formFireOkay function| displayLogDataCYB function| getDollarValueCYB function| urlParamCYB function| hasBasketValueCYB function| isInListCYB function| nestedVarDefined function| isMobileCYB function| deviceTypeCYB function| travelClickCYB function| synxisCYB function| beSynxisInfoCYB function| rezTripCYB function| windSurfCYB function| dynamicPFCYB function| returnImageSrc function| storeProdHistoryCYB function| promobarCountDownCYB function| sizePromoBarCYB function| addClassPBarCYB function| addClassPBarCYBCheck function| sizePromoBarCYBCheck function| stickyNavScrollCYB function| deviceInfoCYB function| injectCYBScript function| confirmObjExistsCYB function| getSessionObjCYB function| getLocalObjCYB function| returnLoadedCampaignsCYB function| returnCustomJSCYB function| validateEmailCYB function| triggerOnsiteCYB function| pageViewCYB function| cybConversion function| cybPFData function| validSelectorExistsCYB function| grabSelectorValueCYB function| validateCartItemsCYB function| varExistsCYB function| vtsdkEmailStatusCYB function| scanForOrderData function| formatOrderValueCYB function| sendEmailEventCYB function| listenForEmails function| loginEmailEvent function| onepageConversion function| checkDomainsCYB function| getCybbaAuth function| processSMSCYB function| cybbaUSRequest function| trackSMSClicks function| waitForCybDataCYB function| doInitCYB function| parseResponseCYB function| cybAnonID function| cybZandrUID object| cybCDN function| cookieDeleteCYB function| removeCookieCYB function| cookieRemoveCYB function| cybCookieDelete function| cybCookieRemove function| cybDeleteCookie function| cybRemoveCookie function| cybGetCookie function| cookieGetCYB function| cybCookieGet function| cookieSetCYB function| cybCookieSet function| cybSetCookie object| vtstore function| checkInit object| vtlodash object| _vtsdk boolean| sessChanged string| el object| _vtshop function| as_cleanse_field function| as_detect_cc function| as_gaPageView function| as_gaSocial function| as_gaEvent function| as_gaSet function| as_logMessage function| DataPartnerStatusGeo function| as_logError function| as_resolveEnvironmentURL function| asConsoleLog function| asShopifyCPTag function| asShopifyCPCartUpdate function| asShopifyParseImageSrc function| asShopifyCPProductBrowsed function| asShopifyCMPushCart function| asShopifyCPConversion function| asShopifyCPCartAddItem object| _mag object| AddShoppersWidget function| AddShoppersWidget_plus_one object| SchemaParser object| _add number| ieVer object| obj number| AddShoppersWidgetLoaded object| AddShoppersWidgetLang object| __sentry_instrumentation_handlers__ object| DIGIOH_LOADER boolean| SENT_LIGHTBOX_PV string| pageTests string| pageVariant string| GoogleAnalyticsObject function| ga function| onTurnstileLoad object| gaplugins object| turnstile boolean| ssCYB object| result object| cybData function| configSettingsCYB function| onloadFunctionsCYB function| cybbaFilters function| promobarFilters object| DIGIOH_API object| DIGIOH_VARS object| DIGIOH_CUSTOM_JS_GLOBAL object| DIGIOH_CUSTOM_JS_SUPER object| DIGIOH_CUSTOM_JS string| DIGIOH_VENDOR_GUID string| DIGIOH_VENDOR_SHORT_ID string| DIGIOH_KEEN_WRITE_KEY string| DIGIOH_CDN_DOMAIN string| DIGIOH_CLIENT_IP string| DIGIOH_CACHE_VERSION string| DIGIOH_STORAGE_TYPE string| DIGIOH_EMBED_TYPE object| DIGIOH_LIGHTBOX_CONDITIONS object| DIGIOH_LIGHTBOX_RULESETS object| DIGIOH_LIGHTBOX_EFFECTS object| DIGIOH_LIGHTBOX_NAMES object| DIGIOH_LIGHTBOX_IDS object| DIGIOH_VARIATION_TO_BOX_MAP object| DIGIOH_PUBLISHED_VARIATIONS_ARR object| DIGIOH_DATA_STORAGE_TYPE_BY_BOX_OBJ object| DIGIOH_PRIMARY_VARIATIONS_ARR object| DIGIOH_EFFECTS_IMAGE_CACHE_ARR object| DIGIOH_SETTINGS_IMAGE_CACHE_ARR object| DIGIOH_LIGHTBOX_MASTER_RULES object| DIGIOH_LIGHTBOX_TEASER_PRELOAD_ARR object| DIGIOH_LIGHTBOX_TEASER_FOLLOW_ME_ARR object| DIGIOH_LIGHTBOX_INLINE_ALWAYS_ARR object| DIGIOH_LIGHTBOX_INLINE_CONDITIONS_ARR object| DIGIOH_LIGHTBOX_PRELOAD_ARR object| DIGIOH_LIGHTBOX_MOBILE_DEVICE_ARR object| DIGIOH_LIGHTBOX_DESKTOP_DEVICE_ARR object| DIGIOH_LIGHTBOX_UNCATEGORIZED_DEVICE_ARR object| DIGIOH_DYNAMIC_BOXES object| DIGIOH_SPLIT_TESTS_ARR boolean| DIGIOH_USE_PRQ string| DIGIOH_BLIP_LZ object| COUPON_GROUP_POPULATE_OBJ boolean| USE_LZ object| ACCOUNT_METADATA object| DIGIOH_LIGHTBOX_ANALYTICS function| getDigiohLightboxAnalytics function| createDigiohLogModule function| createUtilModule function| createDigiohUtilModule object| LZString function| JQUERY_DIGIOH object| JquerySelectorGeneratorPrevBorder function| runJquerySelectorGenerator object| DIGIOH_STORAGE object| DIGIOH_LOCAL_STORAGE object| DIGIOH_CROSS_DOMAIN object| DIGIOH_COOKIE object| DIGIOH_IS_ANALYTICS_IDENTIFY_DONE object| DeviceAtlas function| createDigiohAnalyticsModule object| CJSAPPS_ARR object| CJSAPPS_PARENT function| Keen object| LIGHTBOX_API function| asIsProductPage function| asCartRows function| asCartItems function| asCart number| initCheck object| jQuery112406059340415583796 function| vtCompleteOrder object| gaGlobal object| gaData

59 Cookies

Domain/Path Name / Value
.fbapi.firstleaf.com/events/28fc69a6b106b8bbf4255e58732b4429691c375c33dd91683c594606975a1e52 Name: cee
Value: jCSkD3CsnEvNBDNSKaDhiKCxyL3oeL8hOT3QkeOQUqo%3D.%7B%7D
.firstleaf.com/ Name: FL_Referrer
Value: 2
.firstleaf.com/ Name: _sp_ses.bd58
Value: *
www.firstleaf.com/ Name: __pdst
Value: 382be991e12743fe804217402415bcf4
.simpli.fi/ Name: suid
Value: 293B723C58454445AA1DB7E297C13247
.trkn.us/ Name: barometric[cuid]
Value: cuid_669d2f41-7493-4110-a238-9d01205ffa6e
.firstleaf.com/ Name: cjConsent
Value: MHxZfDB8Tnww
.firstleaf.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Sun+Jul+21+2024+17%3A54%3A41+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.firstleaf.com%2F&groups=C0003%3A0%2CC0004%3A0%2CC0002%3A0%2CC0001%3A1
.www.firstleaf.com/ Name: _vt_shop
Value: 2856
.firstleaf.com/ Name: _fbp
Value: fb.1.1721577282064.379618513631216521
.lightboxcdn.com/ Name: _cfuvid
Value: faE6j70qZz8aIzF5mlmG3saWnGvs9nD.AxaYJJ9wpPI-1721577282063-0.0.1.1-604800000
.firstleaf.com/ Name: fs_lua
Value: 1.1721577282085
.firstleaf.com/ Name: fs_uid
Value: #134SPF#297e51da-f0ee-4385-992f-bd86d42cf757:e74d8d93-32e2-4104-b536-4d1835ce3dfe:1721577282085::1#/1753113283
.firstleaf.club/ Name: rbuid
Value: rbos-bc3ae709-394e-4b2c-bbbb-eaa682af773a
.firstleaf.com/ Name: rbuid
Value: rbos-bc3ae709-394e-4b2c-bbbb-eaa682af773a
.www.firstleaf.com/ Name: _vt_user
Value: 6376550410228921_1_false_false
www.firstleaf.com/ Name: july-2024-price-elasticity
Value: july-price-get2Free
.firstleaf.com/ Name: _sp_id.bd58
Value: 4bdc6abf-dd31-4573-bd96-be2031db3cfa.1721577281.1.1721577283.1721577281.684ff34c-a308-4e65-957a-98cf0aa4ec42
.firstleaf.com/ Name: _uetsid
Value: 8b7fafb0477911ef888eb7ddace31277
.firstleaf.com/ Name: _uetvid
Value: 8b7fb810477911efa64331a92a2e3d32
.bing.com/ Name: MUID
Value: 3275E30652D569030BE3F7C553D568C8
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
www.firstleaf.com/ Name: storeOrder
Value: %7B%22token%22%3A%22QGSRORfq7W9O2xYbT334Iw%22%2C%22number%22%3A%22R288528513%22%7D
.firstleaf.com/ Name: CYB_ID
Value: 6376550410228921
.firstleaf.com/ Name: sp
Value: 75427bd4-7e62-4158-b364-bd3b033caab8
www.firstleaf.com/ Name: shipToState
Value: %7B%7D
.simpli.fi/ Name: uid_syncd_secure
Value: true
.adnxs.com/ Name: XANDR_PANID
Value: YDA4hCS9yVBgKI0dVkpF2Ef_oNiEmBWXYCq6aWtUxh43xIuJAgxCxl9oLSk6LlTk2WV05JrKdMWHszvfII1wZWAqbFaTaacAhb8AzATEvq4.
.adnxs.com/ Name: uuid2
Value: 2709897786760006916
.tapad.com/ Name: TapAd_TS
Value: 1721577284058
.tapad.com/ Name: TapAd_DID
Value: 73fdd19b-80ee-493a-bda9-c0f5c2d709ea
shop.pe/ Name: addshoppers
Value: "2|1:0|10:1721577284|11:addshoppers|44:OTdkMWY1NWFkMjM5NGVlYThjNTJmNDVmMjdiMjk0YjE=|a972f2ef13976e865eaf6a7d9b42adcc452a4438ee203be30a404c473cf60951"
www.firstleaf.com/ Name: addshoppers.com
Value: 2%7C1%3A0%7C10%3A1721577284%7C15%3Aaddshoppers.com%7C44%3AOTdkMWY1NWFkMjM5NGVlYThjNTJmNDVmMjdiMjk0YjE%3D%7Cfb8c040bd95aeea7164c540c74a9809e15cff0059524503c52556c764db859ba
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2Hb7u_8%m!@wnfH8KW.dG5<#Z0rmNqxy!IqylIJDZXDbDi@2opn01DG4Q(LGmV[vDT5[amRtl4(j#iP(Md+>)fy*J?abI<
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.agkn.com/ Name: ab
Value: 0001%3A6WZh0SAQJ1Hzdv1gf2fH4laY9bZawOn1
.pro-market.net/ Name: anProfile
Value: "jwq7uijm6inc+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203A001012B1A7A96A06DF+s2=(sgzdj8)+vm=24-293B723C58454445AA1DB7E297C13247"
.pro-market.net/ Name: anHistory
Value: "jwq7uijm6inc+2+!#6wM$<#I%V"
.exelator.com/ Name: EE
Value: "dafed62c13c5519d5e9177addb8dbd09"
.agkn.com/ Name: u
Value: C|0AAAAAAAALi_rxAAAAAAA
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSElMS01xcwo2dA42dTU0DLFNNXS0Nw8MSUlySIlKcXAcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIbEl%252BUWb6IhfXxUUpaQyLSopPBZ%252FIZgAA5tMqjw%253D%253D"
.bfmio.com/ Name: __141_cid
Value: 293B723C58454445AA1DB7E297C13247
.bfmio.com/ Name: __io_cid
Value: a643d38f9d7542035fe11a5f6dddbdcf6aab151a
.bluekai.com/ Name: bku
Value: blx99WxF7VRE7Kz+
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE/816/l1MBeBEQ6BEx6BePOxEaWxM5a1MAlxpWp1Mxl9y9AKQ+Z
m.stripe.com/ Name: m
Value: 3ad71c9e-9c10-406e-a2b2-c8cda402d93cff2592
.www.firstleaf.com/ Name: __stripe_mid
Value: 953a49a5-3f7e-47e8-b5b0-261225f399e7910526
.www.firstleaf.com/ Name: __stripe_sid
Value: a00bc72c-8c90-4d1d-a311-a7c89b66c6c78ec49e
.api.lightboxcdn.com/ Name: TiPMix
Value: 98.02695250090736
.api.lightboxcdn.com/ Name: x-ms-routing-name
Value: self
.firstleaf.com/ Name: cybFalseID
Value: 1
.firstleaf.com/ Name: CYB_AB
Value: 1
.firstleaf.com/ Name: cybSessionID
Value: 1
.firstleaf.com/ Name: _gcl_au
Value: 1.1.1282219553.1721577288
.firstleaf.com/ Name: _ga
Value: GA1.2.779642260.1721577288
.firstleaf.com/ Name: _gid
Value: GA1.2.33839987.1721577288
.firstleaf.com/ Name: _gat_UA-68049103-4
Value: 1
.firstleaf.com/ Name: _ga_3TS4P88RE5
Value: GS1.1.1721577281.1.0.1721577282.59.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmGlVT0OAE91tHJaMN3-jaNwMzAUcgJ7h7j2KZRan_iBOE19zeiP4VD_bOx

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=293B723C58454445AA1DB7E297C13247
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=293B723C58454445AA1DB7E297C13247
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
addshoppers.s3.amazonaws.com
api.firstleaf.com
api.lightboxcdn.com
app.cybba.solutions
app.shop.pe
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com
bat.bing.com
bcp.crwdcntrl.net
cdn.cookielaw.org
cdn.pdst.fm
ce.lijit.com
challenges.cloudflare.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
ct.firstleaf.com
d.agkn.com
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
eb2.3lift.com
edge.fullstory.com
ekr.zdassets.com
fbapi.firstleaf.com
fei.pro-market.net
files1.cybba.solutions
firstleaf.com
geolocation.onetrust.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
images.firstleaf.com
insight.adsrvr.org
js.adsrvr.org
js.stripe.com
loadm.exelator.com
manage.safeopt.com
nytrng.com
penrosehill.zendesk.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.spotify.com
pro.ip-api.com
rbv9j7km.firstleaf.club
rbv9j7km.firstleaf.com
region1.analytics.google.com
rs.fullstory.com
s.ad.smaato.net
sentry.io
shop.pe
shopper.shop.pe
simplifi.partners.tremorhub.com
stags.bluekai.com
static.cloudflareinsights.com
static.zdassets.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.smartadserver.com
tag.simpli.fi
trkn.us
um.simpli.fi
us-u.openx.net
www.facebook.com
www.firstleaf.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.lightboxcdn.com
www.mczbf.com
www.rtb123.com
sync.intentiq.com
www.firstleaf.com
104.16.53.111
104.18.70.113
104.18.72.113
138.197.61.175
142.250.181.226
142.250.186.34
142.93.125.44
18.172.103.101
18.172.112.15
18.172.112.18
185.89.210.90
198.199.75.202
2.17.147.120
20.40.202.0
2001:4860:4802:34::36
23.192.153.172
23.51.111.136
2400:52e0:1e00::1079:1
2600:1901:0:8eee::
2600:1901:1:7c5::
2600:1f16:ebf:1f00:adcd:17be:cd8c:3724
2600:1f18:612b:4232:5012:c2ca:70d1:c09
2600:9000:20eb:5400:16:4ed5:12c0:93a1
2600:9000:2240:5a00:d:87ae:bb80:21
2600:9000:2359:5e00:d:370a:51c0:93a1
2600:9000:273e:400:1b:5138:8a40:93a1
2606:4700:10::6816:2cf6
2606:4700:10::6816:2df6
2606:4700:10::ac43:8e4
2606:4700:4400::ac40:9b77
2606:4700::6810:5049
2606:4700::6812:5e29
2606:4700::6813:b134
2606:4700::6813:d383
2620:1ec:c11::237
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:827::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c02::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.127.2.55
3.68.179.29
34.111.113.62
34.243.185.61
34.254.143.3
35.186.194.58
35.186.247.156
35.190.54.17
35.201.112.186
35.204.74.118
35.204.89.238
35.227.244.1
35.244.142.80
35.244.159.8
35.244.174.68
46.228.174.117
50.19.227.63
51.77.64.70
52.217.161.89
52.223.40.198
52.6.254.10
54.217.140.248
67.225.220.126
69.173.144.138
76.223.111.18
89.149.193.89
99.83.128.14
0106f314b23ace616393c7a2bec49cdd576ddd2dfc713dd8f16bb24e7c00f1e8
029e1b4e0db9a5575181873430c7f89bcc95787355fd823ccb1e6a5787c94da4
02d0cddb81ecbfffffc3b2eba469a45372e7cc0244222faa422b502b3046a509
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0589e33227a9a5575e0bc6485cf65f706bb2f53c77b847aa36960cf50064e730
08a09205a2d98713a2ee3b5d98515b0dd56c1c514379caded81a50bb2b3c400e
08a70bbce72580774f43a559d6e8f338acb64136e2c102ad2e0b5b1c1766ce16
0957d3f57a55721932bb9108206408cf1ab73cb07b68c906b0bae5b33d6c86da
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0f2a70caf9e4a17da7c2a145e34625f90d4031f5ed7b690657a514c5c89e26cd
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc
1045430f393626478daa15a99c433956371eb7363b26a5239f721f014ba52fa0
109d22db57f69395fabf73c25c2f9a432968fae0222a1099f471802e03c732e3
10a9fb33e08a93b89c3365895199b512887263e05716811dfedac593db29a3f4
12a71a8d2d1307f74607a807ceb66a66f427a11d65538021190b620efcb0bb3e
136aadbe4eea0b2a6b68a3ec2cd24be6002dc085376ae638768db1d2834c653b
1415968c3140de6e284d1cfb23dea33007c6a6d330266e79285435391c5eb6ea
14cb3005a85511b827d2a7d05daebd0c50a5d3a2a0d1b61ca59e54598016710f
15214068da53e58e0c2cb0389d12311b478c679256a033f4353260ef59991c4a
1659eb87293cd28a8f92ff217674be95e4485ca50eb7195b00a3c6e65236e263
17baaf0620679e688805c54583243a34e8491165c5f1029c16977bae6a5f76c0
18aeba875cb986ff0c9bad79ba5b2b36158f50923f6f4c4284e61e1f2b84536c
1963d23c542c020e2ae2dfa65fab78ea749c3c7648d08b2a853cfc46ff6533ba
19bdfcbcd23b5134cd377c78bbf03971926795fa6398c62599782d4d6e381620
1b042c650b6af4874dfcad48aa7fd53dc9b32a444a96fba1f7161a02607907a8
1c56822b00e400b600ab3ff2bf993011a97315a3ef02eeb7a7a2bb936772ae43
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
205c86a65825a5cae580606dc8db260aba5150e8e664ce82429210373dc55500
210928d2a9a479e92e8a73df95adc1d71c89246289c5e344274c2f7c5291ce62
21eb07dfa4fbf58620c4c6d09513a4bca648484ad69ab56d0593350f8e48f38d
236bc97a188e4940fec1bd29c0f58b4e1bcbacd475911604e5f0016c1a39f12e
23d5bcb16afb378a9d615cbbe18ce2b39bd32b9ef977102487722c6d118e0f39
248545e3f805a6f3ff979c55e0e3951a2fa6f1018529b99f291e93c7a803ee1d
258d39625e15cbce053f80b72dc2f7ca999fc5a6943fb10e75e3cb2126be996e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26016290e850521c9a3ef79306794f47fad48d36b2db9477e68628ba45f6032c
265ee206b3bbec34580c9ccd3d5c99b07aab46a6979b8b6c6d8ad7795ec8d29c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28da1f0f9ade1d419632994c15025dca795a9a8280d5ff274971379dbdc29bda
29096421d65f89dbc13eae16c384c9740d9501763d3e205b640ec6c8ec9ddead
292105f3e2b9986f0cd0ccdbd5e7b6c77ac28631b7177931cc503b6a131a9496
2a997be9fa358fff23fc9e5122297e4a9aafcc69578e829f7f7f0726bb2bc6c6
2bb06507e0829652c2bee92ab692f31de2ec231927c1ec9c297e5dce3c010253
2c472f5fc6038aa27db8aa76648236f916446c78b691d4211ef95a546411ca8b
2eaad8b2aaf227eecb45b0c8e185b3ca0d373d3a6dc89666cab0c0421972db18
2f3fcf5221eab4ec22a205ce0368fc823df1f7331a19358975166ae170978973
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fef107653c701e27e261629b2811d42812092e1a84dd37cf78505f2fc8b9263
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31d54de8830b6c7b4cc3cbc089186cad13c7b91b1cf713684181d48d9304ec6a
3235f2fbf9e2142357ed4a2a96e684976b5c0928dfe3419edde88e9b030678f9
34d47e495f9f683e26f67a8757fdd6053f8a9bc1d95d1ffe1c69358567105a44
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
388ce67a54eccd1ddb8909e34d7acf178e312ffdc96c6b03d055af0ad47c2c30
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40e270a7cce0cfe191d00485edb059decf5f04a7c304b0c4d1ed5dacaba14a5e
42e2dd427dd9f9d45367c880c68289114b7de56373ff8bdc664ea0fa3ce77880
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448d4d591156a0c14d4990f575daea57d7ca5ae8bb4021fc38d66445578e77b3
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
49dd4bc902b1121ea8d72d8349cd2125c6e68b3ec54fe7ca4e97307b65c90527
49e44366a56a91fd7870e6427b68d01a63cf56679eb0d5406542b6244bb379fb
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6a18df425f8428c4d6b7109a463773cfcc8e5d456b2fa904ee1fd707d40ab2
4eb1ca83acf3409e1a0553e0d84cec3787630361ec5668dd1dde93860f3bc357
4f2b62aa3a66cbbd89ab53e77076d8f31b286450fc67a7665538270d57d93799
5079c2044ec67bf73a5e412ccd6a94937df21a933b67aa05537651d828b08688
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
584b0c5a70dd36b502b998fd6dd74bbc19e4f956241f9bdc220906e9f52cc672
5850b054cbadbf0721bfb0b70372b9678092bf4f9ad10f3ca0c0a34ddfa96147
5a0839a70494ec741f3d86d0a3c586be820886d3e5407016453a31ee304d0266
5b1043a0dd1a57bddb307b2bac12686151292cf08f095b86d5702a531f9413af
5b5bb6b017ac0ac368ddddd713df7f918eeb1d86fbe3ef7895f040f170b15699
5bd4ed71008e5c241321562a82cb6d535d7db6b7fbd3783896a96ae48d5211f3
5d3238f57e3ae44a7d0b2ef513ff2e8cf9afaf6e442f5fa5a575c4f8efd0290e
5d5ac92cc9565d62cd713fe2d946793ffb805012b57f610830403afb67907030
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add
623c33b9ef9f3871f596b2f721d622b8c4a530b147cc6a9ec2e405f89fe68f7a
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864
65012dbad33bb892a9d4eebcebd61daeba685db0d4e49af74bbd1a26dbc7d61c
66bcde261ca688d479dcf14a4e8e256b227735c8ba473f26b08bb36665b011e4
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6aa2e6166c7e04afa18a7adecff919c61d92877b2285d2aef27127476e4b538a
6d4001e9c4b70065299a9aac670bef2ceab981cc6a57a5a30d6e34b2ec3a4b20
70466ab4ea33c0e8b4ef42de95eb6a04f2f3c413695c2c49e4bd55d8e76d42f2
74336c8a158717a962cd1c6794e823625131d1ab5b554b8cec80ff48f87374a9
74342d26027f9f21a160adb21dea7121e79456c5e7e05579177c6bea0553a7b3
752b0df67450b460c6070644d74502a5ee3bf5f7681cde08b88b9a565ea7d900
75abe68aefa57c71e32c2a41bc8d4e55918f581d76029cd09184f4a686e16885
76390c8f01397fe473dd1a9689e94caea2a001592c7b71bc85410c388078d304
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c
7dd78e291a52c0f56b572cac3e374c61ef924d7ddfffe94be1cf408fbf706b70
7e4a4d483e6cb4667bed478a5f53e7c24bda8c91025757357eca32835fd69d97
7fc84cd40ef02e70aa5996747df4659e7ea7da89f8d108eabac6e589cf34090c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84202b70bdd60a2d4d292c955cb907a98ff6c96939d043aa3aeb73cddb7ff14a
84d7a648ca04cccfc1f7353206a38dfb8e8d83917581b6e4aabbb32fdf96d7b4
85ad9c4586b439a1f2ce5516c218bed3c64110ac93bb7c916894240392503053
87ab28f982528ab1259f99a8c040c11ceb6161e038c8ca1dce09651718058d1d
87ec8ad9643bd5ba302938d2cbdfab36b0c7aab73dd74605c1409fd9c1a5e446
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a407c0f83e7696f22215e8cc9bebdb90f0348e9febb3e129e6246470bc4aa1b
8b333edfba237a23eccd269faed9f51d3430824ba342db01043166bf8a7d1f09
8c79e4569e88f2104a0181ddd9428c78b94ee022fc5694a1c4c8805b5fe98560
8cbc6dcd7a381454f1aa9968e8213c7f46620a43e4f38ac4d248aec2c422547a
8d171bc5152bfb08047c65650bff8f1828cc63f53d95bacd4ae24a3806607c27
8f6256a0d8d1ba684fc7c0742b70a65f81f80a2d06b55435777d7da92bcc370b
8feed3dafd920afc87598aeff0db3a51ab4f76db6fb4d03e0c8caf05ef5de854
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
907fba13a6c557c16aa2436a2ab26dfecf1d131e628a0e8cb4a042c5f47d9e57
91e78f772b65d2585ade6325a5d17e37e531b57505821966dac4508ac5596733
98b1cfc36a0f3d40f2e7750ec4c544c44148745f86a584b49f4a73eb615be70e
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9b62d8bb6ef0f7b2aaaffc6023c4c9f2de1a262a77cdbf55c0da18ff9a992a08
9c1b6421aea2826dd24de09eecdb38372dc0b2d3156f6218a1ced71e5678e148
9d119667c2e81e94f2b472e140074e3f61ad2e1344fc9a426c65a74f840cc803
9fd678871d5c502175e5233f33bb7c2cb09eda96eebfa139f527b72683f8b92b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a20ae8f3421682042d681bb7d09a6285bed4fc7bc03fedc91178576dd175490b
a5e3256799bc9eb6a1ad57001ad69b0946e4532d103092dd0557c02d84e6b4a7
a6f7f75ba1ead3c1ec7462a8b611d4134ea5e35a55548555ae8740e09e53eb25
a9079e41a84e532c7a5f6363737595134c170c9b48a0ded5a2a1519524f6bf7a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab8d77d043a96aef2a52d4426aa82cf9df591363c3f6407ce3cb42b0ccfc2214
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269
af1f6c4a03d9c6eb0cd080b2e02f37b136c56d2d854d503960cd92a0d165246e
b0984caa842a2742f3271f93672d42f9710b94712e52e03afe8cc48cd508f30c
b0cac1d717f7ebdef430e44e0c211f722a77f29207e553d69e69901276a7e224
b0ffd7c895462ca8be72e8a84a42febfdfb52701f2fbdb9fc2eacbe2cbb5fc6c
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b47bf7920b4bfd04ebdd28845a8bf2c6dc08522aef5ecb51b3c9c4bd64891461
ba174758f3512e1225fb25acd56d073b71f92d5cfc332f4ab54a4273765528da
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8f44264d68c7262a98c0ff3408e35c98df3173b17e4d4274554ba2050d7e4b
bef875cb4110e02d8f52c061cfbeb46a870e9733cc9c45a647105ec3fe8e53f5
c03f3488eeb6bcad6fa76499431ef68b5e0283c9eb8d71ed52851c14ff9f5d5c
c06672841feb201d51b955f1c8b63264ef181a9772f8132f69d0645b7f388195
c4d40b3150ea8494d850dc53c34d42806f60a5afeeddd14d64c667b4978f1921
c5a4f7f4657f287ebe64ca337afa886c87aab2ba44547c21b148b69cc9617f45
c9af7421e077845c74da7b6680dc98188286382796e4bda60fedfd4a20c15ca7
ca0a275e1e0433e052641bcddde7267fb654d46ed4b1631d36077e8b514298a9
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f
cb90630563e30e234ad66a39f4fe11f207a37232dd0b8de2e045299a41166a4b
cce753ae3b1e52fa4eaeff638550c3fea3040a4e4822adfc070918eb4f1e0b4e
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cedcf9e11f78c650a34bf15fbc9086e1a5dd16f90c23f6f0e3032754cce56e24
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7d99bfd85f20c422fac114ec71fa775883e8b430f1e20cdac1f5db187350a1
d1695e8439f52840d7e82c410f678cc495132eb538a09b3019a3036474d092d4
d1a06654ac6458de0dbc89a066f1478272ac72382321b8e1d7f159a4456a4dfc
d2fa0eac774aea729f9a7ff7e371fecbd2d12f27b2b28cf60b97f13326c2ec45
d34dc3743652ad083b148ff9b80b293269dac18d73be4291552d859b420a5e36
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4c521d5535bd16fa41564dc19a2043f492e87104fc8089b9fca8040813a0f80
d706b4e3d196efcd7c73bb6e45a2adf171af07bcb7408123f660e06ec40caee6
d7ca79df32bcaca55c2aa4e7fd9f5836507b658f43645febc482046ead14db09
d9e24b2a2c5ae741aba134a5764fe7267376ec85c5fa349acc18e4d21b600292
daefedd2e398c22660777ab5ef9484f17e983582e7e37acf86eedc070939b5b1
db72946d7e5de9f5eedf02409003a70621fb312a412b20ad7101dce429f4c660
dd7e3ece391682a33c28af9cd8a27168fe9da07dfb2ce47b62142b6815c904cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4915a52982babc1ba87778cb1c1d68184fee5fe5d8133daf63ee37916d6b4e
e0607b0f050aa66d6a5c0dd12433fe3d4628a913c9875d62da6291cc38bc90ad
e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a
e0c289faa80333eff728b8bdbbf10b11dec1a6e1938a444e1cc41be6744e96d2
e1cef3c9f2d582f913f12a16fe304c7d64bd80739793a9bf8d7d8978c311e294
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d2528638f10450879984c32781e33b55cc6254558930f26d4e4d0047b74660
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ebaf45603a9d70c8c35cd0c6997781cb50559698029586677fdfe4f47f3912ab
ee5805bff54a481969d8cf1293365d0f9dafe5704af66e89d7e5b40b1eccffa6
ee917ea47cdb075cc4ad5fca582dcb91d431980ca4dadf7cdc36f34f38d5cd7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7c3ec15e1e423c22bab123027bd62ff8d14d0905051478fd115c3fcf482d56
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b
f2b3af7627754fb77e81a93ea2f16b79b2031053d89874185cae2c56a483d08c
f3fa27efb7fa0336505319590fa396a9672fe9e3607dea0b2fa820329d52e763
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f4d1e641d47b4af1b6cb7936c59626f4dbab3933473009b447406034c34facb5
f83e9b440122162e26168f780eb567cbc84a351c4728c3cc8bd3679e8e362ff9
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
faa1c7e57a68afc812b9b2262cdaa48f2af299ce5aaced407b25798fa0542d08
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa
fe6fff22e3c106457a1e72c5532d591789fa9f4e4c4db669bb6b07e45c9a738d
fff28994d2b54d9ec720dfee461b74b75988d530316a673e5b3fc425ef482bd6