www.leafprotect.com Open in urlscan Pro
13.226.34.82  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://t.co/n8mv7qXweW Page URL
2. https://rueddour.win/100b81ab23dadf9a800/400_02/02/23_09 Page URL
3. https://mrktrecord12.com/?E=tzrGE20Rp0ZDXSSKdTmhS%2fPxd26X1iQQDbfaF54T%2fx8%3d&s1=473563&s2=1490066168&s3=400_02 HTTP 302
   https://speedtrkgood.com/?E=tzrGE20Rp0ZDXSSKdTmhS%2fPxd26X1iQQDbfaF54T%2fx8%3d&s1=473563&s2=1490066168&s3=400_02&ckmguid=119fd09e-ed89-45ed-8c1a-f31ab79218ec HTTP 302
   https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276 HTTP 301
• https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276

Request Chain 50

• https://insight.adsrvr.org/track/up?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&upid=j47mfq7&upv=1.1.0&paapi=1 HTTP 302
• https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&upid=j47mfq7&upv=1.1.0&paapi=1

Request Chain 59

• https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_cm&google_hm=ay1ZY1VPdWhpTlFSQzFVQzJqRnN0dHA1R3ptc2pwV2J0WEJMRGMxdw HTTP 302
• https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_gid=CAESEKnPTC352IdcVoEwOlI2YiQ&google_cver=1&google_ula=913071,0

Request Chain 60

• https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30 HTTP 302
• https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30

Request Chain 61

• https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
• https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3949501723216508955

Request Chain 62

• https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&custom=&tag_format=img&tag_action=sync&custom=&cb=ff5f1e2c-3f8d-4918-9808-5988834faea7 HTTP 302
• https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=ff5f1e2c-3f8d-4918-9808-5988834faea7&final=true&reqid=19726e70-79c6-11ef-8a65-6381ecdf67cc&timestamp=2024-09-23T16%3A08%3A40.919Z HTTP 302
• https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync HTTP 302
• https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3949501723216508955&tag_format=img&tag_action=sync HTTP 302
• https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=197554a0-79c6-11ef-ade3-61211df2b57b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
• https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=197554a0-79c6-11ef-ade3-61211df2b57b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile_id%7D%26tag_format%3Dimg%26tag_action%3Dsync%26cb%3D%24%7Brandom%7D HTTP 302
• https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=37b62cb3a0d0113ee403394183d6c840&tag_format=img&tag_action=sync&cb=294052430 HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 HTTP 302
• https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=31298eff-ef30-4382-b217-43ec8d7781ee&tag_format=img&tag_action=sync&cb= HTTP 302
• https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=197554a0-79c6-11ef-ade3-61211df2b57b&cb=1727107721092&rmn=y&redirect=https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2041%26partner_id%3D2130%26uid%3D%24BROWSER_ID%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync%26rmt%3Dtrue%26cb%3D1727107721092 HTTP 302
• https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=3654cea9-8ce6-4499-89de-6a6ca0387379&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1727107721092 HTTP 302
• https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync HTTP 302
• https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=199e6070-79c6-11ef-addb-8b24bd9512f4

Request Chain 66

• https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
• https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0gkQPbyXA6kNUZsFmkeX69edwoP2Yo2E

Request Chain 67

• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw HTTP 302
• https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw&C=1

Request Chain 69

• https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g HTTP 302
• https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g

Request Chain 70

• https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7yn6HRiNQRC1UC2jFsttp5Gzmsi9KXK258GHng HTTP 303
• https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7yn6HRiNQRC1UC2jFsttp5Gzmsi9KXK258GHng&_li_chk=true&previous_uuid=fa8f752bc3394f30b13a30bd4237837e HTTP 303
• https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=fa8f752b-c339-4f30-b13a-30bd4237837e HTTP 302
• https://p.rfihub.com/cm?pub=39342&in=1&userid=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D064a62ba-3218-4793-9f11-58a3dc51b90d%253A1727107721.058372%26pid%3D500040%26it%3D1%26iv%3D064a62ba-3218-4793-9f11-58a3dc51b90d%253A1727107721.058372%26_%3D1727107721.0600736&cb=1727107721.0601146 HTTP 302
• https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316576791345557&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D064a62ba-3218-4793-9f11-58a3dc51b90d%253A1727107721.058372%26pid%3D500040%26it%3D1%26iv%3D064a62ba-3218-4793-9f11-58a3dc51b90d%253A1727107721.058372%26_%3D1727107721.0600736 HTTP 302
• https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&pid=500040&it=1&iv=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&_=1727107721.0600736 HTTP 303
• https://pippio.com/api/sync?it=1&pid=500040&_=1727107721.0600736&iv=064a62ba-3218-4793-9f11-58a3dc51b90d:1727107721.058372

Request Chain 85

• https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A HTTP 302
• https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A

Request Chain 87

• https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
• https://dpm.demdex.net/ibs:dpid=28645&dpuuid=31c3Rz9nov8vTBKRvWTLKHX8BJWfrfqb

Request Chain 88

• https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
• https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=StQDhFkceA4ao44zcb1leiRUmhlACG0z

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	n8mv7qXweW Show response t.co/	326 B 937 B	86ms 72ms	Document text/html	172.66.0.227 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.co/n8mv7qXweW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare tsa_b / Resource Hash bfdbd84dc85010a0dd63dda2191e2a29beef4c2c163fb45bc0596fa144ac937c Security Headers Name Value Strict-Transport-Security max-age=0 X-Xss-Protection 0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control private,max-age=300 cf-cache-status DYNAMIC cf-ray 8c7bcb5e0afd4328-EWR content-encoding gzip content-type text/html; charset=utf-8 date Mon, 23 Sep 2024 16:08:36 GMT expires Mon, 23 Sep 2024 16:13:36 GMT perf 7402827104 server cloudflare tsa_b strict-transport-security max-age=0 vary Origin x-connection-hash 8eb6a1b139de6c282630a301ad85b7655c727ba37cf3698a9487c7f5474db700 x-response-time 15 x-transaction-id d5d4923e74dbd577 x-xss-protection 0
GET H2	200	23_09 Show response rueddour.win/100b81ab23dadf9a800/400_02/02/	175 B 449 B	1845ms 122ms	Document text/html	23.229.17.46 SERVER-MANIA
General Check archive.org Show headers Download Go to Full URL https://rueddour.win/100b81ab23dadf9a800/400_02/02/23_09 Requested by Host: t.co URL: https://t.co/n8mv7qXweW Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.229.17.46 Buffalo, United States, ASN55286 (SERVER-MANIA, CA), Reverse DNS Software nginx/1.12.2 / Resource Hash 8d68d2ffdfd0d55d54bd4070bded95665df6bc83ccfb4766e4390eaa40298ed4 Request headers Referer https://t.co/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 23 Sep 2024 16:08:38 GMT server nginx/1.12.2 vary Accept-Encoding
GET H2	200	Primary Request / Show response www.leafprotect.com/save/ Redirect Chain https://mrktrecord12.com/?E=tzrGE20Rp0ZDXSSKdTmhS%2fPxd26X1iQQDbfaF54T%2fx8%3d&s1=473563&s2=1490066168&s3=400_02 https://speedtrkgood.com/?E=tzrGE20Rp0ZDXSSKdTmhS%2fPxd26X1iQQDbfaF54T%2fx8%3d&s1=473563&s2=1490066168&s3=400_02&ckmguid=119fd09e-ed89-45ed-8c1a-f31ab79218ec https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE	306 KB 90 KB	48ms 6ms	Document text/html	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Requested by Host: rueddour.win URL: https://rueddour.win/100b81ab23dadf9a800/400_02/02/23_09 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 16352021cccadba93ceb2bf084a38802cc892e268c0cf313cf0a55bcc57d4e07 Request headers Referer https://rueddour.win/100b81ab23dadf9a800/400_02/02/23_09 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers age 11926 content-encoding gzip content-type text/html date Mon, 23 Sep 2024 12:49:54 GMT etag W/"cdd2d770177556acf95a467f52df125f" last-modified Wed, 21 Aug 2024 16:43:53 GMT server AmazonS3 vary Accept-Encoding via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-amz-cf-id YsB6NcomJs79p3E9aefFYIlNnIjVe5L9cUV2spLl4_ZE7j4W0L8cGw== x-amz-cf-pop EWR53-C2 x-cache Hit from cloudfront Redirect headers cache-control private content-length 317 content-type text/html; charset=utf-8 date Mon, 23 Sep 2024 16:08:39 GMT location https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
GET H2	200	1a5a2814967ef026.css www.leafprotect.com/_next/static/css/	51 KB 10 KB	5ms 5ms	Stylesheet text/css	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/css/1a5a2814967ef026.css Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 59f4ed01bf8fc24a210389dee404df81b5cc370952b2fb8b3d2e74fc6362533d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"2dac8393b21a4197d36b7235e4fda4e2" age 9836 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id U8sujVKc692v3Gov0cQswjLEu4nhwAv4tKOPpYmL9334dn7aW8O4VQ== date Mon, 23 Sep 2024 13:30:40 GMT content-type text/css last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	webpack-1ccf63668f36e7ff.js Show response www.leafprotect.com/_next/static/chunks/	2 KB 1 KB	5ms 4ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/webpack-1ccf63668f36e7ff.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash dad017c04bc49574b5c336b45b76e8e28e970bc78027e4a7770e83900d6e0baf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"b822d86430d8a719030cf0f7d5d36ab8" age 18720 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id iXZuJhiyO38-ylao_vIop-jzvHW-wOINt4Ojc-GVSeciGH8g1k2x2Q== date Mon, 23 Sep 2024 10:57:22 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	framework-114634acb84f8baa.js Show response www.leafprotect.com/_next/static/chunks/	138 KB 43 KB	11ms 8ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/framework-114634acb84f8baa.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash cc76e8d9def9ded50761a877750bab9afab8d4873351a0088e44811c8a4f54e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"d61e3f6bff4284ac6fd9b3f3048ea293" age 14155 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 8y1qEyE3Ajy4qWz3QkQnSdvUFGsXq0c_T5QyVOdnPHycdQBFKea1Ig== date Mon, 23 Sep 2024 12:18:45 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	main-1b339a404c3dec97.js Show response www.leafprotect.com/_next/static/chunks/	87 KB 26 KB	9ms 6ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/main-1b339a404c3dec97.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash c9eb8225c5a946cbdde308be3304510dc971f645f54e335511e0cca05bfb21db Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"8621e9a476154bcdc3fc7a013bf9b8b6" age 81019 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id cSkqAceFmk1yRJ2P6ml6ZB-LWRKyhkNrRaDO3e_VzaUMyKhE3JCaFg== date Sun, 22 Sep 2024 17:45:55 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	_app-fd4d3dc957a9662d.js Show response www.leafprotect.com/_next/static/chunks/pages/	245 KB 76 KB	12ms 9ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash b44a0be3106f41d285278a370ab2e15aa0fedad1ca55a3e1661134c2469b602e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding gzip etag W/"fc29e313f2797baa3609cba300139ffb" age 7706 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id C0Yd2WmONJHvKQMJTG2Zwg4_NaydYdyb3iWUzY0cRICMeeETsWSLbg== date Mon, 23 Sep 2024 14:00:15 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	2fbf9dd2-d9e21354dce3f086.js Show response www.leafprotect.com/_next/static/chunks/	327 KB 76 KB	13ms 10ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/2fbf9dd2-d9e21354dce3f086.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash e38650f26604fdc26613e7e2fa5af4b610559cdee5ba9f4de6ad17227520ae62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"e7f7a31dd6ba0b1a10d7645f5e2e9121" age 14155 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id HQihj1K3BRZkVZKwJmqodesBTm5iCOiKtu749WWeWe9mnVy67Jd8Nw== date Mon, 23 Sep 2024 12:16:24 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	149-3a5df8db7b5229ce.js Show response www.leafprotect.com/_next/static/chunks/	322 KB 98 KB	13ms 11ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/149-3a5df8db7b5229ce.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash ce7e7f23da1bf29ae2637bb577599ed7bf072a045a3b17d38b5e5a6562ac6036 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding gzip etag W/"cca89520df96412a48d90da8b8525e46" age 64433 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id tUZ3n02tAoVXTDXqi5BuDrJCmpGw9xywpUiOxuTumwtvV7btgcoxWA== date Mon, 23 Sep 2024 10:39:36 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:37 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	save-1d077486a8e3137d.js Show response www.leafprotect.com/_next/static/chunks/pages/	25 KB 8 KB	15ms 13ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/chunks/pages/save-1d077486a8e3137d.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash d82500dda8f8348236685e79e98e4697e89c626d0ab86b48c079d28dc0b28dba Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers content-encoding br etag W/"a00dcb90a81ac1c8691eba0612e11661" age 6377 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id yytKr6ueZgyR62eGrZQdLg-0NSn6FRIpf251F-ZJ-sVyFU5a5rbXzg== date Mon, 23 Sep 2024 14:25:06 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	_buildManifest.js Show response www.leafprotect.com/_next/static/fnY_z9w18UzB0NTbvtLpg/	966 B 1 KB	11ms 9ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/fnY_z9w18UzB0NTbvtLpg/_buildManifest.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash d4d7adcdb30c58fadef4a5a32e3143cc74a4b79c1fa4f631ed1790a77ac1c508 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers etag "b19a125dca67fcfa5464c7468cdd5608" age 46523 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 966 x-amz-cf-id ZLvUElOd2lcJTSMgNjCbzWAhV8BoejwcAPVb4WDwKJXxkOUwLfM0Dw== date Mon, 23 Sep 2024 07:01:27 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	_ssgManifest.js Show response www.leafprotect.com/_next/static/fnY_z9w18UzB0NTbvtLpg/	204 B 532 B	12ms 10ms	Script application/javascript	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/static/fnY_z9w18UzB0NTbvtLpg/_ssgManifest.js Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 9318bef15898f656118c0d38755f7cf794bea345576bbf2b4d5f773f7d0be94a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers etag "da746f71b494414d87fd88e514c9ed50" age 46523 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 204 x-amz-cf-id a73ysWUoZpfhy3mIuT2DMTfsCDGHy75Yiu-J33OuZ_uXXKlZS47LYg== date Mon, 23 Sep 2024 07:01:27 GMT content-type application/javascript last-modified Wed, 21 Aug 2024 16:43:38 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H/1.1	200 OK	coupon_d75f069b6a.png converge-strapi-prod.s3.amazonaws.com/	350 B 776 B	75ms 30ms	Image image/png	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/coupon_d75f069b6a.png?updated_at=2023-10-05T14:43:31.217Z Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash f7e482a0ebb7a4a3513459d6f16862326ddff3db1f839ad5ba34baca4ef851bd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 MNmFRdH6xs186ymKfIFjnXdP91IJL1AcrMveVX6Ycg+0ckSt9ZNn1i+FtUWjAmIohVQDrmfRbf9/n8Owh0OYA2my5NfZAEFfrRSvzjSJyfM= ETag "9a59e5b32be04e33e1bc682677a88f23" x-amz-request-id PZF4RM2WTN8K9KE8 Accept-Ranges bytes Content-Length 350 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Thu, 05 Oct 2023 14:43:32 GMT Content-Type image/png Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	logo_3725089e23.webp converge-strapi-prod.s3.amazonaws.com/	6 KB 7 KB	88ms 43ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/logo_3725089e23.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 5b883507f35a0b6d29897298b38fb3e7cec4aa0c62b5b0bf26c6de335a65da59 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers ETag "a49d8cc97f731717390c96f46fc2af92" x-amz-request-id PZF1VFCA9MT95D76 Accept-Ranges bytes Content-Length 6400 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Thu, 20 Oct 2022 19:02:50 GMT Content-Type image/webp Server AmazonS3 x-amz-id-2 8ej8z6O6fTkkKSdLb2bMTb2lT3CxEV6onXW81PMO2yhaPb8hxIefzXwVWyOaELMlkfi31CZ4nuNQhiMrfH60Z5D+uX7CUzf1DP1A1VOk0+I=
GET H/1.1	200 OK	check_icon_b72f8bd399.webp converge-strapi-prod.s3.amazonaws.com/	7 KB 7 KB	51ms 28ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/check_icon_b72f8bd399.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash e7def01e28f29f66d5b6a6366a28ef93e29f1721edc0f0a39535581c7afe64c9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 4/0jfHVbJ8/WW1rKwBoE7YUSEGUnlfhF6i2O1rhgeVyZseDCc9w2bUMqiMtspwLVWDL0nDHMsgi4qPpUV3MMV/AELvFcGGIqrP7C71nZltc= ETag "b5a65b9536a7a77b610908d0cb96bd81" x-amz-request-id PZF8RXK6EKP5HVWH Accept-Ranges bytes Content-Length 6688 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 26 Jan 2024 16:42:52 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	warranty_icon_1723ccd30d.webp converge-strapi-prod.s3.amazonaws.com/	8 KB 9 KB	55ms 32ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/warranty_icon_1723ccd30d.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 27c384291df57be0bbef4dfdde33d56755f0b48e16cd7179437bc6f98f5ca643 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 FSqe/TVYJnyoJ/fon5ikUr5Y0L40mi1bybaxJJDfMyetbwCbyGOIMpXnGbkTV4R+ObZKli1ybRHLg53BoO843DtfzFdGFqpZ7EZP6iNSjqE= ETag "18f3c1d8eb8563d2a358a61772c17382" x-amz-request-id PZF1E6M27J3ZSSFE Accept-Ranges bytes Content-Length 8674 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 26 Jan 2024 16:42:54 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	gutter_icon_da504535f4.webp converge-strapi-prod.s3.amazonaws.com/	9 KB 10 KB	58ms 32ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/gutter_icon_da504535f4.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 9c1e8490cdbc9161ed15ec33409e7153336b90ebeb60b0a57f71feef00860d80 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 eU7C4KgykmhKkRIRnOvCeiCFxai4KXBgPijKlpA9EpkjsbpqmtfqqSEKBUIu3ACTjs6OSdM9+JaBoAjgnzkJKU7Iyog/q+VFv5YokTkTDG8= ETag "ec03b83fc1ce37f92a9c3743c3ca5ac9" x-amz-request-id PZFCD5EZFKS43DRF Accept-Ranges bytes Content-Length 9460 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 26 Jan 2024 16:42:54 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	step1_686bad3925.webp converge-strapi-prod.s3.amazonaws.com/	32 KB 32 KB	58ms 33ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/step1_686bad3925.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 12a6f5473f7eecbf4e06f4fcd5473b079e24ed74912686de1e185aadc9437421 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 NKYqm4AgmsDFR5jF9zGxMw1jHWz5IOPt0g5KhUxVxJSqEn45D1dEvx2/vPBIUGWeiSixVsPCwaVF9iQH8GSlU+eko4hZjstijm9LYmcda2I= ETag "0e875a9669c534b698ea9a60acc65581" x-amz-request-id PZF29AGTJYSMC60W Accept-Ranges bytes Content-Length 32830 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 22:07:11 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	step2_a4b04ca1a4.webp converge-strapi-prod.s3.amazonaws.com/	46 KB 47 KB	29ms 29ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/step2_a4b04ca1a4.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 0ba00f6a63fb17f631eb3f2b2d3eb6dc1f5b08832075a7ab2716718ecdd74c0d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 rsDuFJ5Q4ywAvCRk5gVZNjItdJ9OFtm6J3zg6o/ThJ3DPAULiUjzsUEYtjpD1Lv7thDsHLN3DhZPDGZ8ljmBbyPsYVbeRmUNv5nrFlKkcic= ETag "1c34c4f1f7597a9e363e3d4b74f7cbf5" x-amz-request-id PZFEGVCR0D2R6FFP Accept-Ranges bytes Content-Length 47208 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 22:06:49 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	step3_c0021c2585.webp converge-strapi-prod.s3.amazonaws.com/	77 KB 78 KB	29ms 29ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/step3_c0021c2585.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 1ec4671f19059bd5a889c78da7613cb0b7ec5103747df7c8f22b731b361725b3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 6DRLcqV4eiysMaxlyyfDwd9vur30HB5Vuhubu2ycl3o+1orvy4dNlQobUHGKfzQusC7fPBx1aVRPURz+FfGywh4Ns14yUlVZaWDU+edj+UM= ETag "b55a0a784cd5afcbc29d708c47597340" x-amz-request-id PZFE75W6PJ7J36NV Accept-Ranges bytes Content-Length 79278 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 22:07:28 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	step4_4c4e452e25.webp converge-strapi-prod.s3.amazonaws.com/	28 KB 28 KB	27ms 27ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/step4_4c4e452e25.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 2437a829bced89e77c4b330fe18167c8de020f09ca95fad4dececfdde764ca0f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 Gzd/rPqFrj/TSQMliQTqSquTj9x+hA51if7N0Jb0cWcgyWkllYBmVIc7oJ76Tb2e8iYwv0A7Ib7vMxyRez3qm2Yo+G+CMXctD8nhtWUmQpg= ETag "eb6c7f5057e712e1ce6585c24f1cffd6" x-amz-request-id PZF5N8SNQTNQV674 Accept-Ranges bytes Content-Length 28674 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 22:07:12 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	five_stars_0bee4e9b6f.png converge-strapi-prod.s3.amazonaws.com/	636 B 1 KB	26ms 26ms	Image image/png	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/five_stars_0bee4e9b6f.png Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash fe18b71db7408a4adf84b570fe64882907a3a975a023ddd0a79300ed28c433b6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 fbL0UakZToP1WWVzP8ppB1B1u6IjhhPwdQPNgGwpBvSc4uK4lQ0+Wk6yHnDtKII7mNVE3b+K22uzHGNbZcwTmyDgL48Lg12A36jy6Xl9q4Q= ETag "a0a13acd78595dc93ddf1d50367d6a61" x-amz-request-id PZF1C2JR88HCCZ6K Accept-Ranges bytes Content-Length 636 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 30 Dec 2022 02:18:33 GMT Content-Type image/png Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	leafvidposterplay_f3804dc247.webp strapi-dev-1.s3.us-west-2.amazonaws.com/	50 KB 51 KB	290ms 101ms	Image image/webp	3.5.87.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://strapi-dev-1.s3.us-west-2.amazonaws.com/leafvidposterplay_f3804dc247.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.87.129 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash b6bbc0fe4da6031463e1e1b66a8372d24ff32f8d88c05c624fc41aeecde9a021 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers ETag "48a005b88e7bcaf73b081dd67e7366a5" x-amz-version-id 0y_p0oa5.ZE3yv4tYrOFetHaOkg9azbt x-amz-request-id PZF3WFEZVVNPKBNM Accept-Ranges bytes Content-Length 51550 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 30 Sep 2022 19:18:50 GMT Content-Type image/webp Server AmazonS3 x-amz-id-2 i+I5nHPEv3nWn5Rwlg46d5rlw5Xyfr26zAs2qXIQjXdfbwSUI6TwE8WXxjaUNGsNJaD+jlR6ut61wBTJYTiEDA==
GET H/1.1	200 OK	550_2fa6e5900c.webp converge-strapi-prod.s3.amazonaws.com/	7 KB 7 KB	28ms 28ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/550_2fa6e5900c.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 89596fd3ec9303a6f0541a2a14c9568b3233e7cc58d71a322e5101239ada8c34 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 GbYAECa0PPTmrn4AINHDmk4SJ2B+/FtpSI7buQ6ZS3gUe4pgRZO6AV2KuqzaVkzHWk7XACYlqBruGaTaDEIfPoYx/nqc7aFMpYC5ASLyZzs= ETag "259bd0926359e88e40e3885ca6661290" x-amz-request-id PZF0RDRCBMGT3WPT Accept-Ranges bytes Content-Length 6742 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 16:08:49 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	homeadvisor2_e03b1a1895.webp converge-strapi-prod.s3.amazonaws.com/	36 KB 37 KB	27ms 27ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/homeadvisor2_e03b1a1895.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , CHACHA20_POLY1305 Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 0228eadbc128df4c3156cf4069a8b49a50a8076caa01921eef059a6e08cb2eab Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 HU77rLR23hN6NZt/77zGxHWQfqORQ7Z+LlYNPznSlN6GJM0tRCdoeIlKQ4j9n6t5FQk63bX+6odqf8JJPaeSlyJLFwQ8c17Ypn4a2h2+6ig= ETag "18a2e874d9d26da095cf42cebe6c3f32" x-amz-request-id PZFA6W62CD17AY0Q Accept-Ranges bytes Content-Length 37278 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 16:08:53 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	trustpilot2_359a7f137d.webp converge-strapi-prod.s3.amazonaws.com/	8 KB 8 KB	27ms 26ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/trustpilot2_359a7f137d.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 94b76acf5bc675f1202ea27990fc54b228892537e5f146eb8d6c5dbfe7daec12 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 0SWpM+mAid4/HLWpbFS7fADnRZPpVjVbGbQSnJWy9+5u7n/yaaK8y5clQiogqLmVlQcxbrXNbkQpOX0srYH/MLAYKhopLLEToF80nwgZgws= ETag "1392dc28685c859c5d6748ce3ac2934f" x-amz-request-id PZFCZ3JJ7N1AYSQG Accept-Ranges bytes Content-Length 7932 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 16:08:51 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	warranty_badge_efbf9d77ed.webp converge-strapi-prod.s3.amazonaws.com/	40 KB 40 KB	26ms 26ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/warranty_badge_efbf9d77ed.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 45425d237311eb59cf4f845d61e282b06389efb8fe5a962b0fb65d6bcc58ee85 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 zg60dCwCxRAK+P1SjxF20dLHEEhrRVkLXJ90vNbDyvO/4520dLcf+tsbKGn7YLmNxJiohwe2xNCt4XBBBYuojxTraORmjMkM8xLRI4Yr5BQ= ETag "9d74bea02f87ee68538cf02d7b2e6496" x-amz-request-id PZFAEEMTJMYQSBVT Accept-Ranges bytes Content-Length 40718 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 17:47:57 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H/1.1	200 OK	whitelogo_c47a79e10b.png converge-strapi-prod.s3.amazonaws.com/	7 KB 8 KB	26ms 26ms	Image image/png	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/whitelogo_c47a79e10b.png Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 873d93396c83aeacd46045f0c34d8e72d78fd1f9290ea3068ab56db72f1b9a84 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 N6h31fQnI44D+v7Eli9QUB/wuSfemY6cobwUi8Gsq2SSKah5QLMgZCpugIq6fB5rVflr/j9I9S3NJja7J0JjYIbN5NlMsIY9BNZdG+QNP4s= ETag "24b20bfe4e2005b3032d429dfa7b14f8" x-amz-request-id PZF03P393EY67E3B Accept-Ranges bytes Content-Length 7667 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 26 Jan 2024 20:55:21 GMT Content-Type image/png Server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	css2 fonts.googleapis.com/	9 KB 943 B	364ms 47ms	Stylesheet text/css	142.251.35.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@600&family=Roboto:wght@100;400;700&display=swap Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/css/1a5a2814967ef026.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f10.1e100.net Software ESF / Resource Hash 17090abdfe1354ff1cea4381b619cdacf66a21592f9f5dcfbfb71d461a027786 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 23 Sep 2024 16:08:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 16:08:39 GMT content-type text/css; charset=utf-8 last-modified Mon, 23 Sep 2024 16:08:39 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	34 KB 3 KB	342ms 26ms	Stylesheet text/css	142.251.35.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,500&display=swap Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/css/1a5a2814967ef026.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.35.170 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s78-in-f10.1e100.net Software ESF / Resource Hash 28e2de70d5304134c39ff182e3bf22c721522d7f1165f495d5bb23fd947ab242 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers content-encoding gzip x-content-type-options nosniff expires Mon, 23 Sep 2024 16:08:39 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 16:08:39 GMT content-type text/css; charset=utf-8 last-modified Mon, 23 Sep 2024 16:08:39 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr access-control-allow-origin * x-xss-protection 0 server ESF
GET H/1.1	206 Partial Content	leaf_testimonials_ba2dbb976a.mp4 strapi-dev-1.s3.us-west-2.amazonaws.com/	902 KB 0	281ms 103ms	Media video/mp4	3.5.87.129 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://strapi-dev-1.s3.us-west-2.amazonaws.com/leaf_testimonials_ba2dbb976a.mp4 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.87.129 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-us-west-2-r-w.amazonaws.com Software AmazonS3 / Resource Hash Request headers Referer https://www.leafprotect.com/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Range bytes=0- Response headers ETag "d5709c8d834a1f3b630454254eedc18a-6" x-amz-version-id 7UKssfJORPTnA6DOdqA3BEAIWEuQh3Bq Content-Range bytes 0-27267925/27267926 x-amz-request-id PZF71HSZWKMC5B3J Accept-Ranges bytes Content-Length 27267926 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Fri, 30 Sep 2022 19:19:18 GMT Content-Type video/mp4 Server AmazonS3 x-amz-id-2 HdzauIpZGm95jn9VnURC2YvFmYv/LfA+n5XK0Jj899umztpjUyvo67JkrqrETq6vhE3B3lH/B6F4ppeezTpR7A==
GET H2	200	gtm.js Show response www.googletagmanager.com/	314 KB 101 KB	370ms 50ms	Script application/javascript	142.251.40.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B Requested by Host: t.co URL: https://t.co/n8mv7qXweW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f8.1e100.net Software Google Tag Manager / Resource Hash 84d519ce7a1691d06081de6170187b245fde4138a05de56c8e23920084fdef7a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers content-encoding br expires Mon, 23 Sep 2024 16:08:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 16:08:40 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Mon, 23 Sep 2024 15:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin * content-length 102929 x-xss-protection 0 server Google Tag Manager
GET H2	200	bootstrap.js Show response cdn.trustedform.com/ Redirect Chain https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276 https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276	16 KB 6 KB	385ms 56ms	Script application/javascript	13.226.34.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Server 13.226.34.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-45.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash a9ca15effbf0330e54b4689789666fc8014699b02e21bfdde88b81b9dce9dd41 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-cf-pop EWR53-C2 content-encoding gzip x-amz-version-id C7Tt1Am5_6kEU3dExSv8eAjxyURGxGPl etag W/"d4786bf7af009705131c8bd5db331fd5" via 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront) x-cache Miss from cloudfront x-amz-cf-id Y-HG7mdACJ0pZb2YPtuaIXiux9nRcJLKMQKjW5Nt7cgHvQr0KADu4A== date Mon, 23 Sep 2024 16:08:41 GMT content-type application/javascript vary Accept-Encoding server AmazonS3 last-modified Tue, 10 Sep 2024 13:31:32 GMT Redirect headers location https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276 content-length 134 date Mon, 23 Sep 2024 16:08:39 GMT content-type text/html server awselb/2.0
GET H2	200	cd_v3.js Show response sdk.helixbi.io/	31 KB 32 KB	393ms 5ms	Script text/javascript	18.238.80.125 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sdk.helixbi.io/cd_v3.js?ct_a=100779&ct_u=5AE6119516F7FA2A155F866558676EC6 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/main-1b339a404c3dec97.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.238.80.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-80-125.jfk52.r.cloudfront.net Software AmazonS3 / Resource Hash ded48368bbd1039552c8f0b6f338c703c0b9678d566c16a1ea18364c2eb4f727 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-version-id 6Q4GjDJTkG16KIfKqurE.ae1lcGnz.k_ etag "6b93794b30debae2c63365125c5d9429" age 5746 via 1.1 23e7aee2c1da825ba7d0bf0266366110.cloudfront.net (CloudFront) accept-ranges bytes x-cache Hit from cloudfront content-length 32033 x-amz-cf-id _rsufOHm284UltAaWmsnJAoUlruVlRPdR9prGXuPZzk2KVOS_tT4jg== date Mon, 23 Sep 2024 14:33:21 GMT content-type text/javascript last-modified Tue, 22 Aug 2023 15:03:12 GMT server AmazonS3 x-amz-cf-pop JFK52-P5 x-amz-server-side-encryption AES256
POST H2	200	/ Show response o1296307.ingest.sentry.io/api/4505903513862145/envelope/	2 B 300 B	82ms 33ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o1296307.ingest.sentry.io/api/4505903513862145/envelope/?sentry_key=a26504eb9a3db3cebe49e82b564ecc31&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.69.0 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2 date Mon, 23 Sep 2024 16:08:39 GMT content-type application/json vary origin, access-control-request-method, access-control-request-headers server nginx
GET H/1.1	200 OK	guttercorner_073cf15f93.webp converge-strapi-prod.s3.amazonaws.com/	128 KB 128 KB	40ms 39ms	Image image/webp	3.5.27.183 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://converge-strapi-prod.s3.amazonaws.com/guttercorner_073cf15f93.webp Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/css/1a5a2814967ef026.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 3.5.27.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 70706d2ade2234d4c60a1c57f51f77f92c203d853ea45e141afe727def697a99 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-id-2 ZUZY4NPTUxupMjdu+FDmWnEOHHqtu9xoJJ7rs9JV996z+TpFGgk7ATrz5Tw025SJPju6hTwIaGLlMFW37CoQf2PZQ/aOsy4HbNAuijqIBiA= ETag "3a6ce1064777ce8b36bc42ecf72f3be0" x-amz-request-id PZF2GQSSXVBS4BE6 Accept-Ranges bytes Content-Length 130834 Date Mon, 23 Sep 2024 16:08:40 GMT Last-Modified Tue, 30 Jan 2024 15:42:15 GMT Content-Type image/webp Server AmazonS3 x-amz-server-side-encryption AES256
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v40/	47 KB 48 KB	366ms 35ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.leafprotect.com Referer https://fonts.googleapis.com/ Response headers age 430035 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 18 Sep 2025 16:41:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 16:41:25 GMT last-modified Thu, 14 Dec 2023 02:08:40 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48236 x-xss-protection 0 server sffe
GET H2	200	memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWVAewA.woff2 fonts.gstatic.com/s/opensans/v40/	19 KB 19 KB	371ms 40ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk_RkWVAewA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;1,500&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash f559046535006bc5f3990c944f0fb2c5938a23f637a5771fda979d1f1b0100d5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.leafprotect.com Referer https://fonts.googleapis.com/ Response headers age 427173 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 18 Sep 2025 17:29:07 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 17:29:07 GMT last-modified Thu, 14 Dec 2023 02:03:29 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 19332 x-xss-protection 0 server sffe
GET		adacac67-4e89-416e-b338-68034bc021b0 https://www.leafprotect.com/ Frame	0 0
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v32/	18 KB 18 KB	285ms 37ms	Font font/woff2	142.251.40.131 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@600&family=Roboto:wght@100;400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.131 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f3.1e100.net Software sffe / Resource Hash 89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://www.leafprotect.com Referer https://fonts.googleapis.com/ Response headers age 432019 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 18 Sep 2025 16:08:21 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Sep 2024 16:08:21 GMT last-modified Thu, 01 Aug 2024 20:41:24 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 18536 x-xss-protection 0 server sffe
GET H2	200	save.json Show response www.leafprotect.com/_next/data/fnY_z9w18UzB0NTbvtLpg/	286 KB 44 KB	6ms 5ms	Fetch application/json	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/_next/data/fnY_z9w18UzB0NTbvtLpg/save.json?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 6f699ba7834a8f817ce8e239d535ac802a8d560aaf70a8144d215f5133684ac3 Request headers x-nextjs-data 1 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE purpose prefetch User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding br etag W/"331b0fa90e6209f5a1e5d4f97d4332d9" age 17140 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id 40Fy_53-dK4twsNlqxtaNEfH6A_J2IkN0jrGAnuv_J65sUwicDY5uw== date Mon, 23 Sep 2024 11:23:00 GMT content-type application/json last-modified Wed, 21 Aug 2024 16:43:37 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	gw gw.helixbi.io/	43 B 224 B	477ms 72ms	Image image/gif	34.223.30.223 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://gw.helixbi.io/gw?g.t=1727107720096&g.r=i&g.d=100779&g.u=5AE6119516F7FA2A155F866558676EC6&dv.gv=0.1.0&g.x=379613504D-6158-FJ6A&g.i=1.1.0-JSW&v.i=379613504D-6158-FJ6A&g.a=pv&p.t=Save%20your%20home%20with%20LeafFilter%20-%20LeafFilter&p.r=https%3A%2F%2Frueddour.win%2F&s.sr=1600x1200&p.sc=1&s.sc=1&v.sc=1&v.c=1&v.fl=1727107720096&s.s=1727107720096&v.fs=1727107720096&h.cm.id=8489&h.cm.lp=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F&h.cm.a1=41997&h.cm.a2=473563&h.cm.a3=455389720&h.cm.a6=1&h.cm.fr=1727107720096&h.cm.rc=1&h.cm.ts=1727107720096&h.et=campaigns Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.223.30.223 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-223-30-223.us-west-2.compute.amazonaws.com Software Jetty(9.4.54.v20240208) / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers expires Thu, 01 Jan 1970 00:00:00 GMT cache-control private, no-cache, no-store, proxy-revalidate content-length 43 date Mon, 23 Sep 2024 16:08:40 GMT pragma no-cache content-type image/gif server Jetty(9.4.54.v20240208)
GET H2	200	js Show response www.googletagmanager.com/gtag/	278 KB 96 KB	45ms 43ms	Script application/javascript	142.251.40.136 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s80-in-f8.1e100.net Software Google Tag Manager / Resource Hash 9e315c8f184849b99c868ea6dc9784be1d47aa2634d1d16452d15e13e6d127bc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding br cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Mon, 23 Sep 2024 16:08:40 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 97900 date Mon, 23 Sep 2024 16:08:40 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET H/1.1	200 OK	up_loader.1.1.0.js Show response js.adsrvr.org/	14 KB 6 KB	61ms 7ms	Script application/x-javascript	108.139.33.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.adsrvr.org/up_loader.1.1.0.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.139.33.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-139-33-128.jfk50.r.cloudfront.net Software AmazonS3 / Resource Hash 71d18af9ee879a36717e1ea3367b669031e3f6b12cb0aa1373fd200d278c4e6a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers Transfer-Encoding chunked Vary Accept-Encoding Content-Encoding gzip ETag W/"0a898f6edf2d77595f7378557dd8fb96" Age 82139 Connection keep-alive Via 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront) X-Cache Hit from cloudfront X-Amz-Cf-Id Qkuy-KvyoeVXICYBkOuzW2F2w9LD2K3FN_k0A1uLOuC93P6yPU2UCg== Date Sun, 22 Sep 2024 17:19:42 GMT Content-Type application/x-javascript Last-Modified Wed, 11 Sep 2024 19:27:43 GMT Server AmazonS3 X-Amz-Cf-Pop JFK50-P2 x-amz-server-side-encryption AES256
GET H2	200	ld.js Show response dynamic.criteo.com/js/ld/	50 KB 22 KB	336ms 9ms	Script application/javascript	74.119.117.10 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://dynamic.criteo.com/js/ld/ld.js?a=101974 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-5NF348B Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.10 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 96fa4f6ce2bd9e61592e6ba3206b1c248d0fb899af9c77f8431816f2aac4634d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control public,max-age=10800 timing-allow-origin * content-encoding br cross-origin-resource-policy cross-origin date Mon, 23 Sep 2024 16:08:39 GMT content-type application/javascript; charset=utf-8 vary Origin, Accept-Encoding server Kestrel
POST H2	204	collect Show response analytics.google.com/g/	0 248 B	337ms 19ms	Fetch text/plain	216.239.34.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-3HHP2G7VL2&gtm=45je49j0v888687097z8831796620za200zb831796620&_p=1727107719693&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=237494034.1727107720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=379613504D-6158-FJ6A&sid=1727107720&sct=1&seg=0&dl=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&dr=https%3A%2F%2Frueddour.win%2F&dt=Save%20your%20home%20with%20LeafFilter%20-%20LeafFilter&en=page_view&_fv=1&_nsi=1&_ss=1&ep.scenario=null&ep.hxc_id=8489&up.user_id=379613504D-6158-FJ6A&tfd=1544 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.leafprotect.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Mon, 23 Sep 2024 16:08:40 GMT content-type text/plain server Golfe2
POST H2	204	collect stats.g.doubleclick.net/g/	0 248 B	341ms 20ms	Ping text/plain	172.253.115.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HHP2G7VL2&cid=237494034.1727107720&gtm=45je49j0v888687097z8831796620za200zb831796620&aip=1&uid=379613504D-6158-FJ6A&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.115.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS bg-in-f155.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.leafprotect.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Mon, 23 Sep 2024 16:08:40 GMT content-type text/plain server Golfe2
GET H2	200	rul td.doubleclick.net/td/ga/ Frame BED5	0 0	367ms 41ms	Document text/html	142.251.40.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://td.doubleclick.net/td/ga/rul?tid=G-3HHP2G7VL2&gacid=237494034.1727107720&gtm=45je49j0v888687097z8831796620za200zb831796620&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=518810142 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-3HHP2G7VL2&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.226 Queens, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s39-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.leafprotect.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 16 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 23 Sep 2024 16:08:40 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	syncframe gum.criteo.com/ Frame 9BB1	0 0	180ms 12ms	Document text/html	74.119.117.17 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://gum.criteo.com/syncframe?topUrl=www.leafprotect.com&origin=onetag Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=101974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.17 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.leafprotect.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers cache-control private, max-age=3600 content-encoding gzip content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 23 Sep 2024 16:08:40 GMT server Kestrel server-processing-duration-in-ticks 386947 strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-robots-tag noindex
POST H2	201	certs Show response api.trustedform.com/	474 B 685 B	32ms 12ms	XHR application/json	3.230.86.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.230.86.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-86-134.compute-1.amazonaws.com Software Cowboy / Resource Hash 00308ed163540415355275d8cc982d5cdc0c6a80e384bf815ff1f382d85551f5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.leafprotect.com/ Response headers access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-origin * content-length 474 date Mon, 23 Sep 2024 16:08:40 GMT content-type application/json; charset=utf-8 server Cowboy
GET H2	200	/ match.adsrvr.org/track/upb/ Frame 1FA5 Redirect Chain https://insight.adsrvr.org/track/up?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3De... https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3De...	0 0	16ms 11ms	Document text/html	15.197.193.217 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&upid=j47mfq7&upv=1.1.0&paapi=1 Requested by Host: js.adsrvr.org URL: https://js.adsrvr.org/up_loader.1.1.0.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a12b7a488abeaa9e4.awsglobalaccelerator.com Software Kestrel / Resource Hash Request headers Referer https://www.leafprotect.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html date Mon, 23 Sep 2024 16:08:40 GMT server Kestrel vary Accept-Encoding Redirect headers content-length 645 date Mon, 23 Sep 2024 16:08:40 GMT location https://match.adsrvr.org/track/upb/?adv=uut609r&ref=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&upid=j47mfq7&upv=1.1.0&paapi=1 server Kestrel
GET H2	200	favicon.ico www.leafprotect.com/	15 KB 15 KB	7ms 6ms	Other image/vnd.microsoft.icon	13.226.34.82 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.leafprotect.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.82 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-82.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash 289c04b1786256d447be461d22c4296359e0e43b7b34c476a72351b0b9998b12 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/save/?hxc_id=8489&hxc_a1=41997&hxc_a2=473563&hxc_a3=455389720&hxc_a6=1&utm_medium=email&utm_source=DA&utm_campaign=41ACET4&utm_content=20ACE Response headers etag "499383505c64a32ff6aee9544837fcb4" age 23877 via 1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront) x-cache Hit from cloudfront content-length 15406 x-amz-cf-id tDQDEuSKd0KiMskxCd5JEN2yrvPIs7KF7hWcaJiAmsY_t7-5aqQxrA== date Mon, 23 Sep 2024 15:00:10 GMT content-type image/vnd.microsoft.icon last-modified Wed, 21 Aug 2024 16:43:39 GMT server AmazonS3 x-amz-cf-pop EWR53-C2 vary Accept-Encoding
GET H2	200	event Show response sslwidget.criteo.com/	10 KB 5 KB	47ms 16ms	Script application/x-javascript	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://sslwidget.criteo.com/event?a=101974&v=5.27.0&otl=1&p0=e%3Dce%26m%3D%255B%252523%252523Email%252520Address%252523%252523%255D%26h%3D%2523%2523Hash%2520Method%2523%2523&p1=e%3Dexd%26z%3D%2523%2523Zip%2520Code%2523%2523%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Frueddour.win&p2=e%3Dvh%26tms%3Dcustom-guide&p3=e%3Dvp%26p%3D1%26tms%3Dcustom-guide&p4=e%3Ddis&adce=1&bundle=7FOvsl90Tmo3eGx6Z2I1d2lNYXZSNkFZcm84UjFvUVo3VEgxU1NPUTZ6Q01ZN2ZhMlNyNlhDWTUyTzdKVXM3cjNOWSUyQkElMkI1MUFTVEQ1RVAwTlFmSmFMY3B1eUdmTzZYeVo1UDQ3ZjEzUDAwTkJuZXZSbzY2QXlmTVEzTkxndDV3ajI3SFE2QUVWeXhyOW4xSkdjNmQ2alF6Y0w3ZFp6dGY5bTRuS0lqNE1HdEtkMFU0JTNE&tld=leafprotect.com&dy=1&fu=https%253A%252F%252Fwww.leafprotect.com%252Fsave%252F%253Fhxc_id%253D8489%2526hxc_a1%253D41997%2526hxc_a2%253D473563%2526hxc_a3%253D455389720%2526hxc_a6%253D1%2526utm_medium%253Demail%2526utm_source%253DDA%2526utm_campaign%253D41ACET4%2526utm_content%253D20ACE&pu=https%253A%252F%252Frueddour.win%252F&ceid=d8ecdf24-0367-4f15-8260-25c2284792d9 Requested by Host: dynamic.criteo.com URL: https://dynamic.criteo.com/js/ld/ld.js?a=101974 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 2275083edd3cd375f391f45f1def94a2849c77d9e16672cea1bafef6b539fa4c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache timing-allow-origin * content-encoding gzip pragma no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 7361710 expires 0 access-control-allow-origin * p3p NON DSP COR CURa PSA PSD OUR BUS NAV STA date Mon, 23 Sep 2024 16:08:40 GMT content-type application/x-javascript server Kestrel
GET H2	200	trustedform-1.9.24.js Show response cdn.trustedform.com/	98 KB 37 KB	7ms 6ms	Script application/javascript	13.226.34.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/trustedform-1.9.24.js Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=17271077196940.6567456229662276 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.226.34.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-226-34-45.ewr53.r.cloudfront.net Software AmazonS3 / Resource Hash ab5a0afa079dde495f733462f614c3fd0107d3010a81f1ec2e1d036cee18f9a0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers x-amz-cf-pop EWR53-C2 content-encoding gzip x-amz-version-id YJu0W1DY5HxTiBrUMWwna2_LWlffXZH_ etag W/"ac26707e594409a1ee31526d50663c0d" age 13 via 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront) x-cache Hit from cloudfront x-amz-cf-id p5MO27I2_P4BtRGuyscAt38onGW741dC5llgXqdcu0ERXAgO4v6iCg== date Mon, 23 Sep 2024 16:08:35 GMT content-type application/javascript vary Accept-Encoding server AmazonS3 last-modified Tue, 10 Sep 2024 13:31:32 GMT
POST H2	204	snapshot Show response api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/	0 159 B	22ms 17ms	XHR text/plain	3.230.86.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/snapshot Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.230.86.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-86-134.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.leafprotect.com/ Response headers access-control-expose-headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate date Mon, 23 Sep 2024 16:08:40 GMT server Cowboy access-control-allow-credentials true
POST H2	204	fingerprints Show response api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/	0 159 B	13ms 12ms	XHR text/plain	3.230.86.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/fingerprints Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.230.86.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-86-134.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.leafprotect.com/ Response headers access-control-expose-headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate date Mon, 23 Sep 2024 16:08:40 GMT server Cowboy access-control-allow-credentials true
GET		truncated / Frame	0 0
GET H2	200	interest-group fledge.us.criteo.com/ Frame E0A3	0 0	332ms 10ms	Document text/html	74.119.117.20 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://fledge.us.criteo.com/interest-group?data=LH3MOXxKbVZXUTFYZEdxK3gwaldRR0hBbzJEWHFNanp2ZDZNUmpFeURCZGRsTXdGTVpQVWJLOC9tVnNmVkVWazBUb3RremUrZGFaWkM1U0xQSnJ6eGp6dHNkaDBaZ1dHbEJyTWMwTDNvK2E2QmtVdlVySkcwSXRGcW04OFY3ZDJuREt1STBkZm1EUm04R21yYjljQ2QvdDNOZWYreUhWL3d2QmhvMEUvaGRZS01uTzVlQW55di9xaEx4eUhaWmdDdmJSMFp8 Requested by Host: t.co URL: https://t.co/n8mv7qXweW Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.20 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://www.leafprotect.com/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding br content-type text/html date Mon, 23 Sep 2024 16:08:40 GMT observe-browsing-topics ?1 server Kestrel strict-transport-security max-age=31536000; preload; vary Accept-Encoding x-allow-fledge true
GET H2	200	register-trigger measurement-api.criteo.com/	0 0	343ms 10ms	Fetch	74.119.117.37 AS-CRITEO
General Check archive.org Show headers Download Go to Full URL https://measurement-api.criteo.com/register-trigger?partner_id=101974&uid=0b08f0cc-135c-48d7-aeb8-3f83e965438a&event_name=ItemPageView&islcc=0&amount_euro=0&client_side_event_id=d8ecdf24-0367-4f15-8260-25c2284792d9 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.119.117.37 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; preload; attribution-reporting-info report-header-errors=?1 access-control-allow-credentials true access-control-allow-origin https://www.leafprotect.com content-length 0 date Mon, 23 Sep 2024 16:08:40 GMT attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0","priority":"0"}],"debug_key":"1897075120993146367","debug_reporting":true,"aggregatable_values":{},"aggregatable_source_registration_time":"include"} vary Origin server Kestrel
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/google/ Frame 31D6 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_cm&google_hm=ay1ZY1VPdWhpTlFSQzFVQzJqRnN0dHA1R3ptc2pwV2J0W... https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_gid=CAESEKnPTC352IdcVoEwOlI2YiQ&google_cver=1&google_ula=913071,0	43 B 370 B	10ms 10ms	Image image/gif	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_gid=CAESEKnPTC352IdcVoEwOlI2YiQ&google_cver=1&google_ula=913071,0 Protocol H2 Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1407686 expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' date Mon, 23 Sep 2024 16:08:40 GMT content-type image/gif server Kestrel Redirect headers cache-control no-cache, must-revalidate location https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&google_gid=CAESEKnPTC352IdcVoEwOlI2YiQ&google_cver=1&google_ula=913071,0 pragma no-cache cross-origin-resource-policy cross-origin expires Fri, 01 Jan 1990 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-length 398 date Mon, 23 Sep 2024 16:08:40 GMT x-xss-protection 0 content-type text/html; charset=UTF-8 server HTTP server (unknown)
GET H2	200	sync x.bidswitch.net/ul_cb/ Frame 31D6 Redirect Chain https://x.bidswitch.net/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30 https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30	43 B 288 B	26ms 25ms	Image image/gif	35.211.202.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30 Protocol H2 Server 35.211.202.130 North Charleston, United States, ASN15169 (GOOGLE, US), Reverse DNS 130.202.211.35.bc.googleusercontent.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers via 1.1 google cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif Redirect headers via 1.1 google cache-control no-cache, no-store, must-revalidate location https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-Q7aHMRiNQRC1UC2jFsttp5GzmsjzJrPzBMtYiw&expires=30 content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 16:08:41 GMT
GET H2	200	cookiematch.aspx dis.criteo.com/dis/rtb/appnexus/ Frame 31D6 Redirect Chain https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3949501723216508955	43 B 370 B	13ms 12ms	Image image/gif	74.119.117.16 AS-CRITEO
General Check archive.org Show headers Download Go to Show image Full URL https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3949501723216508955 Protocol H2 Server 74.119.117.16 , United States, ASN19750 (AS-CRITEO, US), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; preload; cache-control no-cache timing-allow-origin * pragma no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1002936 expires Mon, 26 Jul 1997 05:00:00 GMT p3p CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA' date Mon, 23 Sep 2024 16:08:40 GMT content-type image/gif server Kestrel Redirect headers cache-control no-store, no-cache, private location https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3949501723216508955 pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness access-control-allow-credentials true x-proxy-origin 5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT access-control-allow-origin * an-x-request-uuid 6f1b9301-fdb0-4461-ac75-67a161919749 content-length 0 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Mon, 23 Sep 2024 16:08:40 GMT x-xss-protection 0 content-type text/html; charset=utf-8 server nginx/1.23.4
GET H2	204	/ partner.mediawallahscript.com/ Frame 31D6 Redirect Chain https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&custom=&tag_format=img&tag_action=sync&custom=&cb=ff5f1e2c-3f8d-4918-9808-5988834... https://partner.mediawallahscript.com/?account_id=1043&partner_id=1048&uid=k-YcUOuhiNQRC1UC2jFsttp5GzmsjpWbtXBLDc1w&custom%5B0%5D=&custom%5B1%5D=&tag_format=img&tag_action=sync&cb=ff5f1e2c-3f8d-491... https://secure.adnxs.com/getuid?https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=$UID&tag_format=img&tag_action=sync https://partner.mediawallahscript.com/?account_id=2016&partner_id=2087&uid=3949501723216508955&tag_format=img&tag_action=sync https://sync.crwdcntrl.net/map/c=14717/tp=MWSP/tpid=197554a0-79c6-11ef-ade3-61211df2b57b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bprofile... https://sync.crwdcntrl.net/map/ct=y/c=14717/tp=MWSP/tpid=197554a0-79c6-11ef-ade3-61211df2b57b?https%3A%2F%2Fpartner.mediawallahscript.com%2F%3Faccount_id%3D2023%26partner_id%3D2118%26uid%3D%24%7Bpr... https://partner.mediawallahscript.com/?account_id=2023&partner_id=2118&uid=37b62cb3a0d0113ee403394183d6c840&tag_format=img&tag_action=sync&cb=294052430 https://match.adsrvr.org/track/cmf/generic?ttd_pid=vxsrv3i&ttd_tpi=1 https://partner.mediawallahscript.com/?account_id=2027&partner_id=2051&uid=31298eff-ef30-4382-b217-43ec8d7781ee&tag_format=img&tag_action=sync&cb= https://ws.rqtrk.eu/pushpull?pid=e873dca0-85f0-4b95-bfab-a8d855ece660&g=1&tr=1&return-unstable=true&uid=197554a0-79c6-11ef-ade3-61211df2b57b&cb=1727107721092&rmn=y&redirect=https%3A%2F%2Fpartner.me... https://partner.mediawallahscript.com/?account_id=2041&partner_id=2130&uid=3654cea9-8ce6-4499-89de-6a6ca0387379&custom=&tag_format=img&tag_action=sync&rmt=true&cb=1727107721092 https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/mwal?url=https://partner.mediawallahscript.com/?account_id%3D2006%26partner_id%3D2131%26custom%3D%26tag_format%3Dimg%26tag_action%3Dsync https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=199e6070-79c6-11ef-addb-8b24bd9512f4	0 406 B	34ms 34ms	Image text/plain	50.16.251.102 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=199e6070-79c6-11ef-addb-8b24bd9512f4 Protocol H2 Server 50.16.251.102 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-251-102.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers expires Sat, 26 Jul 1997 05:00:00 GMT cache-control private, no-cache, must-revalidate, no-store, max-age=0 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" date Mon, 23 Sep 2024 16:08:41 GMT server nginx Redirect headers strict-transport-security max-age=31536000 access-control-allow-origin * location https://partner.mediawallahscript.com/?account_id=2006&partner_id=2131&custom=&tag_format=img&tag_action=sync&puid=199e6070-79c6-11ef-addb-8b24bd9512f4 content-length 0 date Mon, 23 Sep 2024 16:08:41 GMT cross-origin-resource-policy cross-origin
GET H/1.1	200 OK	/ rtb-csync.smartadserver.com/redir/ Frame 31D6	43 B 688 B	524ms 124ms	Image image/gif	23.105.12.121 LEASEWEB-USA-WDC
General Check archive.org Show headers Download Go to Show image Full URL https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-dpMg0xiNQRC1UC2jFsttp5GzmsimAaynRHV2uQ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.105.12.121 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US), Reverse DNS Software / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers transfer-encoding chunked cache-control no-cache,no-store p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" date Mon, 23 Sep 2024 16:08:40 GMT pragma no-cache content-type image/gif
GET H2	200	/ sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 31D6	0 374 B	19ms 3ms	Image text/plain	141.226.224.48 TABOOLA-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-XY0FaRiNQRC1UC2jFsttp5GzmsjzSe3L9UPG6Q Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers x-fastly-to-nlb-rtt 1475 date Mon, 23 Sep 2024 16:08:40 GMT server nginx access-control-allow-credentials true
GET H2	200	sync visitor.omnitagjs.com/visitor/ Frame 31D6	49 B 342 B	63ms 7ms	Image image/gif	195.244.31.10 IGUANA-WORLDWIDE
General Check archive.org Show headers Download Go to Show image Full URL https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-WIY2UBiNQRC1UC2jFsttp5GzmsiWEc5I-MYbWg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US), Reverse DNS Software ayl-lb-usa02 / Resource Hash d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38 Security Headers Name Value X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache x-envoy-upstream-service-time 3 x-content-type-options nosniff expires 0 p3p CP="CAO PSA OUR" content-length 49 date Mon, 23 Sep 2024 16:08:40 GMT content-type image/gif vary Accept-Encoding server ayl-lb-usa02
GET H2	200	sync tags.bluekai.com/site/29001/ Frame 31D6 Redirect Chain https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0gkQPbyXA6kNUZsFmkeX69edwoP2Yo2E	62 B 582 B	156ms 117ms	Image image/gif	23.216.137.114 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0gkQPbyXA6kNUZsFmkeX69edwoP2Yo2E Protocol H2 Server 23.216.137.114 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-216-137-114.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers x-request-id 3f32cb99c8908efbc280aca1f33f6360 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" content-length 62 date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif bk-server aecc Redirect headers strict-transport-security max-age=31536000; preload; cache-control private, max-age=0, no-cache, no-store, must-revalidate location https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=0gkQPbyXA6kNUZsFmkeX69edwoP2Yo2E content-length 0 date Mon, 23 Sep 2024 16:08:40 GMT server Kestrel server-processing-duration-in-ticks 953544
GET H2	200	rum r.casalemedia.com/ Frame 31D6 Redirect Chain https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw&C=1	43 B 327 B	34ms 33ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw&C=1 Protocol H2 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cf-cache-status DYNAMIC pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdiSX2l2Ac8dmD0ZS6cDGKem%2FDha4qcaSTtQkXWXyUrIACmQp7RqUztjKwP3Bg9AdjiJ3%2FCuTh0Z%2F7%2F562qMTx%2BCO3ThcjZI%2BK1GlfWxDjqG82qLEtEh5PzkpcBfYAtYEpNg"}],"group":"cf-nel","max_age":604800} cf-ray 8c7bcb77eccc8c78-EWR expires 0 content-length 43 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Mon, 23 Sep 2024 16:08:40 GMT content-type image/gif vary Accept-Encoding server cloudflare Redirect headers cache-control no-cache location /rum?cm_dsp_id=20&external_user_id=k-EYh0ghiNQRC1UC2jFsttp5Gzmsj7uKxL3KC2nw&C=1 cf-cache-status DYNAMIC pragma no-cache nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7B5%2Blxu5ZOboVYikdfXTuRD8Yod5jOidn31N7usu1JAOAGmnA3BuOafM8pvCZJyCxeuw1qxRosBfcsiquD8SCK8N5Gj0vFUAZpI9PIPHsq%2B5CZfjmIzT8U%2Fa4vrTLBce9U2"}],"group":"cf-nel","max_age":604800} cf-ray 8c7bcb77ac678c78-EWR expires 0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" date Mon, 23 Sep 2024 16:08:40 GMT vary Accept-Encoding server cloudflare
GET H/1.1	200	user-registering ads.stickyadstv.com/ Frame 31D6	43 B 664 B	64ms 5ms	Image image/gif	63.251.28.210 INTERNAP-BLK3
General Check archive.org Show headers Download Go to Show image Full URL https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-M2kqMxiNQRC1UC2jFsttp5GzmshIwii1PpAKxg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 63.251.28.210 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US), Reverse DNS Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Transfer-Encoding chunked Cache-Control no-cache Pragma no-cache x-sticky-vk 1727107720922095-1157 Connection keep-alive Access-Control-Allow-Credentials true Access-Control-Allow-Origin * Date Mon, 23 Sep 2024 16:08:40 GMT Content-Type image/gif Server nginx
GET H2	200	match ad.360yield.com/ul_cb/ Frame 31D6 Redirect Chain https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g	43 B 447 B	13ms 13ms	Image image/gif	18.235.49.71 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g Protocol H2 Server 18.235.49.71 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-18-235-49-71.compute-1.amazonaws.com Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers access-control-allow-origin * content-length 43 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif Redirect headers access-control-allow-origin * location https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-bxdY8RiNQRC1UC2jFsttp5GzmsgaAqyPFjJk_g content-length 0 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" date Mon, 23 Sep 2024 16:08:40 GMT content-type text/plain
GET H2	200	sync pippio.com/api/ Frame 31D6 Redirect Chain https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7yn6HRiNQRC1UC2jFsttp5Gzmsi9KXK258GHng https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=k-7yn6HRiNQRC1UC2jFsttp5Gzmsi9KXK258GHng&_li_chk=true&previous_uuid=fa8f752bc3394f30b13a30bd4237837e https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=fa8f752b-c339-4f30-b13a-30bd4237837e https://p.rfihub.com/cm?pub=39342&in=1&userid=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D064a62ba-3218-4793-... https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=2810316576791345557&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D064a62... https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&pid=500040&it=1&iv=064a62ba-3218-4793-9f11-58a3dc51b90d%3A1727107721.058372&_=17271... https://pippio.com/api/sync?it=1&pid=500040&_=1727107721.0600736&iv=064a62ba-3218-4793-9f11-58a3dc51b90d:1727107721.058372	42 B 569 B	59ms 40ms	Image image/gif	107.178.254.65 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pippio.com/api/sync?it=1&pid=500040&_=1727107721.0600736&iv=064a62ba-3218-4793-9f11-58a3dc51b90d:1727107721.058372 Protocol H2 Server 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 65.254.178.107.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store timing-allow-origin * via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" content-length 42 date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif Redirect headers Strict-Transport-Security max-age=31536000; includeSubDomains Location https://pippio.com/api/sync?it=1&pid=500040&_=1727107721.0600736&iv=064a62ba-3218-4793-9f11-58a3dc51b90d:1727107721.058372 Content-Length 0 Date Mon, 23 Sep 2024 16:08:41 GMT Request-Time 0 Connection keep-alive
GET H2	200	cksync.php contextual.media.net/ Frame 31D6	61 B 815 B	137ms 114ms	Image image/gif	23.200.196.24 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ZwoP1BiNQRC1UC2jFsttp5Gzmsjj-m42szrQDQ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.200.196.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-200-196-24.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000 cache-control max-age=0, no-cache, no-store pragma no-cache expires Mon, 23 Sep 2024 16:08:41 GMT x-mnet-hl2 E alt-svc h3=":443"; ma=93600 p3p CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA content-length 61 date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif server Apache
GET H2	200	push exchange.mediavine.com/usersync/ Frame 31D6	0 968 B	43ms 13ms	Image text/html	50.16.56.69 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-EiIbrxiNQRC1UC2jFsttp5GzmsjX9kWKvjBnuw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.16.56.69 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-16-56-69.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control private, no-cache content-encoding gzip date Mon, 23 Sep 2024 16:08:40 GMT content-type text/html; charset=utf-8 vary Origin, Accept-Encoding access-control-allow-credentials true
GET H2	200	c.gif c.bing.com/ Frame 31D6	42 B 691 B	337ms 18ms	Image image/gif	204.79.197.237 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-h-sNixiNQRC1UC2jFsttp5GzmsjtW_rvTiOaXw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 204.79.197.237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control private, no-cache, proxy-revalidate, no-store pragma no-cache etag "bb391b5d70eeda1:0" x-msedge-ref Ref A: 943C0A9220F94089B3152071E25C56D9 Ref B: EWR311000108031 Ref C: 2024-09-23T16:08:41Z accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version accept-ranges bytes x-cache CONFIG_NOCACHE content-length 42 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" date Mon, 23 Sep 2024 16:08:40 GMT content-type image/gif last-modified Wed, 14 Aug 2024 17:35:32 GMT x-powered-by ASP.NET
GET H2	200	1017 jadserve.postrelease.com/suid/ Frame 31D6	43 B 535 B	49ms 11ms	Image image/gif	44.210.170.249 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://jadserve.postrelease.com/suid/1017?vk=k-HR4FRxiNQRC1UC2jFsttp5Gzmsh_dgtPOPYxRw Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.210.170.249 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-210-170-249.compute-1.amazonaws.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma no-cache expires Mon, 1 Jan 1990 12:00:00 GMT access-control-allow-origin * content-length 43 p3p CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif server nginx
GET H/1.1	200 OK	cookie-sync sync.outbrain.com/ Frame 31D6	0 360 B	37ms 8ms	Image text/plain	70.42.32.159 AS-OUTBRAIN
General Check archive.org Show headers Download Go to Show image Full URL https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-9Oy_BhiNQRC1UC2jFsttp5GzmsgB93SDgNTEww&initiator=partner Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US), Reverse DNS ny.outbrain.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains; preload cache-control no-cache content-length 0 date Mon, 23 Sep 2024 16:08:41 GMT x-traceid 01d59ce88139786698157c29a5a6eabf
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 31D6	42 B 578 B	25ms 6ms	Image image/gif	207.65.37.184 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Ev7P2xiNQRC1UC2jFsttp5Gzmsh1S-U3QS8Tgw Protocol H2 Security TLS 1.3, , AES_128_GCM Server 207.65.37.184 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-store, no-cache, private content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif; charset=utf-8 server nginx
GET		pixel_sync trends.revcontent.com/cm/ Frame 31D6	0 0
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 31D6	42 B 2 KB	44ms 12ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-olSy-xiNQRC1UC2jFsttp5GzmsinWO0UntmliA&expires=30 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers Expires 0 Cache-Control no-cache,no-store,must-revalidate P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" X-RPHost cdd55fb02049ca8b9389527f6c1a1194 Pragma no-cache content-length 42 Content-Type image/gif
GET H2	200	v1 match.sharethrough.com/sync/ Frame 31D6	68 B 301 B	95ms 9ms	Image image/png	3.81.174.250 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-9_BL-hiNQRC1UC2jFsttp5Gzmsj7GpzLP1WRBg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 3.81.174.250 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-81-174-250.compute-1.amazonaws.com Software / Resource Hash 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824 Security Headers Name Value Strict-Transport-Security max-age=16000000; includeSubDomains; preload; Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=16000000; includeSubDomains; preload; cache-control no-cache content-length 68 content-type image/png
GET H2	204	/ s.ad.smaato.net/c/ Frame 31D6	0 309 B	354ms 39ms	Image text/plain	3.168.122.20 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-DObzYhiNQRC1UC2jFsttp5GzmsjKoDqDGJf6kg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.168.122.20 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-168-122-20.jfk52.r.cloudfront.net Software CloudFront / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers via 1.1 d3a3a5c0949462849856f4aca1fd42ac.cloudfront.net (CloudFront) cache-control no-cache, must-revalidate x-cache Miss from cloudfront x-amz-cf-id E4wBSVgF-tnFlSktnXQz6N_CJFbcYplFo41vVzvOrxDYnIWSpryuBg== date Mon, 23 Sep 2024 16:08:41 GMT x-amz-cf-pop JFK52-P7 server CloudFront
GET H2	200	1 tapestry.tapad.com/tapestry/ Frame 31D6	95 B 533 B	63ms 27ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://tapestry.tapad.com/tapestry/1?ta_partner_id=2052&ta_partner_did=k-OXVlsRiNQRC1UC2jFsttp5Gzmsjfn3J7YZYZKg&ta_format=png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000 via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-length 95 date Mon, 23 Sep 2024 16:08:41 GMT content-type image/png server Jetty(11.0.13)
GET H2	200	um criteo-sync.teads.tv/ Frame 31D6	23 B 278 B	55ms 26ms	Image image/gif	104.76.105.133 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-sync.teads.tv/um?eid=80&uid=k-edMd3xiNQRC1UC2jFsttp5GzmsjQD6udg52YqA Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.76.105.133 Secaucus, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-76-105-133.deploy.static.akamaitechnologies.com Software pekko-http/1.0.1 / Resource Hash 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers expires Mon, 23 Sep 2024 16:08:41 GMT cache-control max-age=0, no-cache, no-store content-length 23 pragma no-cache date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif server pekko-http/1.0.1
GET H2	200	sync criteo-partners.tremorhub.com/ Frame 31D6	43 B 397 B	385ms 11ms	Image image/gif	3.223.227.135 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://criteo-partners.tremorhub.com/sync?UICR=k-fGoCjxiNQRC1UC2jFsttp5GzmsjphS3sFAiDhA Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.223.227.135 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-223-227-135.compute-1.amazonaws.com Software nginx / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers p3p CP='This is not a P3P policy. See https://telaria.com/privacy-policy/' date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif server nginx
GET H2	200	sync.htm ade.clmbtech.com/uid/ Frame 31D6	68 B 259 B	595ms 271ms	Image image/jpeg	23.209.72.228 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-4N9ypRiNQRC1UC2jFsttp5GzmsjufQnTLfitAw Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.209.72.228 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-209-72-228.deploy.static.akamaitechnologies.com Software Bhoot / Resource Hash 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11 Security Headers Name Value Strict-Transport-Security max-age=25920000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=25920000; includeSubdomains x-content-type-options nosniff content-length 68 x-xss-protection 1; mode=block date Mon, 23 Sep 2024 16:08:41 GMT content-type image/jpeg server Bhoot x-upstream 172.29.17.241:80 x-frame-options sameorigin
GET H2	200	pixelct.tpmn ad.tpmn.io/ Frame 31D6 Redirect Chain https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A	170 B 621 B	203ms 185ms	Image image/png	34.102.166.132 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A Protocol H2 Server 34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 132.166.102.34.bc.googleusercontent.com Software / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate content-encoding gzip pragma no-cache accept-ch Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version via 1.1 google expires Thu, 01 Jan 1970 00:00:00 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 p3p CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" date Mon, 23 Sep 2024 16:08:40 GMT content-type image/png;charset=utf-8 vary accept-encoding Redirect headers via 1.1 google alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 location https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=k-RIggqxiNQRC1UC2jFsttp5GzmsjhrxIbiFWw5A content-encoding gzip date Mon, 23 Sep 2024 16:08:41 GMT vary accept-encoding
GET H2	200	setuid ib.adnxs.com/ Frame 31D6	43 B 1 KB	4ms 4ms	Image image/gif	68.67.181.211 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=52&code=k-NMSSDBiNQRC1UC2jFsttp5GzmsjYtXttDjDFmA Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.23.4 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-store, no-cache, private pragma no-cache accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness x-proxy-origin 5.181.234.134; 5.181.234.134; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com expires Sat, 15 Nov 2008 16:00:00 GMT an-x-request-uuid 658b39b6-263b-4d65-8cf9-5b35a8ca8185 content-length 43 p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" date Mon, 23 Sep 2024 16:08:40 GMT x-xss-protection 0 content-type image/gif server nginx/1.23.4
GET H2	200	ibs:dpid=28645&dpuuid=31c3Rz9nov8vTBKRvWTLKHX8BJWfrfqb dpm.demdex.net/ Frame 31D6 Redirect Chain https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 https://dpm.demdex.net/ibs:dpid=28645&dpuuid=31c3Rz9nov8vTBKRvWTLKHX8BJWfrfqb	42 B 718 B	44ms 25ms	Image image/gif	54.173.169.96 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=28645&dpuuid=31c3Rz9nov8vTBKRvWTLKHX8BJWfrfqb Protocol H2 Server 54.173.169.96 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-173-169-96.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private dcs dcs-prod-va6-1-v064-0533d5563.edge-va6.demdex.com 6 ms content-encoding gzip pragma no-cache x-content-type-options nosniff x-tid CjYo64V2R9Y= expires Thu, 01 Jan 1970 00:00:00 UTC content-length 59 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif Redirect headers strict-transport-security max-age=31536000; preload; cache-control private, max-age=0, no-cache, no-store, must-revalidate location https://dpm.demdex.net/ibs:dpid=28645&dpuuid=31c3Rz9nov8vTBKRvWTLKHX8BJWfrfqb content-length 0 date Mon, 23 Sep 2024 16:08:40 GMT server Kestrel server-processing-duration-in-ticks 836182
GET H2	200	g.pixel aa.agkn.com/adscores/ Frame 31D6 Redirect Chain https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=StQDhFkceA4ao44zcb1leiRUmhlACG0z	43 B 658 B	48ms 12ms	Image image/gif	18.173.219.40 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=StQDhFkceA4ao44zcb1leiRUmhlACG0z Protocol H2 Server 18.173.219.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-219-40.jfk52.r.cloudfront.net Software AAWebServer / Resource Hash 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache access-control-allow-methods GET, POST, OPTIONS via 1.1 686217785c5aa257660a5a0c173f7be8.cloudfront.net (CloudFront) expires 0 access-control-allow-origin * x-cache Miss from cloudfront content-length 43 p3p policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID" date Mon, 23 Sep 2024 16:08:41 GMT content-type image/gif x-amz-cf-pop JFK52-P1 server AAWebServer x-amz-cf-id JVU7fxGGwUKg2gDTr4r7rrie1qquKXtQ7cd7prHoqNEUNJTYZhZKGQ== access-control-allow-headers accept, cache-control, origin, x-requested-with, x-file-name, content-type Redirect headers strict-transport-security max-age=31536000; preload; cache-control private, max-age=0, no-cache, no-store, must-revalidate location https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=StQDhFkceA4ao44zcb1leiRUmhlACG0z content-length 0 date Mon, 23 Sep 2024 16:08:41 GMT server Kestrel server-processing-duration-in-ticks 834257
POST H2	204	events Show response api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/	0 159 B	13ms 11ms	XHR text/plain	3.230.86.134 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/7c6adf4a1dad2a5d6f0c63b5dc398bc4e3ea7da3/events Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.230.86.134 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-230-86-134.compute-1.amazonaws.com Software Cowboy / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain Referer https://www.leafprotect.com/ Response headers access-control-expose-headers access-control-allow-origin * cache-control max-age=0, private, must-revalidate date Mon, 23 Sep 2024 16:08:41 GMT server Cowboy access-control-allow-credentials true
POST H2	200	/ Show response o1296307.ingest.sentry.io/api/4505903513862145/envelope/	41 B 98 B	48ms 34ms	Fetch application/json	34.120.195.249 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://o1296307.ingest.sentry.io/api/4505903513862145/envelope/?sentry_key=a26504eb9a3db3cebe49e82b564ecc31&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.69.0 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 249.195.120.34.bc.googleusercontent.com Software nginx / Resource Hash d82f338a263851493fa29172d59731a073b318c1cb6652596d1b878fb4edb8db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://www.leafprotect.com/ Response headers strict-transport-security max-age=31536000; includeSubDomains; preload access-control-expose-headers x-sentry-error,x-sentry-rate-limits,retry-after cross-origin-resource-policy cross-origin via 1.1 google access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41 date Mon, 23 Sep 2024 16:08:42 GMT content-type application/json vary origin, access-control-request-method, access-control-request-headers server nginx
POST H2	204	collect Show response analytics.google.com/g/	0 54 B	19ms 16ms	Fetch text/plain	216.239.34.181 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://analytics.google.com/g/collect?v=2&tid=G-3HHP2G7VL2&gtm=45je49j0v888687097z8831796620za200zb831796620&_p=1727107719693&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=237494034.1727107720&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&uid=379613504D-6158-FJ6A&sid=1727107720&sct=1&seg=0&dl=https%3A%2F%2Fwww.leafprotect.com%2Fsave%2F%3Fhxc_id%3D8489%26hxc_a1%3D41997%26hxc_a2%3D473563%26hxc_a3%3D455389720%26hxc_a6%3D1%26utm_medium%3Demail%26utm_source%3DDA%26utm_campaign%3D41ACET4%26utm_content%3D20ACE&dr=https%3A%2F%2Frueddour.win%2F&dt=Save%20your%20home%20with%20LeafFilter%20-%20LeafFilter&_s=2&tfd=6577 Requested by Host: www.leafprotect.com URL: https://www.leafprotect.com/_next/static/chunks/pages/_app-fd4d3dc957a9662d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 216.239.34.181 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Referer https://www.leafprotect.com/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://www.leafprotect.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Mon, 23 Sep 2024 16:08:45 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.leafprotect.com

URL

blob:https://www.leafprotect.com/adacac67-4e89-416e-b338-68034bc021b0

Domain

truncated

URL

data:truncated

Domain

trends.revcontent.com

URL

https://trends.revcontent.com/cm/pixel_sync?bidder=151&bidder_uid=k-cas0mRiNQRC1UC2jFsttp5GzmsgovfwF4m9NiQ