Submitted URL: https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-...
Effective URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=185077...
Submission: On March 19 via manual from US — Scanned from DE

Summary

This website contacted 51 IPs in 4 countries across 47 domains to perform 173 HTTP transactions. The main IP is 2606:4700:4400::ac40:95d5, located in United States and belongs to CLOUDFLARENET, US. The main domain is page.firstleaf.com.
TLS certificate: Issued by R3 on February 24th 2024. Valid for: 3 months.
This is the only time page.firstleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2620:1ec:bdf::45 8075 (MICROSOFT...)
1 1 13.107.238.51 8075 (MICROSOFT...)
2 21 2620:1ec:46::45 8075 (MICROSOFT...)
2 2620:1ec:bdf::67 8075 (MICROSOFT...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.112.45 16509 (AMAZON-02)
1 13.33.187.48 16509 (AMAZON-02)
1 18.66.97.122 16509 (AMAZON-02)
8 34.96.102.137 396982 (GOOGLE-CL...)
1 2606:2800:133... 15133 (EDGECAST)
1 1 104.18.70.113 13335 (CLOUDFLAR...)
11 104.18.72.113 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
5 23.20.188.125 14618 (AMAZON-AES)
4 20.50.88.241 8075 (MICROSOFT...)
3 104.16.53.111 13335 (CLOUDFLAR...)
3 3 89.207.16.75 41041 (VCLK-EU-SE)
1 4 2606:4700:440... 13335 (CLOUDFLAR...)
8 2606:4700:440... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.197.116.174 16625 (AKAMAI-AS)
31 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 34.36.17.181 396982 (GOOGLE-CL...)
5 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
4 137.184.29.86 ()
2 2a03:2880:f08... ()
2 23.198.214.73 ()
2 4 23.36.162.88 ()
1 2 35.158.172.152 ()
1 35.244.142.80 ()
1 2606:4700:10:... ()
3 35.201.112.186 ()
1 1 35.227.244.1 ()
3 2600:9000:20a... ()
1 67.225.220.126 ()
1 35.234.162.151 ()
3 2600:9000:20e... ()
1 2001:4860:480... ()
2 2a00:1450:400... ()
1 2a00:1450:400... ()
2 2001:4860:480... ()
1 137.184.29.70 ()
2 2606:4700::68... ()
1 2606:4700:10:... ()
1 35.186.194.58 ()
1 2400:52e0:1e0... ()
1 2600:9000:224... ()
1 18.172.103.101 ()
2 2a03:2880:f17... ()
1 51.77.64.70 ()
173 51
Apex Domain
Subdomains
Transfer
39 fastcdn.co
g.fastcdn.co — Cisco Umbrella Rank: 81607
v.fastcdn.co — Cisco Umbrella Rank: 56272
4 MB
23 perkspot.com
url1941.psmark.perkspot.com — Cisco Umbrella Rank: 445416
email.perkspot.com — Cisco Umbrella Rank: 850466
pslogin.perkspot.com — Cisco Umbrella Rank: 502694
ochsner.perkspot.com
767 KB
11 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 3546
ekr.zdassets.com — Cisco Umbrella Rank: 4262
650 KB
10 firstleaf.com
page.firstleaf.com
rbv9j7km.firstleaf.com
images.firstleaf.com
ct.firstleaf.com Failed
fbapi.firstleaf.com Failed
66 KB
8 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4491
77 KB
7 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1234
93 KB
6 trkn.us
aa.trkn.us
trkn.us
3 KB
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 643
14 KB
5 brilliantcollector.com
lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 40034
608 B
4 fullstory.com
edge.fullstory.com
rs.fullstory.com
144 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 437
18 KB
4 cloudfront.net
d1hdjv7b05hja2.cloudfront.net Failed
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
76 KB
4 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 953
540 B
4 zendesk.com
assets.zendesk.com — Cisco Umbrella Rank: 17496
perkspot.zendesk.com — Cisco Umbrella Rank: 297221
penrosehill.zendesk.com Failed
2 KB
3 mczbf.com
www.mczbf.com
15 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 facebook.com
www.facebook.com
306 B
2 lightboxcdn.com
www.lightboxcdn.com
2 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net
122 B
2 doubleclick.net
stats.g.doubleclick.net
395 B
2 w55c.net
tags.w55c.net
2 KB
2 facebook.net
connect.facebook.net
152 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
206 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 5220
499 B
2 azureedge.net
psprods3ep.azureedge.net — Cisco Umbrella Rank: 264488
17 KB
1 ip-api.com
pro.ip-api.com
459 B
1 adsrvr.org
js.adsrvr.org
4 KB
1 cybba.solutions
files1.cybba.solutions
app.cybba.solutions Failed
27 KB
1 firstleaf.club
rbv9j7km.firstleaf.club
409 B
1 google.de
www.google.de
408 B
1 google.com
region1.analytics.google.com
256 B
1 simpli.fi
tag.simpli.fi
2 KB
1 rtb123.com
www.rtb123.com
2 KB
1 shop.pe
shop.pe
270 B
1 pdst.fm
cdn.pdst.fm
6 KB
1 gstatic.com
fonts.gstatic.com
33 KB
1 instapagemetrics.com
cdn.instapagemetrics.com — Cisco Umbrella Rank: 83887
54 KB
1 instapage.com
heatmap-events-collector.instapage.com — Cisco Umbrella Rank: 81165
9 KB
1 typography.com
cloud.typography.com — Cisco Umbrella Rank: 12318
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
1 KB
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 22240
1 KB
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 23878
1 KB
1 kqzyfj.com
www.kqzyfj.com — Cisco Umbrella Rank: 105554
613 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 5206
47 KB
1 go2sdk.com
js.go2sdk.com — Cisco Umbrella Rank: 41380
4 KB
1 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 24146
24 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 5336
34 KB
173 47
Domain Requested by
31 v.fastcdn.co page.firstleaf.com
19 ochsner.perkspot.com ochsner.perkspot.com
9 static.zdassets.com ochsner.perkspot.com
assets.zendesk.com
static.zdassets.com
www.googletagmanager.com
8 g.fastcdn.co page.firstleaf.com
8 dev.visualwebsiteoptimizer.com ochsner.perkspot.com
dev.visualwebsiteoptimizer.com
7 unpkg.com ochsner.perkspot.com
5 bat.bing.com www.googletagmanager.com
bat.bing.com
page.firstleaf.com
5 lib-us-1.brilliantcollector.com cdn.rollbar.com
ochsner.perkspot.com
4 trkn.us 2 redirects page.firstleaf.com
4 rbv9j7km.firstleaf.com ochsner.perkspot.com
rbv9j7km.firstleaf.com
page.firstleaf.com
4 cdn.jsdelivr.net page.firstleaf.com
cdn.jsdelivr.net
4 page.firstleaf.com 1 redirects ochsner.perkspot.com
page.firstleaf.com
4 dc.services.visualstudio.com cdn.rollbar.com
3 www.mczbf.com ochsner.perkspot.com
page.firstleaf.com
3 d2mjzob2nc713b.cloudfront.net page.firstleaf.com
shop.pe
3 edge.fullstory.com ochsner.perkspot.com
edge.fullstory.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
page.firstleaf.com
3 perkspot.zendesk.com static.zdassets.com
2 www.facebook.com page.firstleaf.com
2 www.lightboxcdn.com ochsner.perkspot.com
page.firstleaf.com
2 us-central1-adaptive-growth.cloudfunctions.net ochsner.perkspot.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 tags.w55c.net 1 redirects page.firstleaf.com
2 aa.trkn.us ochsner.perkspot.com
2 connect.facebook.net ochsner.perkspot.com
connect.facebook.net
2 www.googletagmanager.com page.firstleaf.com
www.googletagmanager.com
2 ekr.zdassets.com assets.zendesk.com
ochsner.perkspot.com
2 api.sail-personalize.com cdn.rollbar.com
2 psprods3ep.azureedge.net ochsner.perkspot.com
2 pslogin.perkspot.com 2 redirects
1 pro.ip-api.com edge.fullstory.com
1 js.adsrvr.org www.rtb123.com
1 d2rp1k1dldbai6.cloudfront.net www.rtb123.com
1 files1.cybba.solutions www.rtb123.com
1 rs.fullstory.com edge.fullstory.com
1 rbv9j7km.firstleaf.club rbv9j7km.firstleaf.com
1 ct.firstleaf.com images.firstleaf.com
1 www.google.de page.firstleaf.com
1 region1.analytics.google.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 www.rtb123.com ochsner.perkspot.com
1 shop.pe 1 redirects
1 images.firstleaf.com ochsner.perkspot.com
1 cdn.pdst.fm ochsner.perkspot.com
1 fonts.gstatic.com fonts.googleapis.com
1 cdn.instapagemetrics.com page.firstleaf.com
1 heatmap-events-collector.instapage.com page.firstleaf.com
1 cloud.typography.com page.firstleaf.com
1 fonts.googleapis.com page.firstleaf.com
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.kqzyfj.com 1 redirects
1 assets.zendesk.com 1 redirects
1 az416426.vo.msecnd.net ochsner.perkspot.com
1 js.go2sdk.com ochsner.perkspot.com
1 cdn.rollbar.com ochsner.perkspot.com
1 ak.sail-horizon.com ochsner.perkspot.com
1 email.perkspot.com 1 redirects
1 url1941.psmark.perkspot.com 1 redirects
0 app.cybba.solutions Failed files1.cybba.solutions
0 fbapi.firstleaf.com Failed edge.fullstory.com
0 penrosehill.zendesk.com Failed static.zdassets.com
0 d1hdjv7b05hja2.cloudfront.net Failed page.firstleaf.com
173 63

This site contains links to these domains. Also see Links.

Domain
www.firstleaf.com
www.firstleaf.club
www.trustpilot.com
help.firstleaf.com
Subject Issuer Validity Valid
*.perkspot.com
Go Daddy Secure Certificate Authority - G2
2023-06-03 -
2024-07-04
a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 07
2024-02-25 -
2025-02-19
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-05-02 -
2024-05-01
a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M02
2023-12-04 -
2024-12-30
a year crt.sh
cdn.rollbar.com
Amazon RSA 2048 M02
2023-05-12 -
2024-06-09
a year crt.sh
js.go2sdk.com
Amazon RSA 2048 M01
2023-08-06 -
2024-09-02
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2023-07-06 -
2024-07-06
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-01-30 -
2025-01-30
a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01
2023-04-25 -
2024-05-23
a year crt.sh
*.brilliantcollector.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-05 -
2024-04-16
a year crt.sh
zdassets.com
E1
2024-03-03 -
2024-06-01
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 08
2024-01-31 -
2025-01-25
a year crt.sh
perkspot.zendesk.com
E1
2024-03-15 -
2024-06-13
3 months crt.sh
page.firstleaf.com
R3
2024-02-24 -
2024-05-24
3 months crt.sh
fastcdn.co
E1
2024-03-19 -
2024-06-17
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.typography.com
DigiCert TLS RSA SHA256 2020 CA1
2024-03-04 -
2025-03-07
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
cdn.instapagemetrics.com
GTS CA 1D4
2024-02-17 -
2024-05-17
3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-01-21 -
2024-06-27
5 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
*.getrockerbox.com
*.getrockerbox.com
2019-06-06 -
2049-05-29
30 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-12-28 -
2024-03-27
3 months crt.sh
cert1-prod.aut.a24365.net
R3
2024-03-19 -
2024-06-17
3 months crt.sh
cdn.pdst.fm
GTS CA 1D4
2024-03-19 -
2024-06-17
3 months crt.sh
firstleaf.com
GTS CA 1P5
2024-02-26 -
2024-05-26
3 months crt.sh
edge.fullstory.com
GTS CA 1D4
2024-03-07 -
2024-06-05
3 months crt.sh
rtb123.com
R3
2024-02-29 -
2024-05-29
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
www.mczbf.com
Amazon RSA 2048 M01
2023-05-21 -
2024-06-18
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
www.google.de
GTS CA 1C3
2024-02-26 -
2024-05-20
3 months crt.sh
misc.google.com
GTS CA 1C3
2024-02-19 -
2024-05-13
3 months crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
rs.fullstory.com
GTS CA 1D4
2024-03-05 -
2024-06-03
3 months crt.sh
files1.cybba.solutions
R3
2024-03-01 -
2024-05-30
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh

This page contains 6 frames:

Primary Page: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Frame ID: 428C10AB2D1390D58316DBF9D9D5E395
Requests: 151 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: FB2945F98A880F2B0385EEAED0FFE11A
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Frame ID: B78ADBAC30B23A0F351C2F5EF003E744
Requests: 7 HTTP requests in this frame

Frame: https://page.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Frame ID: 6DBD0171C5BD5DA359C3AD6018E07FC9
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Frame ID: AAB0D990C41F896DF9E917DFFFFD5569
Requests: 3 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 454327FA01E0B99BE0A1DD124AEDBBD1
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Buying Award-Winning Wine Is Simple With Firstleaf

Page URL History Show full URLs

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfe... HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Logo&entit... HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=31b33302-cd98-4614-950f-e12367149321&auth=b44126e27734383b941... HTTP 302
    https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=67SPTS7VCDDXSZZQ6SXVPGRH6 HTTP 302
    https://cj.dotomi.com/8m65iqzyG/qx1/FJJGMMJM/GENLEKG/E/E/E?l=u4up%3DIJebfeJhOPPjellcIejhbSdTI%3c%3... HTTP 302
    https://www.emjcd.com/bd111efon7/fmr/4885BB8B/53CA395/3/733B38964769C48633:.EFdGXxrG4b1/id9g3B6hh9... HTTP 302
    https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • /react-redux(@|/)([\d.]+)(?:/[a-z]+)?/react-redux(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

173
Requests

90 %
HTTPS

51 %
IPv6

47
Domains

63
Subdomains

51
IPs

4
Countries

7047 kB
Transfer

13215 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgPmYaahaR9cSaGGihLD8-2FtlGOOfZ39D5oraDtmNU9JrmZZ-2BNBqFi-2FMY9b3qgz2wkRW16B84fLpOB-2FnOH6xTw-2BN7kUbpWYJkbqCy-2B-2BJ3p0taKG-2BKmBzYsOCq6PMH-2BDlrgDoRDzAXbWTyijnSyl2TsX3SwYgCQ6Y-2FUn06vUuVqlCINnNTICtQ2dDY-2FIQ8DXUCkyxjKzTdHQySc90w-2BCh6Dshkm8NREZxWfMm87W1-2FRhDim1JSqJaRb5F2kK6HO9FiBlLQmxlUGZGor2sBBSAtN62MaKqZiuTCX7rOUEXMHCpw1xxkmMWo7psv28uhl6zsJ0GkZ2V3g8dqonVR-2Bze6fo-2BQ-3D-3DBm9T_xCZC6Tr2TgwZp7Bfp-2FgvhHQ4CxpB5KkM8ctUrntD-2FcXoUNt10vxVs5xgGUixUJVjtHH-2FZSCPq-2F9ZfSxqG1X4vfiXpikGKz6x0bO9zaYru5ejZW6-2FP14eA96RDgCNTS9axVod8ZrKrh4YFuJ35AR3BW6jGTE-2FGUJs7XUQxe8TFxJPZ46b6UEAah6ffBJND4lplK3HiZy6Dt-2BAN7WtNe5tpLHJy0FP8rno5cQZOPg2A2I-3D HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Logo&entityEmailTypeCode=weeklyblast&communityid=1070&pt=lb&at=lo&ap=0&pk=3&dt=s&ao=1431609&esp=sg&userId=35059384&email=kelsi.fowler%40ochsner.org&communityid=1070&cmpnid=791&entityEmailTypeCode=weeklyblast&auth=d57e4bac052d1db77245afb24065003a HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=31b33302-cd98-4614-950f-e12367149321&auth=b44126e27734383b941bbf5c7d8c903f&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
    https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=67SPTS7VCDDXSZZQ6SXVPGRH6 HTTP 302
    https://cj.dotomi.com/8m65iqzyG/qx1/FJJGMMJM/GENLEKG/E/E/E?l=u4up%3DIJebfeJhOPPjellcIejhbSdTI%3c%3ct5514%3A%2F%2F888.w2BArv.o0y%2Foxuow-ECLJCIE-DHHEKKHK%3c%3cS%3ct5514%3A%2F%2F0ot4zq3.1q3w4105.o0y%2F%3c%3cD%3cD%3cC%3cC%3c HTTP 302
    https://www.emjcd.com/bd111efon7/fmr/4885BB8B/53CA395/3/733B38964769C48633:.EFdGXxrG4b1/id9g3B6hh96d44hhB35535583d4BedA5?e=l3to%3DHIdaedIgNOOidkkbHdigaRcSH%3cnuz!8D0A-zl2qo4x%3cs4403%3A%2F%2F777.v1A9qu.nzx%2Fnwtnv-DBKIBHD-CGGDJJGJ%3c%3cR%3cs4403%3A%2F%2Fzns3yp2.0p2v30z4.nzx%2F%3cqGCqGnIG-EmpG-FGnq-KIIJ-HoIGGqGFmnCq%3cC%3cC%3cB%3cB%3c HTTP 302
    https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgPmYaahaR9cSaGGihLD8-2FtlGOOfZ39D5oraDtmNU9JrmZZ-2BNBqFi-2FMY9b3qgz2wkRW16B84fLpOB-2FnOH6xTw-2BN7kUbpWYJkbqCy-2B-2BJ3p0taKG-2BKmBzYsOCq6PMH-2BDlrgDoRDzAXbWTyijnSyl2TsX3SwYgCQ6Y-2FUn06vUuVqlCINnNTICtQ2dDY-2FIQ8DXUCkyxjKzTdHQySc90w-2BCh6Dshkm8NREZxWfMm87W1-2FRhDim1JSqJaRb5F2kK6HO9FiBlLQmxlUGZGor2sBBSAtN62MaKqZiuTCX7rOUEXMHCpw1xxkmMWo7psv28uhl6zsJ0GkZ2V3g8dqonVR-2Bze6fo-2BQ-3D-3DBm9T_xCZC6Tr2TgwZp7Bfp-2FgvhHQ4CxpB5KkM8ctUrntD-2FcXoUNt10vxVs5xgGUixUJVjtHH-2FZSCPq-2F9ZfSxqG1X4vfiXpikGKz6x0bO9zaYru5ejZW6-2FP14eA96RDgCNTS9axVod8ZrKrh4YFuJ35AR3BW6jGTE-2FGUJs7XUQxe8TFxJPZ46b6UEAah6ffBJND4lplK3HiZy6Dt-2BAN7WtNe5tpLHJy0FP8rno5cQZOPg2A2I-3D HTTP 302
  • https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Logo&entityEmailTypeCode=weeklyblast&communityid=1070&pt=lb&at=lo&ap=0&pk=3&dt=s&ao=1431609&esp=sg&userId=35059384&email=kelsi.fowler%40ochsner.org&communityid=1070&cmpnid=791&entityEmailTypeCode=weeklyblast&auth=d57e4bac052d1db77245afb24065003a HTTP 302
  • https://pslogin.perkspot.com/auth/email?sid=31b33302-cd98-4614-950f-e12367149321&auth=b44126e27734383b941bbf5c7d8c903f&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
  • https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
  • https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Request Chain 33
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 98
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726;ip=80.255.7.105;cuidchk=1
Request Chain 99
  • https://tags.w55c.net/rs?id=71b67348696b454582c45b8a45b1a724&t=homepage HTTP 302
  • https://tags.w55c.net/rs?sccid=05c76cea-50bc-f7ae-ecee-14405564078a&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Request Chain 100
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Request Chain 109
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667;ip=80.255.7.105;cuidchk=1
Request Chain 110
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js

173 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
none
ochsner.perkspot.com/offer/1431609/
Redirect Chain
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgPmY...
  • https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Logo&entityEmailTypeCode=weeklyblast&communityid=1070&pt=lb&at=lo&ap=0&pk=3&dt=s&ao=1431609&esp=sg&userI...
  • https://pslogin.perkspot.com/auth/email?sid=31b33302-cd98-4614-950f-e12367149321&auth=b44126e27734383b941bbf5c7d8c903f&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklybl...
  • https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
  • https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
24 KB
13 KB
Document
General
Full URL
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e7b0c3862de3c6bc4181d60ccab272f79b3f31c36422e35794208aca43c75260
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
9712
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 21:52:24 GMT
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
vary
Accept-Encoding
x-azure-ref
20240319T215223Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzez
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
204
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 21:52:23 GMT
location
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
x-azure-ref
20240319T215223Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzdx
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
core.css
ochsner.perkspot.com/Content/sass/dist/
133 KB
32 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:44 GMT
etag
"0f682b3c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzfn
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
32540
x-content-security-policy
frame-ancestors *.perkspot.com
perxcss.css
ochsner.perkspot.com/Content/sass/dist/
463 KB
57 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
9590a1abf03a012d99620eff6bc0f31bd90896f77058a81c18b2e07116bbeece
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:44 GMT
etag
"0f682b3c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzfp
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
58019
x-content-security-policy
frame-ancestors *.perkspot.com
psBootstrap.css
ochsner.perkspot.com/Scripts/React/
774 KB
79 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Scripts/React/psBootstrap.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ad7066efe71d1d6692c0aa7cab7da9e59a550578da93af8f413dfd5490c25c77
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:45 GMT
etag
"808c1bb4c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzfq
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
80453
x-content-security-policy
frame-ancestors *.perkspot.com
community-css
ochsner.perkspot.com/
62 KB
12 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/community-css?communityId=1070
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f52aa7f19fe7b48d3d6b18cfedbae9ed42c8a11b962f6d895f7f32c48d6feaf0
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
11446
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:24 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzfr
access-control-expose-headers
Request-Context
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Wed, 20 Mar 2024 21:52:24 GMT
insights
ochsner.perkspot.com/bundles/
4 KB
3 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
2628
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:24 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzfs
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 19 Mar 2025 21:52:24 GMT
PerkSpot_TLF_SDK_6-1.js
ochsner.perkspot.com/scripts/
161 KB
53 KB
Script
General
Full URL
https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:45 GMT
etag
"808c1bb4c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhz
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
54239
x-content-security-policy
frame-ancestors *.perkspot.com
logo_1070.png
psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/
13 KB
13 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/logo_1070.png
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6432e3b907fecbd18556ef65db4cb31a966392bbf18b99fa32bc7bd69acb4d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-meta-createdby
not-implemented
date
Tue, 19 Mar 2024 21:52:24 GMT
x-amz-meta-uploader
S3StorageService
last-modified
Tue, 25 Jul 2023 19:22:28 GMT
x-amz-request-id
V609ARSFCZB6KQC6
etag
"72534296f183efb0fe5d117985380e6e"
x-amz-server-side-encryption
AES256
x-azure-ref
20240319T215224Z-9cfatmz1250pp77495pnan36y000000006zg00000000z12n
x-cache
TCP_HIT
content-type
image/png
cache-control
public, max-age=18000
x-fd-int-roxy-purgeid
67315267
accept-ranges
bytes
content-length
12975
x-amz-id-2
lJSlvLxtt5PEtODPAez2v67Jc6KNsKg1jRzQhR0LIu3Z0CmSOo039j7R0opLe8UrUMUfE9az7Tc=
logo_44971.jpg
psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/
4 KB
4 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/logo_44971.jpg
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f7354e7a4693b91342dae2a6eb44dd7346fbb0f408e1e81847dbfde0ba2518a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:24 GMT
last-modified
Wed, 06 Jul 2022 04:42:23 GMT
x-amz-request-id
EGJPH96HD6ABK6C0
etag
"76bad12d76fb37c71a758a2e4cb88611"
x-amz-meta-cb-modifiedtime
Tue, 28 Jun 2022 17:18:55 GMT
x-azure-ref
20240319T215224Z-9cfatmz1250pp77495pnan36y000000006zg00000000z12p
x-cache
TCP_HIT
content-type
image/jpeg
cache-control
public, max-age=172800
x-fd-int-roxy-purgeid
67315267
accept-ranges
bytes
content-length
3756
x-amz-id-2
PpVfbvSEzyMgyz40g3krv4LDZL93ScS5eq7u2Cf+w8CLCqtS9LjI0QkABCnLqHKKy/TEfxKClkM=
jquery
ochsner.perkspot.com/bundles/
827 KB
314 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jquery?v=J6h_AL6u6wuvcIz6tbrKyATCmVd_tSErMeClln0d-iU1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 19 Mar 2024 21:52:24 GMT
expires
Wed, 19 Mar 2025 21:52:24 GMT
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzgb
x-cache
CONFIG_NOCACHE
access-control-expose-headers
Request-Context
cache-control
public
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
jqueryval
ochsner.perkspot.com/bundles/
40 KB
16 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jqueryval?v=YzRBe6gfD164-CLYW2zoB8py-eOZPLHUgoPct44VgDo1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
15663
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:24 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215224Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzgh
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 19 Mar 2025 21:52:24 GMT
bootstrap
ochsner.perkspot.com/bundles/
41 KB
14 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/bootstrap?v=7jtbseVPa_P_wxk-ANB0JbEiqz4vMc1fIXNwp0ieQEk1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
14262
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:25 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzh8
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 19 Mar 2025 21:52:25 GMT
react.production.min.js
unpkg.com/react@18.0.0/umd/
11 KB
5 KB
Script
General
Full URL
https://unpkg.com/react@18.0.0/umd/react.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
532157
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFPWV0DQA2SNG3V5FTW1Z9-fra
server
cloudflare
etag
W/"2a04-xsszuHb0TYvo8H4oHFeLkFVRBIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07d88431d8c-FRA
react-dom.production.min.js
unpkg.com/react-dom@18.0.0/umd/
128 KB
42 KB
Script
General
Full URL
https://unpkg.com/react-dom@18.0.0/umd/react-dom.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
541113
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW75JEX5J7DH8K2AQK6RZMX-fra
server
cloudflare
etag
W/"2014a-4hvyK4+Q49dCXSLyG13VROqaHvw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07da8811d8c-FRA
react-redux.min.js
unpkg.com/react-redux@7.2.8/dist/
16 KB
6 KB
Script
General
Full URL
https://unpkg.com/react-redux@7.2.8/dist/react-redux.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
532098
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFRQE4V7M7TG8BRWW6W3F6-fra
server
cloudflare
etag
W/"3ed0-hpbGJdoINWADjmP0Akj8XlSsvxg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07db8881d8c-FRA
axios.min.js
unpkg.com/axios@0.26.1/dist/
17 KB
6 KB
Script
General
Full URL
https://unpkg.com/axios@0.26.1/dist/axios.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
532300
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFJG27X48N35RW8YH3WTMH-fra
server
cloudflare
etag
W/"457f-zA7QrHnYYTK2xYcjaiN3JvTqWzo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07db8891d8c-FRA
purify.min.js
unpkg.com/dompurify@2.4.0/dist/
21 KB
9 KB
Script
General
Full URL
https://unpkg.com/dompurify@2.4.0/dist/purify.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
532098
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFRQEDHSKAPJW75P5TPD5E-fra
server
cloudflare
etag
W/"5495-OpC3QS0Kv+nnoIqpV/fCIUZWBuk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07db88a1d8c-FRA
react-query.production.min.js
unpkg.com/react-query@3.39.1/dist/
48 KB
13 KB
Script
General
Full URL
https://unpkg.com/react-query@3.39.1/dist/react-query.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
536976
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3VR4FDD12M67QCM42KED-fra
server
cloudflare
etag
W/"bf18-Rt6LU5PcFI8/cFoIPW8wSWdNlHI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07db88d1d8c-FRA
redux-toolkit.umd.min.js
unpkg.com/%40reduxjs/toolkit@1.8.1/dist/
39 KB
13 KB
Script
General
Full URL
https://unpkg.com/%40reduxjs/toolkit@1.8.1/dist/redux-toolkit.umd.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
536971
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3W3TYWAEP0KX1XZRJR8X-fra
server
cloudflare
etag
W/"9a02-Q4Nq/njKcJAXmF3qDmhO8lBlpCM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8670b07db88f1d8c-FRA
toast.bundle.js
ochsner.perkspot.com/Scripts/React/
19 KB
5 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/toast.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a491c75feed5de07c5670575157d1a18d8e0cec1254e9a4e09e35473fa20d015
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:44 GMT
etag
"0f682b3c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhf
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
4542
x-content-security-policy
frame-ancestors *.perkspot.com
reduxStore.bundle.js
ochsner.perkspot.com/Scripts/React/
6 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/reduxStore.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ebf12bf07b6715367bddb899260dc6c5459d2c14a090c792c854c96a51cb1b66
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:44 GMT
etag
"0f682b3c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhg
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
2017
x-content-security-policy
frame-ancestors *.perkspot.com
dependencies.bundle.js
ochsner.perkspot.com/Scripts/React/
46 KB
15 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/dependencies.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
78e04595db9933ecf5e24650b1501604f66e2d977befd16f85f449e378aae9b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:45 GMT
etag
"808c1bb4c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhh
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
15042
x-content-security-policy
frame-ancestors *.perkspot.com
runtime.bundle.js
ochsner.perkspot.com/Scripts/React/
2 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/runtime.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
90a531b621d2e8b6d11496fa4dceb4e3a66b73b0453ed8140b7a3b094de729a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:44 GMT
etag
"ce9f18b4c374da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhk
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
1296
x-content-security-policy
frame-ancestors *.perkspot.com
perkspot.interstitial
ochsner.perkspot.com/bundles/
70 B
682 B
Script
General
Full URL
https://ochsner.perkspot.com/bundles/perkspot.interstitial?v=75limDE-2tqT07c2TKoyoRaneuVhjVbGd0-jy267eRQ1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
175
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:25 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhm
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 19 Mar 2025 21:52:25 GMT
addtohomescreen
ochsner.perkspot.com/bundles/
9 KB
4 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/addtohomescreen?v=dQY7ReEN3P6AvpTV4mVTeWSR8WQitK0nH1fxax2VNoA1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
3536
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 19 Mar 2024 21:52:25 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhn
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 19 Mar 2025 21:52:25 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/
103 KB
34 KB
Script
General
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:47:35 GMT
content-encoding
gzip
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 06:45:39 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
291
x-amz-server-side-encryption
AES256
etag
W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
EB3rcSekqZlV10vQehj6Ndf3Q36p0T37T48RDPt63SjwoQwANATAiw==
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/
77 KB
24 KB
Script
General
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 17:04:45 GMT
Content-Encoding
gzip
Via
1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P9
Age
3041261
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 14 Sep 2022 17:49:55 GMT
Server
AmazonS3
ETag
W/"16c901ad672c76633691d7e04767ba75"
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=30672000,public
X-Amz-Cf-Id
Q248KeVu8lDwHdw13jtnpu5rrJDgcPsBU9zDBfRRYkveFtobi_jV4g==
tune.js
js.go2sdk.com/v2/
4 KB
4 KB
Script
General
Full URL
https://js.go2sdk.com/v2/tune.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 19 Mar 2024 03:27:37 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2024 18:55:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
66289
x-amz-server-side-encryption
AES256
etag
"3301ce2b9ef7fa3f72c5ae2b296d4ceb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4142
x-amz-cf-id
3YdWGDbzgcPXjTFhr4diHKYc1zsbF63X5znN0rjDMjq1Bfs3W3uhCA==
j.php
dev.visualwebsiteoptimizer.com/
24 KB
7 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
11f6da2ea5b665176386d9ff3e56f6f4e76b461d66634119db72396fae0b5985

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1710855286_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
35A1AD_0_0.woff2
ochsner.perkspot.com/Content/fonts/
28 KB
28 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_0_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:41 GMT
etag
"b3623b2c374da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhq
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
28718
x-content-security-policy
frame-ancestors *.perkspot.com
fontawesome-webfont.woff2
ochsner.perkspot.com/Content/fonts/
69 KB
69 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:41 GMT
etag
"bd4836b2c374da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhr
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
70728
x-content-security-policy
frame-ancestors *.perkspot.com
35A1AD_3_0.woff2
ochsner.perkspot.com/Content/fonts/
41 KB
41 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_3_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 12 Mar 2024 21:24:41 GMT
etag
"76344b2c374da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240319T215225Z-v3mq8uvbe935b1gfy52mfyv38g00000007c000000000zzhs
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
42010
x-content-security-policy
frame-ancestors *.perkspot.com
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
120 KB
47 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
2+CVLpI/+n4/WqDrTExBWA==
age
18
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.17.min.js
content-length
48042
x-ms-lease-status
unlocked
last-modified
Wed, 14 Feb 2024 19:25:27 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.17
etag
0x8DC2D92B347C0C9
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
1f1b12a9-c01e-002e-3747-7aaba5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Tue, 19 Mar 2024 22:22:25 GMT
asset_composer.js
static.zdassets.com/ekr/ Frame FB29
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
x-amz-version-id
KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
QXYRDQMH5SBRN5TD
age
13
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
FU+DL9L/xDzB2TG1uNTZGSiJeRlG1qucGQ22sxOAFhWLt6FQs/hl7a9z2bTe2H1UkJNjfPx3WAw=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KUeRumsIz9tdhStoyVhioaR1jOk%2FpPNllk2Nqpd9aa21WKHErP6LIT09NDGNisjBlcfUNvjc0Mnr%2FOYbaNHyAPxRBcT31%2FK1hgikqdiDe3XRhU5aKVIMZAmFd8I61rPKZAqQ9IU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8670b0805c98bfaf-WAW
access-control-allow-headers
*

Redirect headers

date
Tue, 19 Mar 2024 21:52:25 GMT
strict-transport-security
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RPfPPyzQ5s1ZXKOMKmsq00DNEp4uy9IVteiD1v%2BwjorGSCz6hazYUhBfDBZBXbZ6ay54G5CKXnZAqdmIFcddzBcHVCJpLvpCnX2vlrcNWnQv1UOoP7gETbcMYM6nuuPD1fMrHw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
cf-ray
8670b07f5fb1354e-WAW
expires
Tue, 19 Mar 2024 22:52:25 GMT
va_gq-41840b88e1988a3a4d5093164e8620a7.js
dev.visualwebsiteoptimizer.com/edrv/
234 KB
61 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-41840b88e1988a3a4d5093164e8620a7.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
60b5e3d8fa4dbf7f726e7e255e1f5b0087ad52e44c2f16ddfaea65cb752f780e

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 19 Mar 2024 04:42:28 GMT
server
gfra1
etag
"65f917b4-f49c"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62620
nc-1f59ee037516fa0f46462334961b8d6a.js
dev.visualwebsiteoptimizer.com/edrv/
9 KB
3 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-1f59ee037516fa0f46462334961b8d6a.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
d6cfb5ea0d4f0b0b64cdb50ca954b8f666d1fadde15cce3dc55240e61b98ddf9

Request headers

Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 19 Mar 2024 04:42:28 GMT
server
gfra1
etag
"65f917b4-c03"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3075
v.gif
dev.visualwebsiteoptimizer.com/
35 B
143 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=793633&d=ochsner.perkspot.com&u=D0FA7D4CB27D16D6F950473251D31AFF5&h=dbd7aba690063cba263fa05a1cad083b&t=false
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
90945aec-18be-48b3-9aff-460704e15616
https://ochsner.perkspot.com/
524 B
0
Other
General
Full URL
blob:https://ochsner.perkspot.com/90945aec-18be-48b3-9aff-460704e15616
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19cc0d723aa43f63d06736c1bbd2852d5d14ffdbb4b1786db1b3f07a1e97f123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
524
Content-Type
application/javascript
simple
api.sail-personalize.com/v1/personalize/
288 B
499 B
Fetch
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
63ae9c49ec66764689006ca402ed295bad25b94a5cb08132b1c6fe3f93a7a011

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer 294681006d1c69c4a7d06d0165dc3500
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://ochsner.perkspot.com/
x-referring-url
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
198
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame
0
0
Preflight
General
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=utm_medium%3Demail&page=utm_id%3Dweeklyblast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Tue, 19 Mar 2024 21:52:25 GMT
s.gif
dev.visualwebsiteoptimizer.com/
35 B
53 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=793633&u=D0FA7D4CB27D16D6F950473251D31AFF5&s=1710885145&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22en-us%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1710885145552%2C%22tO%22%3A-1%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1710885145579&v=71c7bc198
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:25 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv1c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
apmLib-1a85c8aed8b1f21eeea88df5932bcd82.js
dev.visualwebsiteoptimizer.com/
4 KB
2 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/apmLib-1a85c8aed8b1f21eeea88df5932bcd82.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-41840b88e1988a3a4d5093164e8620a7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 19 Mar 2024 04:42:28 GMT
server
gfra1
etag
"65f917b4-658"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1624
settings.js
dev.visualwebsiteoptimizer.com/
9 KB
4 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=793633&settings_type=1&vn=&eventArch=1&uuid=&ec=759621&exc=31
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-41840b88e1988a3a4d5093164e8620a7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
dff8e1f5e7e9a0e45a87c3daca3912c1a560e381e014019060028ba8311985eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:24 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1710855286_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.188.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-188-125.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 19 Mar 2024 21:52:25 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/
1 B
246 B
XHR
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.188.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-188-125.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://ochsner.perkspot.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:26 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://ochsner.perkspot.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
nodeid
wscollector-657cfc578d-xhz72
content-length
1
perkspot.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame FB29
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/web_widget/perkspot.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bb3c1df8eaebe0b3013b0846d12e3f9289d58dab1b0c66c7ae86e91d177b44f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
28
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
866cd35288422857-SEA, 866cd35288422857-SEA
x-runtime
0.004524
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7bb3c1df8eaebe0b3013b0846d12e3f9"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RySBCS2BkzeMP8CqfEHhjHoLfx2aYWTXUpiszgXj8Sdm0p5gNlA71qAeOwE8bLRgbcpZk1Hz3WC5QVqoRc4%2FRgCjM9t2ip5yYXGMFwx39aKSIpeYr2fq2DOJ6lgcO973C%2Fk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8670b0816aa570be-WAW
web-widget-main-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/ Frame B78A
945 KB
277 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9211e84cf5db7632d4e91f0cc3a660514dec1c01fb7ec17e381e1c1eb758e4b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
x-amz-version-id
pJqu6tPM.I5Q4GF9AkP_HATOPk8YMrsq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4AM14ZVA27KW16
age
44738
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
dgPR/2fnJzOCHTBvduq7gV60p59SKCw6s93NPMbTV/PWkO1OS8VSSSATNamlrtp2cAZ9MP1Aj+D1H/ch9RIlmQ==
last-modified
Thu, 07 Mar 2024 14:11:36 GMT
server
cloudflare
etag
W/"9fe3f095722824d79a8e1ee3a3fe18ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Z7zuIr%2FTSdH%2Bzxtj3hX57jFvwAke7zX0ZVwkS8J84ZhEGqFolZ6Avx%2FxN8Wony1Bj5TA6niRd6yvtpmi4zjAvjzx0dNnNt0eCNYDyaePXda0DqoLJ676DxDgBRWrOXjHbUBI%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b081ef09bfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:35 GMT
apm
dev.visualwebsiteoptimizer.com/
0
33 B
Ping
General
Full URL
https://dev.visualwebsiteoptimizer.com/apm
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/apmLib-1a85c8aed8b1f21eeea88df5932bcd82.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv1c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ochsner.perkspot.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 19 Mar 2024 21:52:25 GMT
content-encoding
gzip
via
1.1 google
server
gnv1c
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/javascript; charset=UTF-8
collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.188.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-188-125.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods
POST
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 19 Mar 2024 21:52:26 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
collectorPost
lib-us-1.brilliantcollector.com/collector/
38 B
362 B
Fetch
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.188.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-188-125.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

Content-Encoding
gzip
X-Tealeaf-SyncXHR
false
X-Tealeaf
device (UIC) Lib/6.1.0.1989
accept-language
de-DE,de;q=0.9
X-Tealeaf-MessageTypes
1,2,12,14
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json
X-Tealeaf-SaaS-AppKey
f6ce702d3c824416a11711d09caffe00
X-Tealeaf-SaaS-TLTSID
17003971953914104335354142216595
X-Requested-With
fetch
X-TealeafType
GUI
X-PageId
P.N7UYK5KF2F3AJU959BEXNDPQSP8Z
X-TeaLeaf-Page-Url
/offer/1431609/none
Referer
https://ochsner.perkspot.com/

Response headers

date
Tue, 19 Mar 2024 21:52:26 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://ochsner.perkspot.com
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
tltsid
17003971953914104335354142216595
nodeid
wscollector-657cfc578d-xhz72
content-length
38
expires
Fri, 31 Dec 1998 12:00:00 GMT
track
dc.services.visualstudio.com/v2/
189 B
293 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 19 Mar 2024 21:52:25 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 19 Mar 2024 21:52:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
en-us-json-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame B78A
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a5bccfa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:26 GMT
x-amz-version-id
dhdAAISx0HAsdUuTr1X4iN_YhhRufNbT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4E0QHDFQVCFZRZ
age
44738
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
J6pTzx97V13BDZzyOtfw+GL0v/GSv6WQGAmay6o3tfx20gxuOIn2+E26vl7FPRIbZBI9zH+5UEg=
last-modified
Thu, 07 Mar 2024 14:11:38 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WJC%2Ba1rH4pDY1wwfa8uGch1Yk3hFE5zhyK1baOPQX206zezP6c1hzhy1G6NlHFmzTaJmb2CCuKRsgZzkGdRkcjCEzWCHfYgr3RUXvPrA138XEEi4%2Bfz64cSAfoqdHV6TBvBggEc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b083b959bfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:37 GMT
config
perkspot.zendesk.com/embeddable/ Frame B78A
799 B
1 KB
Fetch
General
Full URL
https://perkspot.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56803e8fac0559c6f22f3b7ab50580285d4b64e77fefe70496e347483ad2e195

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:26 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
40
x-zendesk-origin-server
embeddable-app-server-84b48bb7b6-mvs4v
x-cached
MISS
x-request-id
8670af89883f772e-WAW
x-runtime
0.003224
last-modified
Tue, 19 Mar 2024 21:51:46 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gIlGfa19al62xnS5k%2BS1kMX2qCp6O4tCAt1qz0sXh5nrbUGpMODQYH38NgQk3EtctNN0De0vsjt0bX3p2JYtZLIK0IUZ%2FSETH9vlWeq0fbZc5ndgUMJ6g647k5UHUpnYoapnZRnL"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
8670b0846dbcfc83-WAW
web-widget-chat-sdk-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/ Frame B78A
202 KB
51 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-a5bccfa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:26 GMT
x-amz-version-id
wNrB193y1FLyXZRrlHsnHfReGLkkPHfu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C41ZMG673Z0HM26
age
44739
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
vOo6e55U2i67ZC10VfrG1HwcURdhJVZnQTIB+We4qamd/GLnJkslXsMfDFLTLXK8Ikm7BJfwVjbvSDjF/ijWJQ==
last-modified
Thu, 07 Mar 2024 14:11:36 GMT
server
cloudflare
etag
W/"b8284a4b45e40625c2b90a641ebe4a68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwRY3VagQ7YTcfTccWY8Q8DMzmMt%2Bw3PIOvg7fxs58gINyOvSGCReo%2FNFr%2F3Tqg1l7vTM6P02ZVpd8mlDsdx2kECvwZKIBMcWfDJJz30xjDgjk22Ckvf3%2FUxXsPfvU%2FAeIZfEM8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b08429ecbfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:35 GMT
web-widget-chat-incoming-message-notification-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/ Frame B78A
236 B
834 B
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-a5bccfa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:27 GMT
x-amz-version-id
zVFnmZy8rSdETnvnvJk7Bz5hqSP6yYx1
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4E0V0R1R8G3J2H
age
44739
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Otk1lykWW2uI7pxajMaBoTzupOVaZlGHx7emmBOiUHI5z0s1axaZM8vxQE5IozZ/SJDJfeGukGU=
last-modified
Thu, 07 Mar 2024 14:11:36 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elvcctyW1M5%2FeG5bX%2B6bkdzNcTmz6nvSmeKo9OSkyim9JPfiWJCsLlf%2Bo1NzpzMFh4q6YftlXh7hKIA0S1kzg7dxlfeIolgFfA0K5S7E7r6%2Fr0LaTgI7cArAy9b5wj%2FrVpFbM2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b08ab93abfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:35 GMT
Primary Request firstleafpartners
page.firstleaf.com/
Redirect Chain
  • https://www.kqzyfj.com/click-2097062-15528858?sid=67SPTS7VCDDXSZZQ6SXVPGRH6
  • https://cj.dotomi.com/8m65iqzyG/qx1/FJJGMMJM/GENLEKG/E/E/E?l=u4up%3DIJebfeJhOPPjellcIejhbSdTI%3c%3ct5514%3A%2F%2F888.w2BArv.o0y%2Foxuow-ECLJCIE-DHHEKKHK%3c%3cS%3ct5514%3A%2F%2F0ot4zq3.1q3w4105.o0y%...
  • https://www.emjcd.com/bd111efon7/fmr/4885BB8B/53CA395/3/733B38964769C48633:.EFdGXxrG4b1/id9g3B6hh96d44hhB35535583d4BedA5?e=l3to%3DHIdaedIgNOOidkkbHdigaRcSH%3cnuz!8D0A-zl2qo4x%3cs4403%3A%2F%2F777.v1...
  • https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+...
117 KB
19 KB
Document
General
Full URL
https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8b1f33ab4771546841b88a63511f0efc82112164a31c23ae534cdb966676f4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Referer
https://ochsner.perkspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8670b090cfce997b-FRA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 21:52:28 GMT
referrer-policy
same-origin
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
via
1.1 google, 1.1 google
x-frame-options
SAMEORIGIN
x-xss-protection
1

Redirect headers

Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
807
Content-Type
text/html; charset=UTF-8
Date
Tue, 19 Mar 2024 21:52:28 GMT
Expires
Tue, 19 Mar 2024 21:52:28 GMT
Location
https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Pragma
no-cache
Server
Resin/4.0.66
X-VC-HTTPS
On
track
dc.services.visualstudio.com/v2/
189 B
247 B
Fetch
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ochsner.perkspot.com/
accept-language
de-DE,de;q=0.9
sdk-context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 19 Mar 2024 21:52:26 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
collectorPost
lib-us-1.brilliantcollector.com/collector/
0
0
Ping
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.N7UYK5KF2F3AJU959BEXNDPQSP8Z&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Foffer%2F1431609%2Fnone&X-Tealeaf-SyncXHR=false&X-Tealeaf-MessageTypes=1%2C2%2C7&X-Tealeaf-SaaS-AppKey=f6ce702d3c824416a11711d09caffe00&X-Tealeaf-SaaS-TLTSID=17003971953914104335354142216595&Content-Encoding=gzip
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.188.125 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-188-125.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

dl
perkspot.zendesk.com/frontendevents/ Frame B78A
0
0
Fetch
General
Full URL
https://perkspot.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Mar 2024 21:52:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7PZ4AhwmSclBbs3rHNu%2BNSCgWP8ybt2V%2FrnQrjhwFcK%2FGWzZ0Wt5frmyH1DBh%2FEI%2FnDL7fZ1m9nVa3QNXj21b8c4RKzlCoFqu3k3zdASLpCwrA8UVE2bzOiMGJZVx63qB7RJLGlt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8670b08cdaddfc83-WAW
content-length
0
x-request-id
8670b08cdaddfc83-WAW
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.241 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 19 Mar 2024 21:52:26 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
dl
perkspot.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://perkspot.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
8670b08b5858fc83-WAW
date
Tue, 19 Mar 2024 21:52:27 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5wLEdivJCaFe86EZmIg4Mv6Pd8nslGrAOQkod17e9xATy3FqWKGSGy8gqwwn2YeQs72r%2BdWpByAcwU0DGK1wsfohKXnDQPQxxRih2NLWNoNADgZQr6DrSuIDk4R8aY0eLRE12rCt"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
8670b08b5858fc83-WAW
x-zendesk-zorg
yes
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame B78A
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 19 Mar 2024 21:52:27 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
1013224
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tr%2B9lOPxAddFy0Vtylov7LPEQG05VAqI%2FYnnXsvLOEjFg%2BlgDeW6lxFjLgqKSTcYerCc2XrQ5KAWl%2FbSu0H7LV1%2FqY%2BlZ8h%2BhAaRNo1YBICXaG4Qz9i9MEycLneWYAas6s9QGSs%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b08bda64bfaf-WAW
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT
utils.7accb7b6af83a9dd4f79.js
g.fastcdn.co/js/
56 KB
20 KB
Script
General
Full URL
https://g.fastcdn.co/js/utils.7accb7b6af83a9dd4f79.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa55d216890ad204cd829e8c33fe34ef24c4e0638023f54b7d36ea3f0b1e387e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
461918
x-guploader-uploadid
ABPtcPo5ttNl4hY6sME5s0IF461uCtg_9Ui8ScpLe5calkCIxfr4StGwjfKDTohbwRKzFIIqv1FQRcjIWA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 13 Feb 2024 08:46:11 GMT
server
cloudflare
etag
W/"c2b6386c5bd6a6d8c857cf960d489487"
vary
Accept-Encoding
x-goog-hash
crc32c=SbQjVA==, md5=wrY4bFvWptjIV8+WDUiUhw==
x-goog-generation
1707813971694742
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
19643
cf-ray
8670b0921d952bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
Cradle.dd0edac2d5f2fa8e68b5.js
g.fastcdn.co/js/
15 KB
4 KB
Script
General
Full URL
https://g.fastcdn.co/js/Cradle.dd0edac2d5f2fa8e68b5.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
461918
x-guploader-uploadid
ABPtcPq4BP-K7oBtPnDub1DCLBnUzWPV4v7ycwQfOe0HYDN-iP6uwQLRmYr-PVm-pJxlzKQczlg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 07 Mar 2024 12:00:02 GMT
server
cloudflare
etag
W/"83131494fd187537d0742a06ac0791a9"
vary
Accept-Encoding
x-goog-hash
crc32c=Tt9fJA==, md5=gxMUlP0YdTfQdCoGrAeRqQ==
x-goog-generation
1709812802655159
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
4001
cf-ray
8670b0921d932bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
css
fonts.googleapis.com/
32 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 21:16:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Mar 2024 21:52:28 GMT
LegacyVendors.9d4b6af660c0e1798b50.js
g.fastcdn.co/js/
88 KB
32 KB
Script
General
Full URL
https://g.fastcdn.co/js/LegacyVendors.9d4b6af660c0e1798b50.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f29f9fa83fe6deaed043de807534108e2e819ad149d10da35caea2b4f06fcd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
462437
x-guploader-uploadid
ABPtcPpZC9WP-tbRKG-TQKDZ3y8fTJ3vveVPFdViXplO8K7ENpmnnO-EVKEWbHq-3j_kwgMZNkdbfeHWLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 07 Mar 2024 12:00:03 GMT
server
cloudflare
etag
W/"c9ee367784b6e6fe97e30fd18d0931f5"
vary
Accept-Encoding
x-goog-generation
1709812803580572
content-type
application/javascript
x-goog-hash
crc32c=LYyRnQ==, md5=ye42d4S25v6X4w/RjQkx9Q==
cache-control
public, max-age=31536000
x-goog-stored-content-length
31178
cf-ray
8670b0921d942bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
caslon.css
d1hdjv7b05hja2.cloudfront.net/fonts/
0
0

fonts.css
cloud.typography.com/7410416/6307592/css/
0
0
Stylesheet
General
Full URL
https://cloud.typography.com/7410416/6307592/css/fonts.css
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.197.116.174 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-116-174.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

64778737-0-firstleafl-logo.png
v.fastcdn.co/u/814df80e/
1 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64778737-0-firstleafl-logo.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
cf-cache-status
HIT
age
539862
cf-polished
origFmt=png, origSize=3338
x-guploader-uploadid
ABPtcPrakOeTnwEZBR2CZshphSykmAAKOpUuoOel6xnEePqdIxs9OBkc7A-DzXqu1htQWu_WLTA
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64778737-0-firstleafl-logo.webp"
x-goog-meta-expires
Tue, 25 Mar 2025 10:57:25 GMT
content-length
1306
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Feb 2024 18:57:25 GMT
server
cloudflare
etag
"1148a64dbea729a64276a65990f7713a"
vary
Accept
x-goog-generation
1706900245356441
content-type
image/webp
x-goog-hash
crc32c=T18ZMw==, md5=EUimTb6nKaZCdqZZkPdxOg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
3338
accept-ranges
bytes
cf-ray
8670b0921beb2c33-FRA
expires
Fri, 17 Mar 2034 21:52:28 GMT
64703311-0-Trustpilot-Rating.png
v.fastcdn.co/u/814df80e/
3 KB
3 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64703311-0-Trustpilot-Rating.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22d5844a30edf2c15420b17b1b14c47e910a7bfadf33cd93d1767aba1be29055

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
cf-cache-status
HIT
age
464055
cf-polished
origFmt=png, origSize=4429
x-guploader-uploadid
ABPtcPoHAhUKI1W97uv8fWDVK9jwJBimbalXdHfa6JfJ6jusAKVX_J2dB3NlNDS7x-n20Y6ybJGImmk-Dw
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64703311-0-Trustpilot-Rating.webp"
x-goog-meta-expires
Sun, 02 Feb 2025 04:30:33 GMT
content-length
2678
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Dec 2023 12:30:33 GMT
server
cloudflare
etag
"9c1e61cfa9b2bb8f26aec97dcd5d661b"
vary
Accept
x-goog-generation
1702470633788942
content-type
image/webp
x-goog-hash
crc32c=DrOBGA==, md5=nB5hz6myu48mrsl9zV1mGw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
4429
accept-ranges
bytes
cf-ray
8670b0921bee2c33-FRA
expires
Fri, 17 Mar 2034 21:52:28 GMT
64755236-0-circle-checked.png
v.fastcdn.co/u/814df80e/
6 KB
7 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64755236-0-circle-checked.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
190e3a6420847bb948355183c2fdcdfa9ce099ce7e4bcc9c28ebe41fed127186

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
cf-cache-status
HIT
age
464055
cf-polished
origFmt=png, origSize=18848
x-guploader-uploadid
ABPtcPrwZiSO6_zMLf8GOfbCcbTy7JN-Ebvw_XVf4eF9stimhr_2veMOmh4pTFiGxYo7XTLbBWY3zAUW5w
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64755236-0-circle-checked.webp"
x-goog-meta-expires
Fri, 14 Mar 2025 06:14:32 GMT
content-length
6642
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 Jan 2024 14:14:32 GMT
server
cloudflare
etag
"a1306d320cf5327098e65990ee8deec3"
vary
Accept
x-goog-generation
1705932872528315
content-type
image/webp
x-goog-hash
crc32c=U1rsvg==, md5=oTBtMgz1MnCY5lmQ7o3uww==
cache-control
public, max-age=315360000
x-goog-stored-content-length
18848
accept-ranges
bytes
cf-ray
8670b0926c322c33-FRA
expires
Fri, 17 Mar 2034 21:52:28 GMT
1707151343-64781102-150x150-firstleafl-logo.png
v.fastcdn.co/t/thumbnail/20240205/
1 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707151343-64781102-150x150-firstleafl-logo.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
cf-cache-status
HIT
age
464055
cf-polished
origFmt=png, origSize=3317
x-guploader-uploadid
ABPtcPpScp7vuVTJItG-B0EE6YLXVYh0_4SgkUDlTorYb-kX0ZOxYpi_3tT6GcetnK8aWKJYDyhJ63H3aw
x-goog-meta-content-length
3317
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707151343-64781102-150x150-firstleafl-logo.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 08:42:24 GMT
content-length
1306
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 16:42:24 GMT
server
cloudflare
etag
"344c3fd926f907ec12c595a9d89d76f3"
vary
Accept
x-goog-generation
1707151344434942
content-type
image/webp
x-goog-hash
crc32c=wqJ4uQ==, md5=NEw/2Sb5B+wSxZWp2J128w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
3317
accept-ranges
bytes
cf-ray
8670b092cc892c33-FRA
expires
Fri, 17 Mar 2034 21:52:28 GMT
LazyImage.4714f6fe2b1ad13d8f3b.js
g.fastcdn.co/js/
2 KB
1 KB
Script
General
Full URL
https://g.fastcdn.co/js/LazyImage.4714f6fe2b1ad13d8f3b.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
538535
x-guploader-uploadid
ABPtcPo7pQrp5KT0GAxE32mo0JItnYMFOIwQnQ7CnYGwmsLnJT1uAPLWbKI7GM0vNLIkeJ_Lsx1LA63TQw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Tue, 13 Feb 2024 08:46:10 GMT
server
cloudflare
etag
W/"b0ae2275f5d011ac64917080661e4956"
vary
Accept-Encoding
x-goog-hash
crc32c=ZP0ifA==, md5=sK4idfXQEaxkkXCAZh5JVg==
x-goog-generation
1707813970101504
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
1022
cf-ray
8670b0933e772bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
Links.70b7d22ad62e6b363655.js
g.fastcdn.co/js/
380 B
520 B
Script
General
Full URL
https://g.fastcdn.co/js/Links.70b7d22ad62e6b363655.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dad152dee0fa578a8f11721162206b98299f9926d203303a92d65d4920104d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
538535
x-guploader-uploadid
ABPtcPo_CsQFdT-RidWrf3doh4ZSRF6Ll2tEfJCpS7NGgpuWb4B2nvnNk83Osz7mmVrSvbC7s5bqEb_wPQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Wed, 21 Feb 2024 10:34:02 GMT
server
cloudflare
etag
W/"66111b890b3a16d2d8e884c8d11fd5a0"
vary
Accept-Encoding
x-goog-hash
crc32c=tIhBkQ==, md5=ZhEbiQs6FtLY6ITI0R/VoA==
x-goog-generation
1708511641957343
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
288
cf-ray
8670b0927dde2bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
Slider.6c75b15c2d553913e1df.js
g.fastcdn.co/js/
11 KB
3 KB
Script
General
Full URL
https://g.fastcdn.co/js/Slider.6c75b15c2d553913e1df.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98779d41a531227cc58ded005e89be5b87507bc9e6347f64552ddc7fdcec21c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-encoding
br
cf-cache-status
HIT
age
461883
x-guploader-uploadid
ABPtcPoK6zNT1ixyiH4hLyOyaUrXR0-s59X3dvtKyaYuxzkU_6dm8o3hlviKStwbnuRTtGRfTNg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 07 Mar 2024 12:00:04 GMT
server
cloudflare
etag
W/"d94bc6d6be72f7e3cf871ca01fbffc7f"
vary
Accept-Encoding
x-goog-generation
1709812804725003
content-type
application/javascript
x-goog-hash
crc32c=G/XYXg==, md5=2UvG1r5y9+PPhxygH7/8fw==
cache-control
public, max-age=31536000
x-goog-stored-content-length
2726
cf-ray
8670b0939eb42bae-FRA
expires
Wed, 19 Mar 2025 21:52:28 GMT
lib.js
heatmap-events-collector.instapage.com/static/
24 KB
9 KB
Script
General
Full URL
https://heatmap-events-collector.instapage.com/static/lib.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:28 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-permitted-cross-domain-policies
none
cf-cache-status
HIT
age
278
x-dns-prefetch-control
off
x-xss-protection
0
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 19 Mar 2024 21:35:34 GMT
server
cloudflare
x-download-options
noopen
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, must-revalidate, public
access-control-allow-credentials
true
cf-ray
8670b0949c0318e2-FRA
expires
Tue, 19 Mar 2024 21:52:50 GMT
gtm.js
www.googletagmanager.com/
377 KB
109 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c3458c91448d14916ef96b16122e62e4f07b926e0d6273fd70c356543a39282
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111483
x-xss-protection
0
last-modified
Tue, 19 Mar 2024 21:13:02 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 19 Mar 2024 21:52:29 GMT
it.js
cdn.instapagemetrics.com/t/js/3/
54 KB
54 KB
Script
General
Full URL
https://cdn.instapagemetrics.com/t/js/3/it.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.36.17.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.17.36.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:40:12 GMT
age
737
x-guploader-uploadid
ABPtcPoTPpJIRJQWaPqfprVZHVaExZA7uTIKt_U89eIKN9tV_tHxTVjm80McDaX5r332UW-2tJfzd4n9YA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55266
last-modified
Tue, 13 Jun 2023 11:21:34 GMT
server
UploadServer
etag
"eee931187060719ab17a352de2424e0c"
x-goog-generation
1686655294888925
x-goog-hash
crc32c=JVvUKA==, md5=7ukxGHBgcZqxejUt4kJODA==
content-type
text/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
55266
accept-ranges
bytes
sptw.a416ac4ebfdfa0d582c4.js
g.fastcdn.co/js/
60 KB
20 KB
Script
General
Full URL
https://g.fastcdn.co/js/sptw.a416ac4ebfdfa0d582c4.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f767fd14aa58b7eb05ad986cd7b834cc8d0c2d22820f39e0dd950c17ae505b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
br
cf-cache-status
HIT
age
461919
x-guploader-uploadid
ABPtcPqpaCf0UW8-WssYTgwycsHt7MtOE7uc7RxwQEzYIij58bnqrYf1vKc3qOP-GJ3x5meS_BycstDa2A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 07 Mar 2024 12:00:05 GMT
server
cloudflare
etag
W/"4e31a9afeb792458d602b9f948d5eb49"
vary
Accept-Encoding
x-goog-hash
crc32c=Ik/7aQ==, md5=TjGpr+t5JFjWArn5SNXrSQ==
x-goog-generation
1709812805646789
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
20048
cf-ray
8670b097eacb2bae-FRA
expires
Wed, 19 Mar 2025 21:52:29 GMT
cm.js
g.fastcdn.co/js/
51 KB
18 KB
Script
General
Full URL
https://g.fastcdn.co/js/cm.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2084 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
br
cf-cache-status
HIT
age
462438
x-guploader-uploadid
ABPtcPoCSoINg6nC-Bj6p014YHvTydbKlafbH-nO_1ahCeTWOOiwaV9vFaSq-wl7WvZnH5OWXuI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Thu, 30 Jun 2022 02:12:17 GMT
server
cloudflare
etag
W/"8e466d98fa1f746c74b1b409d20a0cf3"
vary
Accept-Encoding
x-goog-hash
crc32c=ZpZBfw==, md5=jkZtmPofdGx0sbQJ0goM8w==
x-goog-generation
1656555137097208
content-type
application/javascript
cache-control
public, max-age=31536000
x-goog-stored-content-length
17906
cf-ray
8670b0985b322bae-FRA
expires
Wed, 19 Mar 2025 21:52:29 GMT
js
www.googletagmanager.com/gtag/
314 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c4eee5fb16dd9e5cd58678a0dcd4c7c234e7a402ffe523b3c7067c0a6c648cf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99312
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 19 Mar 2024 21:52:29 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 19 Mar 2024 21:52:29 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 601BF5AAA43A48F8BDB15F993FA54A19 Ref B: FRA31EDGE0208 Ref C: 2024-03-19T21:52:29Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 19 Mar 2024 21:48:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
261
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 19 Mar 2024 23:48:08 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/png
64780653-0-pdpimgs2.jpg
v.fastcdn.co/u/814df80e/
72 KB
73 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780653-0-pdpimgs2.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
941beac063c8acfa91af835f818bf9bbe4a79d11e403682d06f1c234ecb8d79e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
442421
cf-polished
qual=85, origFmt=jpeg, origSize=87263
x-guploader-uploadid
ABPtcPqceLvWZ1rCYTOKMM-Hn5JsAg-YJD3zx8_fXEAiTYnV49Jv4TFRg5XX5pfVV_jWBi_pWM3AKHc7jQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780653-0-pdpimgs2.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 05:52:43 GMT
content-length
73624
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 13:52:43 GMT
server
cloudflare
etag
"5519c89f81aaf4ca4594cf29765b1e47"
vary
Accept
x-goog-generation
1707141163923413
content-type
image/webp
x-goog-hash
crc32c=zZcy4A==, md5=VRnIn4Gq9MpFlM8pdlseRw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
87263
accept-ranges
bytes
cf-ray
8670b098da4b2c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64783733-0-6bottles-icons.jpg
v.fastcdn.co/u/814df80e/
117 KB
118 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64783733-0-6bottles-icons.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51f603f5926686729582182c411da7f7e7c1646e6718390612d0b96d61a4d404

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
365789
cf-polished
origSize=123334, status=webp_bigger
x-guploader-uploadid
ABPtcPr_IQYeNjlX38P7kvhpF2XT6p3jnjFfNAeG54i9Re_RwpCy2ArtHnKxK8O9OIKi1JSWGnn6hHkCjw
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sat, 29 Mar 2025 09:00:11 GMT
content-length
120150
cf-bgj
imgq:85,h2pri
last-modified
Tue, 06 Feb 2024 17:00:12 GMT
server
cloudflare
etag
"cc93a5567961091c3b775db94da70afe"
vary
Accept-Encoding
x-goog-generation
1707238812819249
content-type
image/jpeg
x-goog-hash
crc32c=abj2WA==, md5=zJOlVnlhCRw7d125TacK/g==
cache-control
public, max-age=315360000
x-goog-stored-content-length
123334
accept-ranges
bytes
cf-ray
8670b098da4d2c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64758094-0-pdpimgs3.jpg
v.fastcdn.co/u/814df80e/
95 KB
95 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64758094-0-pdpimgs3.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52cf4acfa2d37f95ae0d0105b78b5948cd4838f51db11ea18d8a123346b5e6f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
442421
cf-polished
qual=85, origFmt=jpeg, origSize=111557
x-guploader-uploadid
ABPtcPpu2G5gK2bBk_AGb1YIxgYqCLoip10J9ALElPfD5jSjTDbiltX3J91nDogVhd62flvdlUE
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64758094-0-pdpimgs3.webp"
x-goog-meta-expires
Sat, 15 Mar 2025 07:26:45 GMT
content-length
97216
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Jan 2024 15:26:46 GMT
server
cloudflare
etag
"f88eccbaef846d121278d78a5a93f776"
vary
Accept
x-goog-generation
1706023606013534
content-type
image/webp
x-goog-hash
crc32c=ysNulw==, md5=+I7Muu+EbRISeNeKWpP3dg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
111557
accept-ranges
bytes
cf-ray
8670b098da4e2c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64757765-0-pdpimgs4.jpg
v.fastcdn.co/u/814df80e/
55 KB
56 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64757765-0-pdpimgs4.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd48035f6b152047410a72f7a231d327d62c110648b02be46a5eb84fcc6beb18

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
365789
cf-polished
qual=85, origFmt=jpeg, origSize=134082
x-guploader-uploadid
ABPtcPpE8ZeRIHnS7TK1CbVFfVNhCPZAKzEcnR-5yjKsLw3oDb7ineLNJYlfX8e160BZHPDtBWQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64757765-0-pdpimgs4.webp"
x-goog-meta-expires
Sat, 15 Mar 2025 05:59:34 GMT
content-length
56444
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Jan 2024 13:59:34 GMT
server
cloudflare
etag
"e1cc75c71eb7f09b9a8d50fc5d80efed"
vary
Accept
x-goog-generation
1706018374436416
content-type
image/webp
x-goog-hash
crc32c=crO2qA==, md5=4cx1xx638JuajVD8XYDv7Q==
cache-control
public, max-age=315360000
x-goog-stored-content-length
134082
accept-ranges
bytes
cf-ray
8670b098da502c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64704234-0-Paste.png
v.fastcdn.co/u/814df80e/
15 KB
15 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64704234-0-Paste.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7050ce1af3ceb595099a9dc5828b44afb9e1d826564f12c1dc1c88694acac863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
31576
cf-polished
origFmt=png, origSize=34147
x-guploader-uploadid
ABPtcPoz-XD_lSCgTLkajiTxMUieTXwPM4C2i7giJCjIEMzZCQPGqadmgwL__kmhLbZWSNeGWMfwyQ-2gA
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64704234-0-Paste.webp"
x-goog-meta-expires
Sun, 02 Feb 2025 12:57:30 GMT
content-length
15476
cf-bgj
imgq:85,h2pri
last-modified
Wed, 13 Dec 2023 20:57:30 GMT
server
cloudflare
etag
"241fd5e3bc8e8151281276ad21ccb839"
vary
Accept
x-goog-generation
1702501050105004
content-type
image/webp
x-goog-hash
crc32c=/6RAqA==, md5=JB/V47yOgVEoEnatIcy4OQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
34147
accept-ranges
bytes
cf-ray
8670b098ea5e2c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
60841371-0-USE-THIS-ONE-Firstle.png
v.fastcdn.co/u/814df80e/
53 KB
54 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/60841371-0-USE-THIS-ONE-Firstle.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8400be7d2d60d42fdac04aed87154d78843df12845c5ffb871d274ca8096006

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
539861
cf-polished
origSize=189069, status=webp_bigger
x-guploader-uploadid
ABPtcPrlRFNKa9UXw6RYxm0lnbM2GMnfKiTeK1Y9Ftzmuac8BC4-XYlSnXXuU_4stc2BwD1AsXM
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Mon, 27 Mar 2023 14:42:58 GMT
content-length
54759
cf-bgj
imgq:85,h2pri
last-modified
Thu, 03 Feb 2022 22:42:58 GMT
server
cloudflare
etag
"f5ef084f4ab7efe481bba0876393702a"
vary
Accept-Encoding
x-goog-generation
1643928178741488
content-type
image/png
x-goog-hash
crc32c=O9LQ7g==, md5=9e8IT0q37+SBu6CHY5NwKg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
189069
accept-ranges
bytes
cf-ray
8670b098ea5f2c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://page.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 06:41:12 GMT
x-content-type-options
nosniff
age
54677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 06:41:12 GMT
slick.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
2 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
541175
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-etou8220022-FRA, cache-lga21974-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bqc0pU15WD75TAXIB65OGQQXrf822Zy0ciygq9J4XQ75lcP7LYnxFrg18EaEAqVTE9x3%2FOK%2BPQ%2B9etFYBa1OfTKpxXXHApV%2BHuohFeGJWq81%2BOVVir3R2I5kOuiBmFoJ00LSceWCVUc7iW5kJfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8670b0997dd36ae7-FRA
slick-theme.css
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
3 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
527484
x-jsd-version
1.8.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230023-FRA, cache-lga21967-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lupah4f0bOlDtQ2tkcx11e8zB%2B9gRJLfLZXHjtWn9vbYjk8k8mfHldGWyP1nStGzoQuMcz3HGfLbxkWGKE0OeW%2FJAEeFf4jnQZWULnEBUFKLkW40uKprY8sHNBpUDaGM2l98duiudsjScF5M5u8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8670b0997dd16ae7-FRA
slick.min.js
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
42 KB
11 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
532349
x-jsd-version
1.8.1
content-encoding
br
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230096-FRA, cache-lga21934-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2UsG%2FMM2cq%2B6fhqvY43iKp%2FWUKswyTVN8zlBC5eCbEcGUzNGBG3ghCHYdZPyF3Ei6Nsitg8rdcw2h7yMNiv8mUqxRKKkiAAyAFMiCRx7HkHi1R530GUdM5ePibCbn9%2F%2F0Ejrunra5aZuRXrOW1Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8670b0997dd56ae7-FRA
wxyz.cs.js
rbv9j7km.firstleaf.com/assets/
49 KB
11 KB
Script
General
Full URL
https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.184.29.86 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:29 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
fbevents.js
connect.facebook.net/en_US/
216 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Mar 2024 21:52:29 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57659
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=44, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
u8GAc3DqmGxmLiInmTE9EPxLlc/Wu1IBHLGcJB8jj1Vb1Ra3jjzeLfbCVEHrggfkPR7ssQgyZs8lzHD5sjJtfQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
cs.js
aa.trkn.us/1/e/
0
166 B
Script
General
Full URL
https://aa.trkn.us/1/e/cs.js?cid=c013&evid=5713e69f-ed70-4bb9-9079-619171b397f7&suu=1&dmn=page.firstleaf.com
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
Expires
Tue, 19 Mar 2024 22:52:30 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FP55XB5VFRXR2JJV
age
8
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Bb/sLb3GNygsC2XL8RUYzNHCDmFtTSK9Wp9i9Q7fP2A7lgbVVDGHyXL9Rv1DCP3ZNWR4nJjWZUcfj/t+UuCPtg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CQ1lX3WTrWfEyXmKq3nxxyRmBpa%2BqPJaIAIwcSsMOzN38Vky%2FfLL8jh3tqP%2F%2BjqbZ2MeLbsECmr8BNwdqPavbC%2FuumJkwK79UiCOrOw15eZjrVM7jOLtbvT295S5FT%2BNdKl09g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
8670b0991f18bfaf-WAW
access-control-allow-headers
*
ppt=18168;g=landing_page;gid=41654;ord=1899786726;ip=80.255.7.105;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726;ip=80.255.7.105;cuidchk=1
42 B
780 B
Image
General
Full URL
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726;ip=80.255.7.105;cuidchk=1
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Server
23.36.162.88 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Mar 2024 21:52:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Tue, 19 Mar 2024 21:52:29 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=1899786726;ip=80.255.7.105;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
rs
tags.w55c.net/
Redirect Chain
  • https://tags.w55c.net/rs?id=71b67348696b454582c45b8a45b1a724&t=homepage
  • https://tags.w55c.net/rs?sccid=05c76cea-50bc-f7ae-ecee-14405564078a&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
42 B
752 B
Image
General
Full URL
https://tags.w55c.net/rs?sccid=05c76cea-50bc-f7ae-ecee-14405564078a&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Server
35.158.172.152 -, , ASN (),
Reverse DNS
Software
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e43c5f7c900ed44a@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Mar 2024 21:52:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e43c5f7c900ed44a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Mar 2024 21:52:29 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
Retargeting/v2.0.30-801-g0076fb7#rel-ec2-master i-0e43c5f7c900ed44a@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Allow-Origin
*
Location
https://tags.w55c.net/rs?sccid=05c76cea-50bc-f7ae-ecee-14405564078a&scc=1&id=71b67348696b454582c45b8a45b1a724&t=homepage
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type,X-Forwarded-Proto
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
page.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/ Frame 6DBD
Redirect Chain
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://page.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
8 KB
4 KB
Script
General
Full URL
https://page.firstleaf.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef90ec655829ce945c35d57ff2acbfd10f64d9a636ead2263f19bced0db85c9c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8670b0997838997b-FRA

Redirect headers

date
Tue, 19 Mar 2024 21:52:29 GMT
strict-transport-security
max-age=2592000
server
cloudflare
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/956dacbeead0/main.js
cache-control
max-age=300, public
cf-ray
8670b0992fb5997b-FRA
content-length
0
64758108-0-pdpimgs1.jpg
v.fastcdn.co/u/814df80e/
114 KB
114 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64758108-0-pdpimgs1.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86ca5296fb1619d4072e92a56ef5765497b87cf919f91b34dfc7ea349856f46b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
442391
cf-polished
origSize=122638, status=webp_bigger
x-guploader-uploadid
ABPtcPpRtHgyP2Bj8p3tIrz_QcPyzIcMl6Kuy1PeWHE34XQE6Cn6XHDXtfn1SZFj9SOhpiQjGG1MhmLbXg
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-meta-expires
Sat, 15 Mar 2025 07:29:52 GMT
content-length
116681
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Jan 2024 15:29:52 GMT
server
cloudflare
etag
"0e0d747e1b83ad5ba62225f8057a1bb2"
vary
Accept-Encoding
x-goog-generation
1706023792163248
content-type
image/jpeg
x-goog-hash
crc32c=OmdSrg==, md5=Dg10fhuDrVumIiX4BXobsg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
122638
accept-ranges
bytes
cf-ray
8670b0993aa62c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64758098-0-pdpimgs6.jpg
v.fastcdn.co/u/814df80e/
13 KB
13 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64758098-0-pdpimgs6.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f3abddd035af903fbbf5e305d6ad5653c3cbf77999c1ed384b49756a54de60d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
442392
cf-polished
qual=85, origFmt=jpeg, origSize=43313
x-guploader-uploadid
ABPtcPptj6HBRe7WUVoLQKlo5dvxLnyCc79-iGE_XDhymianh3EF6UglA1pmJOyo5LbDL3-3KVGNuzjlpQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64758098-0-pdpimgs6.webp"
x-goog-meta-expires
Sat, 15 Mar 2025 07:26:49 GMT
content-length
13162
cf-bgj
imgq:85,h2pri
last-modified
Tue, 23 Jan 2024 15:26:49 GMT
server
cloudflare
etag
"6dea681bae656728d8d800e2c5e86645"
vary
Accept
x-goog-generation
1706023609650893
content-type
image/webp
x-goog-hash
crc32c=990sWg==, md5=bepoG65lZyjY2ADixehmRQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
43313
accept-ranges
bytes
cf-ray
8670b0993aa92c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64733725-0-Slider4.jpg
v.fastcdn.co/u/814df80e/
67 KB
68 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64733725-0-Slider4.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea60f766281949bc2177c91021568b584ff6058d917f8c3bb4a61ae1b13216d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
464055
cf-polished
qual=85, origFmt=jpeg, origSize=118013
x-guploader-uploadid
ABPtcPqC0X1fkjXbk69KzRc7S9jzwLQX07OjF5sS-o73T2njDcmABYG5oax9zPKCXSrCR8BkdFF3cvc2pg
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64733725-0-Slider4.webp"
x-goog-meta-expires
Fri, 28 Feb 2025 09:41:25 GMT
content-length
68974
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Jan 2024 17:41:25 GMT
server
cloudflare
etag
"25f94cf9d9a2b080548dec5a3ff5cf83"
vary
Accept
x-goog-generation
1704735685372383
content-type
image/webp
x-goog-hash
crc32c=8yso2g==, md5=JflM+dmisIBUjexaP/XPgw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
118013
accept-ranges
bytes
cf-ray
8670b0996ad02c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
64531533-0-Exclusive-member-per.png
v.fastcdn.co/u/814df80e/
2 MB
2 MB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64531533-0-Exclusive-member-per.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
781c3947a11e341be26deaf6932720272733e184602d02fcb3b6dfb658f9d951

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
464049
cf-polished
origFmt=png, origSize=3363016
x-guploader-uploadid
ABPtcPqgmt86icyaRB_fLJMeBfGw4L3GQhn6TxBKfDi07aug4jptZRnouTR-C5eIsSY6Etr4w2xO1j3G0w
x-goog-meta-content-length
3363016
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64531533-0-Exclusive-member-per.webp"
x-goog-meta-expires
Fri, 01 Nov 2024 13:48:08 GMT
content-length
2128574
cf-bgj
imgq:85,h2pri
last-modified
Mon, 11 Sep 2023 21:48:08 GMT
server
cloudflare
etag
"6b925fb0380c0ce2a30eb881000366f3"
vary
Accept
x-goog-generation
1694468888715982
content-type
image/webp
x-goog-hash
crc32c=dQy2nQ==, md5=a5JfsDgMDOKjDriBAANm8w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
3363016
accept-ranges
bytes
cf-ray
8670b0996ad32c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
63866125-0-HQ-LP-Image-05.jpg
v.fastcdn.co/u/814df80e/
291 KB
292 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/63866125-0-HQ-LP-Image-05.jpg
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91aa9a6c203eab189b868e22be75095642a4a3bc6313cf170b6462e96a4fa069

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
cf-cache-status
HIT
age
442389
cf-polished
qual=85, origFmt=jpeg, origSize=2048470
x-guploader-uploadid
ABPtcPoCuHcuM7xj9epss-vG9EH4_ggDg9_eKIragxUjM9KOeybyiFOIqd_lkYf3O-pxw9JOXhEm2LK8sQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="63866125-0-HQ-LP-Image-05.webp"
x-goog-meta-expires
Mon, 20 May 2024 08:01:20 GMT
content-length
298378
cf-bgj
imgq:85,h2pri
last-modified
Thu, 30 Mar 2023 16:01:20 GMT
server
cloudflare
etag
"0053239522011b6b1b5c98169bab3457"
vary
Accept
x-goog-generation
1680192080772125
content-type
image/webp
x-goog-hash
crc32c=HXn0iw==, md5=AFMjlSIBG2sbXJgWm6s0Vw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
2048470
accept-ranges
bytes
cf-ray
8670b0996ad52c33-FRA
expires
Fri, 17 Mar 2034 21:52:29 GMT
ping.min.js
cdn.pdst.fm/
26 KB
6 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:32:31 GMT
content-encoding
gzip
age
1198
x-guploader-uploadid
ABPtcPqJeB9Y9dlOA5uHwsDMattPSQ-27gZcvjZkal3VLRd-rg8y26cqFeypBAdA8iAoD8yzK42u7NBb4Q
x-goog-storage-class
STANDARD
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Tue, 19 Mar 2024 22:32:31 GMT
sp-at-v2-14-0.js
images.firstleaf.com/js/
98 KB
30 KB
Script
General
Full URL
https://images.firstleaf.com/js/sp-at-v2-14-0.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2df6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
gzip
via
1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront)
cf-cache-status
HIT
last-modified
Mon, 27 Jul 2020 04:28:00 GMT
server
cloudflare
x-amz-cf-pop
FRA60-P9
age
6230
etag
W/"8dba669b94e3865c9205ef8fd15ee4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8670b09a5fe72bc5-FRA
x-amz-cf-id
hWFePFIdsPhQnKwaKmWC8BpVqKap8ff6kh-FoSA1WJifFSJS7FiOBw==
fs.js
edge.fullstory.com/s/
252 KB
70 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin
https://page.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:23:38 GMT
content-encoding
br
age
1731
x-guploader-uploadid
ABPtcPpM2QIe-BaT6HJDmyrNFXHyhMQHA2IIUoNFiFJ_M5CCchOnyF8qgkt8MdSP6PyhKFiPrcMdcpjKtQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70641
last-modified
Tue, 19 Mar 2024 13:20:22 GMT
server
UploadServer
etag
"55abb77d6ef5f32c187228af79a39e07"
vary
Accept-Encoding
x-goog-generation
1710854422256649
x-goog-hash
crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70641
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 19 Mar 2024 22:23:38 GMT
ppt=18168;g=landing_page;gid=41654;ord=760039667;ip=80.255.7.105;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667;ip=80.255.7.105;cuidchk=1
42 B
780 B
Image
General
Full URL
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667;ip=80.255.7.105;cuidchk=1
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Server
23.36.162.88 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Mar 2024 21:52:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 9 Nov 1980 12:59:00 GMT
Server
Apache
Content-Type
image/gif
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/html; charset=UTF-8
Location
/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=760039667;ip=80.255.7.105;cuidchk=1
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Server
2600:9000:20a0:a600:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f6c3989d504a12a9285e6e4b222fee4cab7395b935400bcdb081c980b96efa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:32:44 GMT
content-encoding
gzip
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
3169
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1194
last-modified
Mon, 11 Mar 2024 16:39:55 GMT
server
AmazonS3
etag
"2b4806a2551e9a5e4664e22bb953b956"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
Fl1esHlr3GvZdzWTYsNnG56M4-J_ZOZ8UBqn7La8XLZi7wTVl7OBtg==
x-amz-meta-mtime
1710175193.21

Redirect headers

date
Tue, 19 Mar 2024 21:52:29 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
cs.js
aa.trkn.us/1/e/
0
166 B
Script
General
Full URL
https://aa.trkn.us/1/e/cs.js?cid=c013&evid=453ce436-b5af-4f5e-b769-47430c74a6b2&suu=1&dmn=page.firstleaf.com
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.198.214.73 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
Expires
Tue, 19 Mar 2024 22:52:30 GMT
btp.js
www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/
5 KB
2 KB
Script
General
Full URL
https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.225.220.126 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 19 Mar 2024 21:52:29 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 18:43:00 GMT
server
Microsoft-IIS/10.0
etag
"092bb8ef317da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1649
4f1bd082-d454-42cb-bafd-026640e9800e
tag.simpli.fi/sifitag/
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F75I-rSm4SywkhKONl_C
expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
www.mczbf.com/tags/11334/
44 KB
14 KB
Script
General
Full URL
https://www.mczbf.com/tags/11334/tag.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
04675cda5bafe0dc7792e42ea3a68bc03717c9dd646e2e2a342504166537b0a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Content-Encoding
gzip
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=1800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
9aPX6P3KxR89mWX7JsLBLQ-MxQgkA2vSr1ywILKvb98zzLX4bd6eXA==
X-Request-ID
fbb7c373-e63a-11ee-b36b-f57fb487d13d
b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
ekr.zdassets.com/compose/
1 KB
959 B
Fetch
General
Full URL
https://ekr.zdassets.com/compose/b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aabbeaf715e0272ef26df2d4aa2bbae20fe54daa69c3b020be686d086e92c533
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
866cd3e0793c5a0a-SEA, 866cd3e0793c5a0a-SEA
x-runtime
0.003963
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aabbeaf715e0272ef26df2d4aa2bbae2"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xRNdsbhBuvi80e6u0nHKEAoS4zngkv%2BqUO25DtnFrLoqrgzyHgDt8syqAk4IjnWi41z8OOM6JL31o2mmhyim4NQbAS3kFqu5eKkxojoL5tdbVZRiNNa35k8s0yYxa7qTPw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
8670b0997aa870be-WAW
collect
region1.analytics.google.com/g/
0
256 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-3TS4P88RE5&gtm=45je43d0v887522027z871863389za200&_p=1710885148385&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1392323672.1710885150&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710885149&sct=1&seg=0&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&dr=https%3A%2F%2Fochsner.perkspot.com%2F&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2361
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://page.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
47 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3TS4P88RE5&cid=1392323672.1710885150&gtm=45je43d0v887522027z871863389za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://page.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3TS4P88RE5&cid=1392323672.1710885150&gtm=45je43d0v887522027z871863389za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1111644696
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
4 B
149 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1514535294&t=pageview&_s=1&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&dr=https%3A%2F%2Fochsner.perkspot.com%2F&ul=en-us&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=640702646&gjid=661922998&cid=1392323672.1710885150&tid=UA-68049103-4&_gid=620952560.1710885150&_r=1&_slc=1&gtm=45He43d0n71TKCVNWv71863389za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=2125886389
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 21:52:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://page.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
193 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1514535294&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&dr=https%3A%2F%2Fochsner.perkspot.com%2F&ul=en-us&de=UTF-8&dt=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page&ea=Template1-quality&el=%2Ffirstleafpartners&_u=YCDACEABBAAAACAAI~&jid=&gjid=&cid=1392323672.1710885150&tid=UA-68049103-4&_gid=620952560.1710885150&gtm=45He43d0n71TKCVNWv71863389za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=642564127
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Mar 2024 19:47:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7470
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
8670b090cfce997b
page.firstleaf.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6DBD
0
321 B
XHR
General
Full URL
https://page.firstleaf.com/cdn-cgi/challenge-platform/h/g/jsd/r/8670b090cfce997b
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:95d5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
strict-transport-security
max-age=2592000
content-encoding
gzip
server
cloudflare
cf-ray
8670b09b3a16997b-FRA
content-type
text/plain; charset=UTF-8
collect
stats.g.doubleclick.net/j/
1 B
348 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-68049103-4&cid=1392323672.1710885150&jid=640702646&gjid=661922998&_gid=620952560.1710885150&npa=1&_u=YCDACEAABAAAACAAI~&z=1373977505
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1d::9a -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 19 Mar 2024 21:52:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://page.firstleaf.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajax-loader.gif
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/
4 KB
4 KB
Image
General
Full URL
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
527478
x-jsd-version
1.8.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4178
x-served-by
cache-fra-etou8220104-FRA, cache-lga21936-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dKQpBy%2B8YDp0LsscCiOMn6Jk5K3p4lTHntm3olbMKxEIqKuXnbh4R1GPVRyMBjCzWO8RT3ULEfXPezTHJNlcFj7Ji0YHpUUlyVT%2FdMm%2FNG%2BZC35ks%2F5Gn4BRZObBzLSGLcJTwoVsUqDCtdm21xo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8670b09bb8006ae7-FRA
1706636044-64770417-150x150-arrow-prev.png
v.fastcdn.co/t/thumbnail/20240130/
314 B
707 B
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240130/1706636044-64770417-150x150-arrow-prev.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
046a17d8ea200b4630362aab3ccc8927b1afe2c283e2205c0ab49609d61eecda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
365790
cf-polished
origFmt=png, origSize=813
x-guploader-uploadid
ABPtcPrXdJ_hSBk1XdaP0egJGF3F4sgscgs8RkAEz5tE2YS30-XIfCjzZq5WjcJYkPA_zH9-uhs
x-goog-meta-content-length
813
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1706636044-64770417-150x150-arrow-prev.webp"
x-goog-meta-expires
Sat, 22 Mar 2025 09:34:04 GMT
content-length
314
cf-bgj
imgq:85,h2pri
last-modified
Tue, 30 Jan 2024 17:34:05 GMT
server
cloudflare
etag
"0f67646f60c0a45d5327a4ef9740edeb"
vary
Accept
x-goog-generation
1706636045357660
content-type
image/webp
x-goog-hash
crc32c=nVzOpQ==, md5=D2dkb2DApF1TJ6Tvl0Dt6w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
813
accept-ranges
bytes
cf-ray
8670b09bcce02c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1706636042-64770416-150x150-arrow-next.png
v.fastcdn.co/t/thumbnail/20240130/
314 B
798 B
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240130/1706636042-64770416-150x150-arrow-next.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915cbb7f07c967c0ba968097886ee2b4dd64e6cc216b43a11d06401dddf8faeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://page.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=748
x-guploader-uploadid
ABPtcPpgXwSi6K0h08mw4YeB8ggMF5ZP_Vk4bM7nRGC1hECoe7BDX-ENWVq3aVuDvQZjSkQmZRUXyfi7Qw
x-goog-meta-content-length
748
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1706636042-64770416-150x150-arrow-next.webp"
x-goog-meta-expires
Sat, 22 Mar 2025 09:34:02 GMT
content-length
314
cf-bgj
imgq:85,h2pri
last-modified
Tue, 30 Jan 2024 17:34:02 GMT
server
cloudflare
etag
"8237953195d87d17d23cf3996bd254de"
vary
Accept
x-goog-generation
1706636042939540
content-type
image/webp
x-goog-hash
crc32c=x3ggkw==, md5=gjeVMZXYfRfSPPOZa9JU3g==
cache-control
public, max-age=315360000
x-goog-stored-content-length
748
accept-ranges
bytes
cf-ray
8670b09bcce22c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143370-64780733-150x150-France.png
v.fastcdn.co/t/thumbnail/20240205/
2 KB
2 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143370-64780733-150x150-France.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
844ba7cf297ced245b9a3240cab82df42038cbf35d7936cf430790854a019f7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
13698
cf-polished
origFmt=png, origSize=3485
x-guploader-uploadid
ABPtcPrLGbmjH3UHWK6KqH68YOfFymshZcqYYTXqCgr4BG37JV4-7CjcvQxT4qpKj03jrO2Gng
x-goog-meta-content-length
3485
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143370-64780733-150x150-France.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:31 GMT
content-length
1914
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:29:31 GMT
server
cloudflare
etag
"9c9becadaac0a4bcd08e21772ddffba2"
vary
Accept
x-goog-generation
1707143371351963
content-type
image/webp
x-goog-hash
crc32c=08dAcQ==, md5=nJvsrarApLzQjiF3Ld/7og==
cache-control
public, max-age=315360000
x-goog-stored-content-length
3485
accept-ranges
bytes
cf-ray
8670b09becf12c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143409-64780737-150x150-Silver.png
v.fastcdn.co/t/thumbnail/20240205/
10 KB
10 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143409-64780737-150x150-Silver.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54caf1fa6a1edc50ba279842ba65958d3dfc27ccdd12aa87c20ee5521cc3c0b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=15899
x-guploader-uploadid
ABPtcPryt0q8bSTJXScIIbZaTsz0Iq-SQnXBFpswPxSUN2wfb_HPYaq16Jc2OaJ5DR7TX3yCcXcKi5Ofyg
x-goog-meta-content-length
15899
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143409-64780737-150x150-Silver.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:09 GMT
content-length
10078
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:10 GMT
server
cloudflare
etag
"2784d080b6c21bd467085ce03fab9479"
vary
Accept
x-goog-generation
1707143409971942
content-type
image/webp
x-goog-hash
crc32c=gbtA4Q==, md5=J4TQgLbCG9RnCFzgP6uUeQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
15899
accept-ranges
bytes
cf-ray
8670b09becf22c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780745-0-St.-Audette.png
v.fastcdn.co/u/814df80e/
202 KB
203 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780745-0-St.-Audette.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad79fe59f1583a5788084bea3eac291649744d146441c558657af89a199ef935

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=316356
x-guploader-uploadid
ABPtcPqdB8Irbs_pjfNkiOWf_t5DKLuV9nmUXdcNb9pAGSu7F98aZ-nO4bXXOcfe6WUDP7WwIxaEwe6gGA
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780745-0-St.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:41 GMT
content-length
207230
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:41 GMT
server
cloudflare
etag
"739b9bf1ba7d5765077b9e8350765cd8"
vary
Accept
x-goog-generation
1707143441645687
content-type
image/webp
x-goog-hash
crc32c=SY/wCw==, md5=c5ub8bp9V2UHe56DUHZc2A==
cache-control
public, max-age=315360000
x-goog-stored-content-length
316356
accept-ranges
bytes
cf-ray
8670b09becf32c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64781322-0-Like.png
v.fastcdn.co/u/814df80e/
1 KB
1 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64781322-0-Like.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460535d21cb0765795ffa52442ac0e6e1d5051bc31407f5e77dac1afa077edcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
8871
cf-polished
origFmt=png, origSize=2643
x-guploader-uploadid
ABPtcPoCkLdVScA67pmWYC_E6uvyOF7irejvYYfBjF2wot9vt_AoNBywGfHzMMpC9ct9EaA3bjPigOTGmQ
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64781322-0-Like.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 10:36:17 GMT
content-length
1078
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 18:36:18 GMT
server
cloudflare
etag
"c65532c2501e9675dd778c0600c7a636"
vary
Accept
x-goog-generation
1707158178033044
content-type
image/webp
x-goog-hash
crc32c=wvjrCg==, md5=xlUywlAelnXdd4wGAMemNg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
2643
accept-ranges
bytes
cf-ray
8670b09becf42c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143372-64780734-150x150-Chile.png
v.fastcdn.co/t/thumbnail/20240205/
2 KB
3 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143372-64780734-150x150-Chile.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4efcdc6c80c020c85311ffd5ff5bd87183932775ac92802bac0b223ee4e8b156

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
464055
cf-polished
origFmt=png, origSize=4069
x-guploader-uploadid
ABPtcPr5TKUWZWFjzkERGWBrbtZ38pJzOBW9lsAGNvIcjkEpaERajPjbLDbbNQctkEsp3XglGYA
x-goog-meta-content-length
4069
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143372-64780734-150x150-Chile.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:33 GMT
content-length
2256
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:29:33 GMT
server
cloudflare
etag
"0661ced91a0804fa25b622d9dffcc11b"
vary
Accept
x-goog-generation
1707143373181907
content-type
image/webp
x-goog-hash
crc32c=qA45TA==, md5=BmHO2RoIBPoltiLZ3/zBGw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
4069
accept-ranges
bytes
cf-ray
8670b09becf52c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143411-64780738-150x150-Gold.png
v.fastcdn.co/t/thumbnail/20240205/
10 KB
11 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143411-64780738-150x150-Gold.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8486a3f9ae75406b6ca3afd7774fc851165a682a248dd28c275de379224135a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=15143
x-guploader-uploadid
ABPtcPrYxoI8e4Tv7TOzjqGtc3N-LChzAYmKfLfRXfysSWGnm_ks-6TFzEyOL1bDhGlsRQNrg4WQc0EX-g
x-goog-meta-content-length
15143
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143411-64780738-150x150-Gold.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:11 GMT
content-length
10450
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:11 GMT
server
cloudflare
etag
"7c8927ac3faba604da2b03b87f6092e5"
vary
Accept
x-goog-generation
1707143411784579
content-type
image/webp
x-goog-hash
crc32c=tEK44Q==, md5=fIknrD+rpgTaKwO4f2CS5Q==
cache-control
public, max-age=315360000
x-goog-stored-content-length
15143
accept-ranges
bytes
cf-ray
8670b09becf62c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780748-0-25-Degrees.png
v.fastcdn.co/u/814df80e/
194 KB
195 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780748-0-25-Degrees.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59dcd2d919153d915a5a2c47d1294158186372dfc4901cccff7ce02834aeb73d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=301965
x-guploader-uploadid
ABPtcPqwBlkB2CzuN10uN-6bCOJjDAkvqb1xnWE_kphrcl5ElT3T5BjqqPKUbLV316CZxPi532ndOCEG4g
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780748-0-25-Degrees.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:51 GMT
content-length
198736
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:51 GMT
server
cloudflare
etag
"539870a694388b5372c041d180a4b2f7"
vary
Accept
x-goog-generation
1707143451122651
content-type
image/webp
x-goog-hash
crc32c=S8SjFA==, md5=U5hwppQ4i1NywEHRgKSy9w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
301965
accept-ranges
bytes
cf-ray
8670b09becf72c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143367-64780729-150x150-USA.png
v.fastcdn.co/t/thumbnail/20240205/
4 KB
4 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143367-64780729-150x150-USA.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a12b438b92f44bc2016f691548ce0632e07415b802954f7671222ef17253ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=6420
x-guploader-uploadid
ABPtcPqyu8kBbvVd6x0dJoBfvA1letv8xbuRcJM9uY-wuvK2t7ptpHLm8jLxJdY_oh8gZNj_2-0ix6bpNw
x-goog-meta-content-length
6420
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143367-64780729-150x150-USA.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:27 GMT
content-length
3658
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:29:28 GMT
server
cloudflare
etag
"818b727467a29f4a96a75abfc847eab3"
vary
Accept
x-goog-generation
1707143368007390
content-type
image/webp
x-goog-hash
crc32c=hh19iQ==, md5=gYtydGein0qWp1q/yEfqsw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
6420
accept-ranges
bytes
cf-ray
8670b09becf82c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143412-64780740-150x150-Double-Gold.png
v.fastcdn.co/t/thumbnail/20240205/
11 KB
11 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143412-64780740-150x150-Double-Gold.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4531531e27fd238f5f1df78d134fdc1268995007411caf68867a72d72aaeb919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=16091
x-guploader-uploadid
ABPtcPofrGxPFDT8pAj-066WZqbfV4NqKZ4V9T2DzSRaEODJTq-mwUtZTgxnx8YM0OZi1S6uIIKN9ikbGg
x-goog-meta-content-length
16091
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143412-64780740-150x150-Double-Gold.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:13 GMT
content-length
11198
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:13 GMT
server
cloudflare
etag
"53a2868f5c8731ae24c7cbcf64490d65"
vary
Accept
x-goog-generation
1707143413460624
content-type
image/webp
x-goog-hash
crc32c=c0ZIlw==, md5=U6KGj1yHMa4kx8vPZEkNZQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
16091
accept-ranges
bytes
cf-ray
8670b09c0d192c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780747-0-Thisle--Quail.png
v.fastcdn.co/u/814df80e/
226 KB
227 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780747-0-Thisle--Quail.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
673f9d011800204dd6d79b0607fcc635e3be028bcc76308625a65cf678bf1cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=346925
x-guploader-uploadid
ABPtcPpPLGlDk5DB3rqEqcOrtlik1QiCLVEogZJbAq8lUJK8XPSrDAYnkeHi9Yuw1shkWWulJfJgya5rdw
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780747-0-Thisle--Quail.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:47 GMT
content-length
231494
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:47 GMT
server
cloudflare
etag
"77642d56074ef4a259492bdd39543bdb"
vary
Accept
x-goog-generation
1707143447761744
content-type
image/webp
x-goog-hash
crc32c=E/F8+Q==, md5=d2QtVgdO9KJZSSvdOVQ72w==
cache-control
public, max-age=315360000
x-goog-stored-content-length
346925
accept-ranges
bytes
cf-ray
8670b09c0d1b2c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780744-0-Whale-Light.png
v.fastcdn.co/u/814df80e/
234 KB
234 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780744-0-Whale-Light.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
628834657c267940312e1a8ffa1443276b646ed8cd8509f7f8c6ab284e832bd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
13698
cf-polished
origFmt=png, origSize=371059
x-guploader-uploadid
ABPtcPp9mSDdVfzhQj_j0zLHLXqnXVORA8YxyxkIIwufqJZZzWTnJR1baiiFhZnU7kn2nWDmnGLbb0dAow
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780744-0-Whale-Light.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:39 GMT
content-length
239154
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:39 GMT
server
cloudflare
etag
"d92d21ad653d0bc200a86a0fe6cf1036"
vary
Accept
x-goog-generation
1707143439299735
content-type
image/webp
x-goog-hash
crc32c=GEB6RQ==, md5=2S0hrWU9C8IAqGoP5s8QNg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
371059
accept-ranges
bytes
cf-ray
8670b09c0d1d2c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780746-0-Castillo-Quebrado.png
v.fastcdn.co/u/814df80e/
264 KB
264 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780746-0-Castillo-Quebrado.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e56a4985055d1f66fb79ea590062f13b7732587f4a33067ea3ee9d2330e043b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=405580
x-guploader-uploadid
ABPtcPrc0A3FARQDNU3v_HsXgvMXkHW4j88kHKZo1NTiMd91QpiGRKC-_8vwulHFIPEtI8f18cLCc_lAxg
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780746-0-Castillo-Quebrado.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:44 GMT
content-length
269942
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:44 GMT
server
cloudflare
etag
"b49f1ab7b61b40ef7b8d1d6a290d0e22"
vary
Accept
x-goog-generation
1707143444947362
content-type
image/webp
x-goog-hash
crc32c=/EypCA==, md5=tJ8at7YbQO97jR1qKQ0OIg==
cache-control
public, max-age=315360000
x-goog-stored-content-length
405580
accept-ranges
bytes
cf-ray
8670b09c0d1e2c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
1707143369-64780731-150x150-South-Africa.png
v.fastcdn.co/t/thumbnail/20240205/
4 KB
4 KB
Image
General
Full URL
https://v.fastcdn.co/t/thumbnail/20240205/1707143369-64780731-150x150-South-Africa.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d10dad0283c64a3ce558080e000850d6635c96244e1140770ea285296f88af1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=6148
x-guploader-uploadid
ABPtcPrCSxef05yrlj3WO2AoDRv-7p1-X2j2GYumRBib3qkRzn4_722TXqaAg2JryqV6WVki3gSjO-qykg
x-goog-meta-content-length
6148
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="1707143369-64780731-150x150-South-Africa.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:29:29 GMT
content-length
3690
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:29:29 GMT
server
cloudflare
etag
"b37e92b78db075a98b6ffe732faa7c5f"
vary
Accept
x-goog-generation
1707143369856055
content-type
image/webp
x-goog-hash
crc32c=htGdnQ==, md5=s36St42wdamLb/5zL6p8Xw==
cache-control
public, max-age=315360000
x-goog-stored-content-length
6148
accept-ranges
bytes
cf-ray
8670b09c0d1f2c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
64780743-0-Wisdom-Point.png
v.fastcdn.co/u/814df80e/
216 KB
217 KB
Image
General
Full URL
https://v.fastcdn.co/u/814df80e/64780743-0-Wisdom-Point.png
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36448550261e964217811600224a54578479bb9f0c417ac213a84b597ff178e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
age
31577
cf-polished
origFmt=png, origSize=340628
x-guploader-uploadid
ABPtcPoKXL-xfTt6MvanwkkfALb9nTBekvYiOGC5qv33xNUrr6XqfZLWbDxF3oSbB-nmiKQNbD91wLxjkw
x-goog-meta-content-length
0
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="64780743-0-Wisdom-Point.webp"
x-goog-meta-expires
Fri, 28 Mar 2025 06:30:36 GMT
content-length
221124
cf-bgj
imgq:85,h2pri
last-modified
Mon, 05 Feb 2024 14:30:36 GMT
server
cloudflare
etag
"0bf186c4251d9ba8f73b1189c9ac9f35"
vary
Accept
x-goog-generation
1707143436213411
content-type
image/webp
x-goog-hash
crc32c=1TeQcQ==, md5=C/GGxCUdm6j3OxGJyayfNQ==
cache-control
public, max-age=315360000
x-goog-stored-content-length
340628
accept-ranges
bytes
cf-ray
8670b09c0d202c33-FRA
expires
Fri, 17 Mar 2034 21:52:30 GMT
5565374.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/5565374.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 19 Mar 2024 21:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6001696BBAB049548B804B655EC4C148 Ref B: FRA31EDGE0208 Ref C: 2024-03-19T21:52:30Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
285 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=bd2613f0-9c10-4ec0-a28f-7dc2eab194a1&sid=fbb4c430e63a11eea4d86b6c46e0d971&vid=fbb4b9b0e63a11eeb5debf66f60ce69e&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf&kw=wine,%20wine%20club&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&r=https%3A%2F%2Fochsner.perkspot.com%2F&lt=2213&evt=pageLoad&sv=1&rn=685006
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 21:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 71854A80E790469F8920B21AA5C5671C Ref B: FRA31EDGE0208 Ref C: 2024-03-19T21:52:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
228 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=bd2613f0-9c10-4ec0-a28f-7dc2eab194a1&sid=fbb4c430e63a11eea4d86b6c46e0d971&vid=fbb4b9b0e63a11eeb5debf66f60ce69e&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=gtm.js&en=Y&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&sw=1600&sh=1200&sc=24&evt=custom&rn=736083
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 21:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 088DA300F1E84A07AFAA09AF270359DB Ref B: FRA31EDGE0208 Ref C: 2024-03-19T21:52:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/
0
231 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=bd2613f0-9c10-4ec0-a28f-7dc2eab194a1&sid=fbb4c430e63a11eea4d86b6c46e0d971&vid=fbb4b9b0e63a11eeb5debf66f60ce69e&vids=0&msclkid=N&el=%2Ffirstleafpartners&ec=Page&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=Template1-quality&en=Y&p=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&sw=1600&sh=1200&sc=24&evt=custom&rn=57669
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 19 Mar 2024 21:52:29 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 19DAF69429BF4F61844C1B2F9B9EC859 Ref B: FRA31EDGE0208 Ref C: 2024-03-19T21:52:30Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pipeline
ct.firstleaf.com/prh/
0
0

web
edge.fullstory.com/s/settings/134SPF/v1/
8 KB
2 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/134SPF/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
91f0d207c787b479006286925fb6f64454eecd31f7ccef7400669d524e5edf31

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPphQxlULJXAJWR21lWp9cdHG87nVyn-pwNVyxaYRkNHW9NBGu5zrLJmZCEsX6db8aZriRg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2157
last-modified
Tue, 19 Mar 2024 21:50:47 GMT
server
UploadServer
etag
"8ba6b074016dd81fb22fd84f6792bdb7"
x-goog-generation
1710885047221923
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=YrCeEA==, md5=i6awdAFt2B+yL9hPZ5K9tw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
2157
accept-ranges
bytes
expires
Tue, 19 Mar 2024 22:07:30 GMT
1669030446688031
connect.facebook.net/signals/config/
304 KB
94 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1669030446688031?v=2.9.150&r=stable&domain=page.firstleaf.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ec1c02424d9fbf90c5331351932631f5f141e6468994c5d2b7edc626a17cd4e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 19 Mar 2024 21:52:30 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=64, mss=1294, tbw=62784, tp=-1, tpl=-1, uplat=531, ullat=0
pragma
public
x-fb-debug
cTqrzzNEQElRfmqRL2lDi+L+1U9xKp3dXTfcW7oVqlzZaVeKpLH3WUEBHIaz6M38qEEXUI7KPXc90MK9VJq6rA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/
2 B
122 B
Fetch
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
7f0522edf377d7ef2b6dc248e115634c
cache-control
private
function-execution-id
leuh7jk5ac05
access-control-allow-headers
Content-Type, Accept
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
integrations
rbv9j7km.firstleaf.com/
48 B
252 B
Script
General
Full URL
https://rbv9j7km.firstleaf.com/integrations?source=firstleaf
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.184.29.86 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
jpuid
rbv9j7km.firstleaf.club/
67 B
409 B
Script
General
Full URL
https://rbv9j7km.firstleaf.club/jpuid?jsonp=RB.jsonPUID
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.184.29.70 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
146ae2893bbc97194b6f31f6d5ad5524f5394b637979cb7eae08059ace02d3e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
lightbox_speed.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
3 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1710885150166
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
900b55fbbd821b9e1035ad7412b836fbf2d94e33ee708c48ee5a355a6dd67cdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
br
cf-cache-status
REVALIDATED
content-md5
sLem2fisByMflbf8jARpIA==
cf-polished
origSize=4971
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Tue, 12 Mar 2024 20:34:52 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
982b7ba2-401e-002c-755e-759a0d000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
8670b09d593b1c1e-FRA
expires
Tue, 19 Mar 2024 21:53:30 GMT
seteventid.png
www.mczbf.com/tags/images/fa6d083ee63a11ee802202250a18ba72/11334/0764e0e3-d3ec-4881-96db-327a2103f804/
68 B
994 B
Image
General
Full URL
https://www.mczbf.com/tags/images/fa6d083ee63a11ee802202250a18ba72/11334/0764e0e3-d3ec-4881-96db-327a2103f804/seteventid.png?hasConsent=true&cjConsent=MXxZfDB8WXww
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
ca8ClHy7V5YFTW2xDOWXxGAPspUO6BM0JEukWyN5euuYzeJL1sm0SQ==
X-Request-ID
fbcb243f-e63a-11ee-8ffe-a3e6f03428b4
pageInfo
www.mczbf.com/11334/
68 B
713 B
Fetch
General
Full URL
https://www.mczbf.com/11334/pageInfo
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:6000:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept
*/*
Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
FRA2-C1
X-Cache
Miss from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
ovMbfj_Tk-NRnRsObFRUVFaVX7_dpix7WJoCZAJo8uRUdBloyrhcdQ==
X-Request-ID
fbda1897-e63a-11ee-bdc0-2320bb8efe9a
pipeline
ct.firstleaf.com/prh/ Frame
0
0
Preflight
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://page.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://page.firstleaf.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
8670b09dbac271d3-FRA
content-length
0
date
Tue, 19 Mar 2024 21:52:30 GMT
server
cloudflare
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://page.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Tue, 19 Mar 2024 21:52:30 GMT
function-execution-id
6jf050av9rn6
server
Google Frontend
x-cloud-trace-context
6cb42d515557a69c54d83eb3cd3b4c56
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/
11 KB
4 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 16:40:56 GMT
content-encoding
gzip
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
709895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3876
last-modified
Mon, 11 Mar 2024 16:39:55 GMT
server
AmazonS3
etag
"d6e441e5a97ac904452da5a651603f36"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
PNwkHqciYoJF6b_azPxc26lVQufHpXheaW31mHBJPiIB8ftIUR1wbw==
x-amz-meta-mtime
1710175193.18
page
rs.fullstory.com/rec/
8 KB
2 KB
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ceede191600c33e2bd32f084b4bf7756c3c1f64776363f4a075588672a48f3a

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://page.firstleaf.com
date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json; charset=utf-8
widget.js
d2mjzob2nc713b.cloudfront.net/widget/
194 KB
49 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=02d734f
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a0:a600:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd01645a01dac1a8e3b85ce4d300c6b789d5cb2ba60cd5629a5260cd92775274

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 16:40:56 GMT
content-encoding
gzip
via
1.1 58b391c0bc32913049841b1b8cd9053a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P2
age
709895
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50140
last-modified
Mon, 11 Mar 2024 16:39:55 GMT
server
AmazonS3
etag
"3d9836b3cc1d813c152686340bd6a9a4"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
r8UpYNttCo-GbT7IGY7qcomoaFl3YaMGfZWoAG2rUrR6iScL1el2bA==
x-amz-meta-mtime
1710175191.51
loader.min.js
files1.cybba.solutions/2856/
86 KB
27 KB
Script
General
Full URL
https://files1.cybba.solutions/2856/loader.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

cdn-requestpullsuccess
True
date
Tue, 19 Mar 2024 21:52:30 GMT
content-encoding
br
cdn-edgestorageid
1080
cdn-cachedat
12/05/2023 17:26:56
cdn-pullzone
116099
last-modified
Tue, 05 Dec 2023 17:11:23 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"656f59bb-156fe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
a080e070-2552-4896-b206-e42f1464eeab
cache-control
public, max-age=3600
cdn-requestid
97cb14b5e167a4a599427dc6f710507a
cdn-requestcountrycode
DE
cdn-status
200
expires
Tue, 05 Dec 2023 18:26:56 GMT
cybba_latest.min.js
d2rp1k1dldbai6.cloudfront.net/
78 KB
21 KB
Script
General
Full URL
https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:9400:d:87ae:bb80:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f33b9ff7c623861b226c359f20776dc8c86c9490764b0b48d973f427f00aaf0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
xnXmqAg0192IZMN5wnb_dU8pMiCd15HX
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Tue, 19 Mar 2024 04:01:22 GMT
last-modified
Wed, 16 Aug 2023 13:22:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
64272
x-amz-server-side-encryption
AES256
etag
W/"8d008d0540dfa1c7074218def613069f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9FykSdIhfvnCQpETnGB77GvZQ4109Q1gsa5ixZy5-7WWyEV6Zq1dbQ==
up_loader.1.1.0.js
js.adsrvr.org/
9 KB
4 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.103.101 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 06:22:31 GMT
Content-Encoding
gzip
Via
1.1 c0ddd35bae9510a7268b5854c63453cc.cloudfront.net (CloudFront)
Last-Modified
Fri, 01 Mar 2024 19:43:19 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P8
Age
55800
x-amz-server-side-encryption
AES256
ETag
W/"a023114c374b2d4f49e3420f667f8e66"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
6PPXkkAK1G4I1gwYgOk1idaHBa55d9QcBTc1Qb_UCaVpLNJGERM2og==
web-widget-main-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/ Frame AAB0
945 KB
277 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9211e84cf5db7632d4e91f0cc3a660514dec1c01fb7ec17e381e1c1eb758e4b4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
x-amz-version-id
pJqu6tPM.I5Q4GF9AkP_HATOPk8YMrsq
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4AM14ZVA27KW16
age
44743
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
dgPR/2fnJzOCHTBvduq7gV60p59SKCw6s93NPMbTV/PWkO1OS8VSSSATNamlrtp2cAZ9MP1Aj+D1H/ch9RIlmQ==
last-modified
Thu, 07 Mar 2024 14:11:36 GMT
server
cloudflare
etag
W/"9fe3f095722824d79a8e1ee3a3fe18ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lVmi03U1lh6BMdu0f9SIqb3XEORj4fU6x%2Fj2gX93xpDO7KDbf03iIqwYZq5LNLhPgy88SbGwWe7TQMIg42MMIUHLc1GzeSkZkQyDYZDIA8Q%2BfEdp63qYKMfxTY2EjtlyWKDoyFc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b09e5ccebfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:35 GMT
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?pageReferrer=https%3A%2F%2Fochsner.perkspot.com%2F&url=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&action=view&source=firstleaf&rb_source=firstleaf&script_version=wxyz.rb.js&sessionId=6252f2cc-08c6-4bfd-b26f-11db0ea6b1b7&uid=rbos-b67087fe-d0c6-46f7-9ff0-cfb9477e4203
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.184.29.86 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?pageReferrer=https%3A%2F%2Fochsner.perkspot.com%2F&url=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&action=identify&source=firstleaf&rb_source=firstleaf&podsights_session_id=d6422d71a9c74a9cb421cdbc7c8ab00f&script_version=wxyz.rb.js&sessionId=6252f2cc-08c6-4bfd-b26f-11db0ea6b1b7&uid=rbos-b67087fe-d0c6-46f7-9ff0-cfb9477e4203
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
137.184.29.86 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Tue, 19 Mar 2024 21:52:30 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
en-us-json-a5bccfa.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame AAB0
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-a5bccfa.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-a5bccfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:52:30 GMT
x-amz-version-id
dhdAAISx0HAsdUuTr1X4iN_YhhRufNbT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
4C4E0QHDFQVCFZRZ
age
44742
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
J6pTzx97V13BDZzyOtfw+GL0v/GSv6WQGAmay6o3tfx20gxuOIn2+E26vl7FPRIbZBI9zH+5UEg=
last-modified
Thu, 07 Mar 2024 14:11:38 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fopM4aU5L9Cgls%2Fj0pN3wDstmZmteALYApNALV23mF3rLWt9wXbFFoHLheEI%2BkmaSQ%2FzrfcT2RnhJfdYmqm%2BMoQJX0yQ2Nl3RO8HJDTDtxKkEoFyfEHTzm0G0YEPmH769zczI2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
8670b09f8e4abfaf-WAW
access-control-allow-headers
*
expires
Fri, 07 Mar 2025 14:11:37 GMT
config
penrosehill.zendesk.com/embeddable/ Frame AAB0
0
0

events
fbapi.firstleaf.com/
0
0

/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&rl=https%3A%2F%2Fochsner.perkspot.com%2F&if=false&ts=1710885150812&sw=1600&sh=1200&v=2.9.150&r=stable&ec=0&o=4126&fbp=fb.1.1710885150806.1108904937&hmd=864576a389d99caa172f9351&pl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&eid=ob3_plugin-set_e8ee67a8813957ad88a98c88be89c68959605d9ad018ea1b6bcc9cf5d4051a1c&cs_est=true&ler=other&cdl=API_unavailable&it=1710885150133&coo=false&rqm=GET
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 19 Mar 2024 21:52:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1669030446688031&ev=Microdata&dl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_6%2BBottles%2Bfor%2B%252439.95%2B%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dfa6d083ee63a11ee802202250a18ba72&rl=https%3A%2F%2Fochsner.perkspot.com%2F&if=false&ts=1710885150819&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Buying%20Award-Winning%20Wine%20Is%20Simple%20With%20Firstleaf%22%2C%22meta%3Adescription%22%3A%22Firstleaf%20brings%20you%20the%20best%20wines%20that%20fit%20your%20individual%20taste%20when%20you%20become%20a%20member%20of%20our%20award-winning%20wine%20club%22%2C%22meta%3Akeywords%22%3A%22wine%2C%20wine%20club%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Discover%20Award-Winning%20Wines%20From%20Around%20The%20World%20That%20Are%20Personalized%20To%20Your%20Individual%20Taste%22%2C%22og%3Adescription%22%3A%22Our%20world-class%20winemakers%20will%20send%20you%20the%20best%20wines%2C%20specific%20to%20your%20individual%20palate%2C%20at%20a%20value%20that%20can%27t%20be%20beat.%22%2C%22og%3Asite_name%22%3A%22Discover%20Award-Winning%20Wines%20From%20Around%20The%20World%20That%20Are%20Personalized%20To%20Your%20Individual%20Taste%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fv.fastcdn.co%2Fu%2F814df80e%2F34504091-0-Unboxing03-132-1.jpg%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.150&r=stable&ec=1&o=4126&fbp=fb.1.1710885150806.1108904937&hmd=864576a389d99caa172f9351&pl=https%3A%2F%2Fpage.firstleaf.com%2Ffirstleafpartners&eid=ob3_plugin-set_e73436a4ff8a48649d601308e08b1ef1f9148c43c9d264e2d636f43f475d6821&ler=other&cdl=API_unavailable&it=1710885150133&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 19 Mar 2024 21:52:30 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
user
app.cybba.solutions/
0
0

/
pro.ip-api.com/json/
303 B
459 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=aUoasJP8dMuydUf
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 19 Mar 2024 21:52:30 GMT
Content-Length
303
Content-Type
application/json; charset=utf-8
fs.js
edge.fullstory.com/s/ Frame 4543
252 KB
69 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

Referer
Origin
https://page.firstleaf.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 21:23:43 GMT
content-encoding
br
age
1727
x-guploader-uploadid
ABPtcPrvwBCEyLgbfCIVXak_rzIEFP4GPeaM8GqcKCLCJhllPEaz5FAA254O1FpT315sIIBukH_7FV0F6A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70641
last-modified
Tue, 19 Mar 2024 13:20:22 GMT
server
UploadServer
etag
"55abb77d6ef5f32c187228af79a39e07"
vary
Accept-Encoding
x-goog-generation
1710854422256649
x-goog-hash
crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70641
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 19 Mar 2024 22:23:43 GMT
digibox.gif
www.lightboxcdn.com/z9g/
35 B
279 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1710885150943&h=page.firstleaf.com&e=p&u=44194
Requested by
Host: page.firstleaf.com
URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 19 Mar 2024 21:52:30 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
532346
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
e979446f-501e-0011-4b70-752f2b000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8670b0a17d261c1e-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d1hdjv7b05hja2.cloudfront.net
URL
https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Domain
ct.firstleaf.com
URL
https://ct.firstleaf.com/prh/pipeline
Domain
penrosehill.zendesk.com
URL
https://penrosehill.zendesk.com/embeddable/config
Domain
fbapi.firstleaf.com
URL
https://fbapi.firstleaf.com/events
Domain
app.cybba.solutions
URL
https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=2856&oldUserId=undefined&email=null&_ts=87007458

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| setupGTM object| dataLayer object| __variantsData number| __page_id number| __customer_id number| __default_experience_id number| __version string| __variant number| __variant_id string| __variant_custom_name boolean| __preview number| __page_type string| __variant_hash string| __page_domain boolean| __page_generator object| __experiment_id boolean| __new_tracker object| _Translate object| trackingData object| GlobalSnowplowNamespace function| instapageSp function| _instapageSnowplow function| _instapageConsentManagement object| webpackChunk function| $ function| ijQuery function| jQuery object| google_tag_manager object| google_tag_data object| cj string| GoogleAnalyticsObject function| ga object| __eventBus function| setGTMPage function| updateQueryStringParameter function| getQueryWithLink function| setLinks number| interval boolean| mobileStickyActive function| stickyLogic object| unknown object| __config number| __workspaceWidth object| RB object| f function| fbq function| _fbq object| _pxDataLayer function| __pxDataTag object| pxcelData object| s object| __session boolean| __cradleReady object| __featuresReady string| cookieName number| cookieValue number| expirationTime string| date number| dateTimeNow string| test_page function| instapageAnchorClick function| pdst function| snowplow boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| AddShoppersWidgetOptions object| zEWebpackACJsonp function| zE function| zEmbed function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData function| UET function| UET_init function| UET_push

41 Cookies

Domain/Path Name / Value
.pslogin.perkspot.com/ Name: TiPMix
Value: 15.052536565906738
.pslogin.perkspot.com/ Name: x-ms-routing-name
Value: self
.perkspot.com/ Name: perkspot-auth
Value: eyJhY2Nlc3NUb2tlbiI6eyJhdXRoZW50aWNhdGlvbk1vZGUiOjAsInZhbHVlIjoiZXlKaGJHY2lPaUFpVWxNeU5UWWlMQ0FpZEhsd0lqb2dJa3BYVkNJc0lDSnJhV1FpT2lBaWFIUjBjSE02THk5d2N5MXdjbTlrTFd0bGVYWmhkV3gwTG5aaGRXeDBMbUY2ZFhKbExtNWxkQzlyWlhsekwxTjViblJvWlhScFkxUnZhMlZ1TFRFdllUQTJOREV4WlRVeE16YzBOR016TldJM01HRmhZemxsTW1VelpUZzNZekFpZlEuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMM2QzZHk1d1pYSnJjM0J2ZEM1amIyMGlMQ0pqYVdRaU9pSjJjRGw2YkRSbU9IZDZlV054TjJGek0yMWthU0lzSW1OdmRXNTBjbmxmYVdRaU9qTXpMQ0pqYjIxdGRXNXBkSGxmYVdRaU9qRXdOekFzSW1GMWRHaGxiblJwWTJGMGFXOXVUVzlrWlNJNk1Dd2lkWE5sY2w5cFpDSTZNelV3TlRrek9EUXNJbVZ0WVdsc0lqb2lhMlZzYzJrdVptOTNiR1Z5UUc5amFITnVaWEl1YjNKbklpd2ljM1ZpSWpvaWEyVnNjMmt1Wm05M2JHVnlRRzlqYUhOdVpYSXViM0puSWl3aWFXRjBJam94TnpFd09EZzFNVFF6TENKbGVIQWlPakUzTWpZMk5UTXhORE1zSW10cFpDSTZiblZzYkgwLmFVYm1MVzRma01JblV4TF9mTWtKX2RBRjRkazdzTFA5X2lNYThvdXZYWlROR2VQa2dxWnFDOTlSM1JKWmJVckFfMjlCeUdWM0tqQUVGWVJ3ZmlYeHRwTjFIdi1KVzZhcGdaTExpbkpjQTJicEVjWTZBenhWLU5CUlFxSUprZkdTMGpySk5CaTRJWnppOGliTDRIMUJVZ04yQ1lEUC0taE8xMzQyOF9ISUZ6aGtrMGVWeTVLZnoyVXEyUEtmMmRrSEJ1aWlXMTFTY3BOMlRpeGN5YmxhaWJNTnVZNkNPYlJNSnJtVlpSanpOQ1BIVm5HUUIzUUJNOVlfUXRMeVR6Y1hPLVBFQkRsTklDcV94bnpHSTg3TWtYdTVkT2hQc1Z3UGF5cGhhUXZNV3ZPRUNjRzZMOTBZQVRXTk9fMmVGazJwWjcxZnQ0Z1JVaWZIUUpLVFFpRzdpdyIsImV4cGlyYXRpb24iOiIyMDI0LTA5LTE4VDA5OjUyOjIzKzAwOjAwIiwiaXNFeHBpcmVkIjpmYWxzZX0sInJlZnJlc2hUb2tlbiI6bnVsbCwiY2xpZW50SWQiOiJ2cDl6bDRmOHd6eWNxN2FzM21kaSIsInVzZXJJZCI6MzUwNTkzODQsInVzZXJFbWFpbCI6ImtlbHNpLmZvd2xlckBvY2hzbmVyLm9yZyIsImNvdW50cnlJZCI6MzMsImNvbW11bml0eUlkIjoxMDcwLCJraWQiOiJodHRwczovL3BzLXByb2Qta2V5dmF1bHQudmF1bHQuYXp1cmUubmV0L2tleXMvU3ludGhldGljVG9rZW4tMS9hMDY0MTFlNTEzNzQ0YzM1YjcwYWFjOWUyZTNlODdjMCJ9
pslogin.perkspot.com/ Name: communityId
Value: 1070
pslogin.perkspot.com/ Name: SessionHolder
Value: 9be3a4c4-2745-4871-aab6-57dc3e89d7f0
pslogin.perkspot.com/ Name: ps_sid
Value: 9be3a4c4-2745-4871-aab6-57dc3e89d7f0
.ochsner.perkspot.com/ Name: TiPMix
Value: 56.35619847585382
.ochsner.perkspot.com/ Name: x-ms-routing-name
Value: self
ochsner.perkspot.com/ Name: SessionHolder
Value: 4b3db99c-830b-4575-a42b-1eafae6a4137
ochsner.perkspot.com/ Name: ps_sid
Value: 4b3db99c-830b-4575-a42b-1eafae6a4137
ochsner.perkspot.com/ Name: __RequestVerificationToken
Value: oMuHjaynNhRSRmvHrOWUWaRSCc4QufoQwFD1b_BI7RELhqJLHXIVV2lGPkCaTGeTJdUtu29OxHsLoPGyeEHVms_3PqF3WJNvtAqX46zfBNC3DOCRRzlpcXH9j2O--SVL8ahVaHDhn3h4hxovkOR6lQ2
.ochsner.perkspot.com/ Name: _vwo_uuid_v2
Value: D0FA7D4CB27D16D6F950473251D31AFF5|dbd7aba690063cba263fa05a1cad083b
ochsner.perkspot.com/ Name: sailthru_pageviews
Value: 1
ochsner.perkspot.com/ Name: ai_user
Value: XJ+c4nc5aFClJqvdd0XBfq|2024-03-19T21:52:25.488Z
.perkspot.com/ Name: _vwo_uuid
Value: D0FA7D4CB27D16D6F950473251D31AFF5
.perkspot.com/ Name: _vwo_ds
Value: 3%241710885145%3A73.99090605%3A%3A
.perkspot.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.perkspot.com/ Name: _vis_opt_s
Value: 1%7C
.perkspot.com/ Name: _vis_opt_test_cookie
Value: 1
.perkspot.com/ Name: TLTSID
Value: 17003971953914104335354142216595
ochsner.perkspot.com/ Name: sailthru_content
Value: ce0684f583a65a79331ce2e1535e7080
ochsner.perkspot.com/ Name: sailthru_visitor
Value: 1853d12d-8d96-4ae5-b900-1a126a09bfb8
ochsner.perkspot.com/ Name: ai_session
Value: qbs+kH0bN8++ZHXaSHr8jC|1710885146004|1710885146004
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: RhNpyonXBjSJnQJ3/m9C/t/eZ4vQApHStN7C12XT9uTk2nGo+jetOQ4Zls1ne3HiXM8qqjeQuG+t0hJEhxucKgEqlW9CwNHnENnibLL7/zm/GS83dUQCRcyjvT+h
.perkspot.com/ Name: __zlcmid
Value: 1Krma6lw29RC68P
.dotomi.com/ Name: CJSession
Value: f51f5c75-3be5-45cf-9778-6d755f54bc1f
.dotomi.com/ Name: cjae
Value: .BCaDUuoD1Yz
.dotomi.com/ Name: DotomiUser
Value: 400805631436915300$0$1
.dotomi.com/ Name: LCLK
Value: cjo!x2pz-oarfdtm
.emjcd.com/ Name: S
Value: 400805631436915300:.BCaDUuoD1Yz
.emjcd.com/ Name: LCLK
Value: cjo!x2pz-oarfdtm
.emjcd.com/ Name: CJSession
Value: f51f5c75-3be5-45cf-9778-6d755f54bc1f
.page.firstleaf.com/ Name: __cf_bm
Value: PerzBLSlAzo3K.3.iWljIg_5NZEIZFiiukNGrIXfcRc-1710885148-1.0.1.1-PiZ2LslW7NgEuCa0P1s6NOc64gK3U4tdf5_fSOuxZLjnh..ZRCTO5PnUW4M1vkofT_fQE4SiQoLPAfA.eGRGvw
.firstleaf.com/ Name: _gcl_au
Value: 1.1.489741531.1710885149
.firstleaf.com/ Name: query
Value: ?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
.firstleaf.com/ Name: CJEVENT
Value: fa6d083ee63a11ee802202250a18ba72
.firstleaf.com/ Name: FL_Referrer
Value: 2
.firstleaf.com/ Name: _ga_3TS4P88RE5
Value: GS1.1.1710885149.1.0.1710885149.60.0.0
.firstleaf.com/ Name: _ga
Value: GA1.2.1392323672.1710885150
.firstleaf.com/ Name: _gid
Value: GA1.2.620952560.1710885150
.firstleaf.com/ Name: _gat_UA-68049103-4
Value: 1

24 Console Messages

Source Level URL
Text
network error URL: https://d1hdjv7b05hja2.cloudfront.net/fonts/caslon.css
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cloud.typography.com/7410416/6307592/css/fonts.css
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1669030446688031?v=2.9.150&r=stable&domain=page.firstleaf.com&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 130)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://page.firstleaf.com/firstleafpartners?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_6+Bottles+for+%2439.95+%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=fa6d083ee63a11ee802202250a18ba72
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.trkn.us
ak.sail-horizon.com
api.sail-personalize.com
app.cybba.solutions
assets.zendesk.com
az416426.vo.msecnd.net
bat.bing.com
cdn.instapagemetrics.com
cdn.jsdelivr.net
cdn.pdst.fm
cdn.rollbar.com
cj.dotomi.com
cloud.typography.com
connect.facebook.net
ct.firstleaf.com
d1hdjv7b05hja2.cloudfront.net
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
edge.fullstory.com
ekr.zdassets.com
email.perkspot.com
fbapi.firstleaf.com
files1.cybba.solutions
fonts.googleapis.com
fonts.gstatic.com
g.fastcdn.co
heatmap-events-collector.instapage.com
images.firstleaf.com
js.adsrvr.org
js.go2sdk.com
lib-us-1.brilliantcollector.com
ochsner.perkspot.com
page.firstleaf.com
penrosehill.zendesk.com
perkspot.zendesk.com
pro.ip-api.com
pslogin.perkspot.com
psprods3ep.azureedge.net
rbv9j7km.firstleaf.club
rbv9j7km.firstleaf.com
region1.analytics.google.com
rs.fullstory.com
shop.pe
static.zdassets.com
stats.g.doubleclick.net
tag.simpli.fi
tags.w55c.net
trkn.us
unpkg.com
url1941.psmark.perkspot.com
us-central1-adaptive-growth.cloudfunctions.net
v.fastcdn.co
www.emjcd.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.kqzyfj.com
www.lightboxcdn.com
www.mczbf.com
www.rtb123.com
app.cybba.solutions
ct.firstleaf.com
d1hdjv7b05hja2.cloudfront.net
fbapi.firstleaf.com
penrosehill.zendesk.com
104.16.53.111
104.18.70.113
104.18.72.113
13.107.238.51
13.33.187.48
137.184.29.70
137.184.29.86
18.172.103.101
18.66.112.45
18.66.97.122
20.50.88.241
2001:4860:4802:32::36
2001:4860:4802:36::36
23.197.116.174
23.198.214.73
23.20.188.125
23.36.162.88
2400:52e0:1e00::1081:1
2600:9000:20a0:a600:d:370a:51c0:93a1
2600:9000:20eb:6000:16:4ed5:12c0:93a1
2600:9000:2240:9400:d:87ae:bb80:21
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:2cf6
2606:4700:10::6816:2df6
2606:4700:4400::6812:2084
2606:4700:4400::6812:2505
2606:4700:4400::ac40:95d5
2606:4700:4400::ac40:9b7c
2606:4700::6810:5914
2606:4700::6810:7eaf
2606:4700::6813:d383
2620:1ec:46::45
2620:1ec:bdf::45
2620:1ec:bdf::67
2620:1ec:c11::200
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2008
2a00:1450:400c:c1d::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.36.17.181
34.96.102.137
35.158.172.152
35.186.194.58
35.201.112.186
35.227.244.1
35.234.162.151
35.244.142.80
51.77.64.70
67.225.220.126
89.207.16.75
99.83.154.140
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
04675cda5bafe0dc7792e42ea3a68bc03717c9dd646e2e2a342504166537b0a8
046a17d8ea200b4630362aab3ccc8927b1afe2c283e2205c0ab49609d61eecda
047794317b70504540fd8504bd67eec9a33e7e7b9558fb2f73a0a0de663a51c3
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0ec1c02424d9fbf90c5331351932631f5f141e6468994c5d2b7edc626a17cd4e
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc
11f6da2ea5b665176386d9ff3e56f6f4e76b461d66634119db72396fae0b5985
146ae2893bbc97194b6f31f6d5ad5524f5394b637979cb7eae08059ace02d3e0
190e3a6420847bb948355183c2fdcdfa9ce099ce7e4bcc9c28ebe41fed127186
19cc0d723aa43f63d06736c1bbd2852d5d14ffdbb4b1786db1b3f07a1e97f123
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1f29f9fa83fe6deaed043de807534108e2e819ad149d10da35caea2b4f06fcd2
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
22d5844a30edf2c15420b17b1b14c47e910a7bfadf33cd93d1767aba1be29055
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
297d3cd3ccf85fb90010fc152b085a96734c23c125fcff1764e7e5ac73d67cbf
2c3458c91448d14916ef96b16122e62e4f07b926e0d6273fd70c356543a39282
36448550261e964217811600224a54578479bb9f0c417ac213a84b597ff178e9
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
3ceede191600c33e2bd32f084b4bf7756c3c1f64776363f4a075588672a48f3a
3e56a4985055d1f66fb79ea590062f13b7732587f4a33067ea3ee9d2330e043b
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
4531531e27fd238f5f1df78d134fdc1268995007411caf68867a72d72aaeb919
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
460535d21cb0765795ffa52442ac0e6e1d5051bc31407f5e77dac1afa077edcc
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af
4c6315811518b52563c0884a4e2fd019f9302b362237610c5744c6f01f6f7d9d
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
4e049bbdc40b8d2e87194216781b7ad54cdb528be6686225e510468c056facb0
4efcdc6c80c020c85311ffd5ff5bd87183932775ac92802bac0b223ee4e8b156
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
51f603f5926686729582182c411da7f7e7c1646e6718390612d0b96d61a4d404
52cf4acfa2d37f95ae0d0105b78b5948cd4838f51db11ea18d8a123346b5e6f4
54caf1fa6a1edc50ba279842ba65958d3dfc27ccdd12aa87c20ee5521cc3c0b5
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56803e8fac0559c6f22f3b7ab50580285d4b64e77fefe70496e347483ad2e195
59dcd2d919153d915a5a2c47d1294158186372dfc4901cccff7ce02834aeb73d
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
5f767fd14aa58b7eb05ad986cd7b834cc8d0c2d22820f39e0dd950c17ae505b0
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
60b5e3d8fa4dbf7f726e7e255e1f5b0087ad52e44c2f16ddfaea65cb752f780e
628834657c267940312e1a8ffa1443276b646ed8cd8509f7f8c6ab284e832bd3
63ae9c49ec66764689006ca402ed295bad25b94a5cb08132b1c6fe3f93a7a011
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6432e3b907fecbd18556ef65db4cb31a966392bbf18b99fa32bc7bd69acb4d96
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
673f9d011800204dd6d79b0607fcc635e3be028bcc76308625a65cf678bf1cfa
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
6f3abddd035af903fbbf5e305d6ad5653c3cbf77999c1ed384b49756a54de60d
7050ce1af3ceb595099a9dc5828b44afb9e1d826564f12c1dc1c88694acac863
781c3947a11e341be26deaf6932720272733e184602d02fcb3b6dfb658f9d951
78e04595db9933ecf5e24650b1501604f66e2d977befd16f85f449e378aae9b3
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
7a8b1f33ab4771546841b88a63511f0efc82112164a31c23ae534cdb966676f4
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7bb3c1df8eaebe0b3013b0846d12e3f9289d58dab1b0c66c7ae86e91d177b44f
7fe6faaa9000001abfaa88dcdb7e1e06e4c656d596928b59793271eb01852558
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844ba7cf297ced245b9a3240cab82df42038cbf35d7936cf430790854a019f7c
853d7ef6b54d838c009d01e4857b499d7ec4f71f6fced1e2e3c463fd393ccb29
86ca5296fb1619d4072e92a56ef5765497b87cf919f91b34dfc7ea349856f46b
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
8f6c3989d504a12a9285e6e4b222fee4cab7395b935400bcdb081c980b96efa7
900b55fbbd821b9e1035ad7412b836fbf2d94e33ee708c48ee5a355a6dd67cdf
90a531b621d2e8b6d11496fa4dceb4e3a66b73b0453ed8140b7a3b094de729a3
915cbb7f07c967c0ba968097886ee2b4dd64e6cc216b43a11d06401dddf8faeb
91aa9a6c203eab189b868e22be75095642a4a3bc6313cf170b6462e96a4fa069
91f0d207c787b479006286925fb6f64454eecd31f7ccef7400669d524e5edf31
9211e84cf5db7632d4e91f0cc3a660514dec1c01fb7ec17e381e1c1eb758e4b4
941beac063c8acfa91af835f818bf9bbe4a79d11e403682d06f1c234ecb8d79e
9590a1abf03a012d99620eff6bc0f31bd90896f77058a81c18b2e07116bbeece
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
98779d41a531227cc58ded005e89be5b87507bc9e6347f64552ddc7fdcec21c3
9dad152dee0fa578a8f11721162206b98299f9926d203303a92d65d4920104d5
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a491c75feed5de07c5670575157d1a18d8e0cec1254e9a4e09e35473fa20d015
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
a8400be7d2d60d42fdac04aed87154d78843df12845c5ffb871d274ca8096006
aa55d216890ad204cd829e8c33fe34ef24c4e0638023f54b7d36ea3f0b1e387e
aabbeaf715e0272ef26df2d4aa2bbae20fe54daa69c3b020be686d086e92c533
ad7066efe71d1d6692c0aa7cab7da9e59a550578da93af8f413dfd5490c25c77
ad79fe59f1583a5788084bea3eac291649744d146441c558657af89a199ef935
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2c78c910f5ea29e3a9d223dabc203c055c8708b1fe7d83788b490638126db4d
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdeda331b720b33bf5b8bc88d52d16a1c40da840b41f4692e3ed70253fed9486
c12af73c7d806bf333980c5da006fc2f1c7f875baa6ffa128a8108d141186822
c1a12b438b92f44bc2016f691548ce0632e07415b802954f7671222ef17253ef
c4eee5fb16dd9e5cd58678a0dcd4c7c234e7a402ffe523b3c7067c0a6c648cf1
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cd01645a01dac1a8e3b85ce4d300c6b789d5cb2ba60cd5629a5260cd92775274
cd48035f6b152047410a72f7a231d327d62c110648b02be46a5eb84fcc6beb18
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
d10dad0283c64a3ce558080e000850d6635c96244e1140770ea285296f88af1f
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d6cfb5ea0d4f0b0b64cdb50ca954b8f666d1fadde15cce3dc55240e61b98ddf9
d8486a3f9ae75406b6ca3afd7774fc851165a682a248dd28c275de379224135a
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
dd8625bfa35604f050e4dcc7ff10c2c31d7cdf1ce7bdf4cde0d0415dcc74e2fb
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff8e1f5e7e9a0e45a87c3daca3912c1a560e381e014019060028ba8311985eb
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b0c3862de3c6bc4181d60ccab272f79b3f31c36422e35794208aca43c75260
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ea60f766281949bc2177c91021568b584ff6058d917f8c3bb4a61ae1b13216d9
ebf12bf07b6715367bddb899260dc6c5459d2c14a090c792c854c96a51cb1b66
ecc3883f7b177edcd6a59dcdb4f957cba8a1df5180202fcd3f30bd33dd6f7d7b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef90ec655829ce945c35d57ff2acbfd10f64d9a636ead2263f19bced0db85c9c
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b
f33b9ff7c623861b226c359f20776dc8c86c9490764b0b48d973f427f00aaf0b
f52aa7f19fe7b48d3d6b18cfedbae9ed42c8a11b962f6d895f7f32c48d6feaf0
f7354e7a4693b91342dae2a6eb44dd7346fbb0f408e1e81847dbfde0ba2518a3