urlscan.io logo urlscan.io
SecurityTrails logo

www.leafythings.com Open in urlscan Pro
52.60.153.228  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://financialpostcom.tumblr.com/
Effective URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Submission: On March 29 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 56 HTTP transactions. The main IP is 52.60.153.228, located in Montreal, Canada and belongs to AMAZON-02, US. The main domain is www.leafythings.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 22nd 2020. Valid for: 2 years.
This is the only time www.leafythings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    74.114.154.18 (Ashburn, United States)

ASN2635 (AUTOMATTIC, US)
financialpostcom.tumblr.com
8    192.0.77.40 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: assets.tumblr.com
assets.tumblr.com
static.tumblr.com
10    52.60.153.228 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
www.leafythings.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
18    2600:9000:206e:ca00:1b:ab56:eac0:21 (United States)

ASN16509 (AMAZON-02, US)
dz8osaahf9pd7.cloudfront.net
5    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Domain Requested by
18 dz8osaahf9pd7.cloudfront.net www.leafythings.com
10 www.leafythings.com financialpostcom.tumblr.com
www.leafythings.com
6 assets.tumblr.com financialpostcom.tumblr.com
5 www.gstatic.com www.google.com
5 www.google.com www.leafythings.com
www.gstatic.com
www.google.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 connect.facebook.net www.leafythings.com
connect.facebook.net
2 static.tumblr.com financialpostcom.tumblr.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fonts.googleapis.com www.leafythings.com
1 www.googletagmanager.com www.leafythings.com
1 financialpostcom.tumblr.com
56 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
apps.apple.com
play.google.com
Subject Issuer Validity Valid
*.tumblr.com
Sectigo RSA Domain Validation Secure Server CA		 2020-03-26 -
2022-06-28		 2 years crt.sh
tumblr.com
DigiCert SHA2 Extended Validation Server CA		 2020-07-09 -
2022-04-14		 2 years crt.sh
leafythings.com
Go Daddy Secure Certificate Authority - G2		 2020-02-22 -
2022-02-22		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-11 -
2021-06-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Frame ID: 6222171570B91C3A5781B2A803B11589
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
Frame ID: 894513B8AA95DBAF0C3B411B9B898829
Requests: 5 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=xikj2cogj4ti
Frame ID: 428CD17EAE60B265C284254D391B90E5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://financialpostcom.tumblr.com/ HTTP 307
    https://financialpostcom.tumblr.com/ Page URL
  2. https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-t... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /^https?:\/\/(?:www\.)?[^/]+\.tumblr\.com\//i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

56
Requests

100 %
HTTPS

75 %
IPv6

10
Domains

13
Subdomains

12
IPs

4
Countries

2313 kB
Transfer

4915 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://financialpostcom.tumblr.com/ HTTP 307
    https://financialpostcom.tumblr.com/ Page URL
  2. https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://financialpostcom.tumblr.com/ HTTP 307
  • https://financialpostcom.tumblr.com/

56 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
financialpostcom.tumblr.com/
Redirect Chain
  • http://financialpostcom.tumblr.com/
  • https://financialpostcom.tumblr.com/
33 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
74.114.154.18 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
openresty /
Resource Hash
10b2dad4a5a5c1dd31bb13374dcaaca2d56332bb2cebc31eb853f8a600560b75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
financialpostcom.tumblr.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
openresty
date
Mon, 29 Mar 2021 23:45:46 GMT
content-type
text/html; charset=UTF-8
content-length
8520
x-rid
fe502d66ec468e43c6314f57ff174017
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=15552001
content-security-policy
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
x-tumblr-user
financialpostcom
x-tumblr-pixel-0
https://px.srvcs.tumblr.com/impixu?T=1617061546&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2ZpbmFuY2lhbHBvc3Rjb20udHVtYmxyLmNvbS8iLCJyZXF0eXBlIjowLCJyb3V0ZSI6Ii8ifQ==&U=MAPFHMCLIC&K=7e2de210760e892979d5840e9d04329d772b03980fa6f37acdc3ba3c120bd81c
x-tumblr-pixel
1
link
<https://assets.tumblr.com/images/default_avatar/pyramid_open_128.png>; rel=icon
set-cookie
pfg=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.tumblr.com; secure; HttpOnly
x-ua-compatible
IE=Edge,chrome=1
content-encoding
br
x-ua-device
desktop
vary
X-UA-Device, Accept, Accept-Encoding
accept-ranges
bytes

Redirect headers

Location
https://financialpostcom.tumblr.com/
Non-Authoritative-Reason
HSTS
pre_tumblelog.js
assets.tumblr.com/assets/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
content-encoding
br
last-modified
Sun, 01 Nov 2020 05:00:47 GMT
server
nginx
etag
W/"5f9e40ff-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=a6c4ad40cdc663ad83f8a1bbc8aeedc6
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
content-encoding
br
last-modified
Mon, 04 Jan 2021 22:59:53 GMT
server
nginx
etag
W/"5ff39de9-25fe"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-min.css
static.tumblr.com/ryx1vdv/Pzbqkttjt/ 		76 KB
76 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/ryx1vdv/Pzbqkttjt/main-min.css
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
last-modified
Fri, 04 Dec 2020 17:50:19 GMT
server
nginx
etag
"773377310635180afc063610cb5529c5"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
77549
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/ 		355 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
content-encoding
br
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
stylesheet.css
assets.tumblr.com/fonts/gibson/ 		2 KB
568 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
content-encoding
br
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-97e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
pyramid_open_128.png
assets.tumblr.com/images/default_avatar/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.tumblr.com/images/default_avatar/pyramid_open_128.png
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
last-modified
Sun, 01 Nov 2020 05:00:47 GMT
server
nginx
etag
"5f9e40ff-e3b"
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
timing-allow-origin
*
content-length
3643
expires
Thu, 31 Dec 2037 23:55:55 GMT
main-min.js
static.tumblr.com/ryx1vdv/lXRqktt8c/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tumblr.com/ryx1vdv/lXRqktt8c/main-min.js
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
last-modified
Fri, 04 Dec 2020 17:43:25 GMT
server
nginx
etag
"ebda9540b43f5379c2699e275a836f63"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript
access-control-allow-origin
*
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
content-length
129134
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ 		698 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=f3fb5dbb23253ba13bb13591156de3e0
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

Referer
https://financialpostcom.tumblr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 29 Mar 2021 23:45:46 GMT
content-encoding
br
last-modified
Thu, 11 Mar 2021 21:12:23 GMT
server
nginx
etag
W/"604a87b7-ae8a8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
Primary Request Cookie set us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
www.leafythings.com/blog/ 		84 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Requested by
Host: financialpostcom.tumblr.com
URL: https://financialpostcom.tumblr.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
de8252fa3cc5ce221d2551af07bfc94a52bf36455037de2d59b1c01212484133
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
www.leafythings.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://financialpostcom.tumblr.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://financialpostcom.tumblr.com/

Response headers

Date
Mon, 29 Mar 2021 23:45:46 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
Cache-Control
no-cache, private max-age=0, no-cache, s-maxage=10
X-RateLimit-Limit
30
X-RateLimit-Remaining
29
Set-Cookie
XSRF-TOKEN=eyJpdiI6InRjNTlEUFNKcFwvOVwvemNxMHZEQ0o0UT09IiwidmFsdWUiOiJsR3MzTEs1WGJjMTdOM01aOFB3c2pTazFQeHJoN2MyNjZ3K1Q2K3p6YU0yb05odXROWWxqZUcwaUxHK2s1SHBLXC9pVmp1ZDg2NFJES1JySE4yUXlyYlJPNUc2T2RoaFVaSEtBb3VIYkZNcVh5UWJOM0xFUjdNanBGaVFrc3hXdzMiLCJtYWMiOiI0YjljMTdlODNiYmE3OWRlMWE0ZTUwNGYxZmRiODdjMmJmMzYxNWUxNzU3OTkzM2QwZDBmMDY3MzlhMWIxZDVlIn0%3D; expires=Tue, 30-Mar-2021 01:45:47 GMT; Max-Age=7200; path=/ leafythings_session=eyJpdiI6ImFjaFVKVFRVQjFvc29FXC9WRFBVSGtnPT0iLCJ2YWx1ZSI6IlRrSW1pS2ZcL3JkUnY4VGVJS1NhVWpnaWwrSE1EMkRrZjhEQkJhcldzVENxOHNGVmZqTkQwanVoU2FpSk9OVkhwOEVZVk5JT3Y4cFVzWWJIS2xXUjZuVTF1bDgxVFhFXC9udG5BTlMwQk5WMm53dHd6ODc0Zm9hYjlRQ2lDdUx3ajUiLCJtYWMiOiI3ZDg5YWExOWFhM2Q4ZjBiMDljYzFiMTQ2ZmQ0YTdjZWJiZGVhYzNhMzJlMzExNWM4MjhjYmRiYzU5M2UzNDdhIn0%3D; expires=Tue, 30-Mar-2021 01:45:47 GMT; Max-Age=7200; path=/; httponly
X-Frame-Options
SAMEORIGIN
X-Mod-Pagespeed
1.13.35.2-0
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
11889
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
app.css
www.leafythings.com/css/ 		150 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/css/app.css?id=f7d0ce92aea6c287b25d
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
41bba75dc965bd66d3e80845bdda7bd4b1fd943adf739c6446c13043b00b9d29
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 25 Mar 2021 12:44:29 GMT
Server
Apache
ETag
"2592c-5be5bc6c36746-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
24896
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-153651009-1
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
300f17eec438a8cac8bf392d19b5456e128b091b59977516ad53969d1702e1bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 23:45:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39123
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 21:38:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 29 Mar 2021 23:45:47 GMT
Logo_SuiteForestGreen.png
dz8osaahf9pd7.cloudfront.net/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/Logo_SuiteForestGreen.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0d44204bbe591689e3e0226a948618e0e3224cc7f47d0a79916b5dc3a6a64963

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 08:46:20 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
1090767
x-amzn-requestid
0620d589-79ee-4ebc-90f4-abc0f07f8c42
x-cache
Hit from cloudfront
x-amz-apigw-id
cUs6VH6_oAMF06g=
content-length
5512
last-modified
Tue, 10 Nov 2020 15:12:46 GMT
x-amzn-trace-id
Root=1-6051c1db-216a18a85efd9fc34fef124e;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
ofGEK7eqCVQFVEz0eLgPn5rNuclymamE0p1b620R4GTWKjEBHgQyBQ==
5749896a-54aa-49fe-8fab-081f023cb845-012_USATSI_14201641.jpg
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/storage/images/blog/primary/ 		583 KB
584 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/storage/images/blog/primary/5749896a-54aa-49fe-8fab-081f023cb845-012_USATSI_14201641.jpg
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
19948ab8698fa54cf1840478baf1d51b0ec4e6ae0b0712ebc0777b59c58b75fb

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:27:45 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
47882
x-amzn-requestid
790f9f8d-075d-42ff-9fd7-8214ddaa99d6
x-cache
Hit from cloudfront
x-amz-apigw-id
c8fAVEp7oAMFlHQ=
content-length
596830
last-modified
Mon, 29 Mar 2021 10:27:32 GMT
x-amzn-trace-id
Root=1-6061ab9b-00807f9d5a9bcaf53d9f2f20;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
EqJkstjwlOi0C44TeD4CLJGlvWZyUzWH7huG3d4_3jfgq5ZceQeMXg==
987180700e64e77d3057a7d982f41957.png
dz8osaahf9pd7.cloudfront.net/storage/images/blog/articles/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/storage/images/blog/articles/987180700e64e77d3057a7d982f41957.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ceb1730ff66f8ea9ca4a98ef7f3bfce7be07826a0e22c5d193bc43b63a0501fc

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:26:32 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
47955
x-amzn-requestid
eb371a51-b995-4c10-8be1-81084b612a88
x-cache
Hit from cloudfront
x-amz-apigw-id
c8e1uFFtoAMF4_w=
content-length
22129
last-modified
Mon, 29 Mar 2021 10:26:32 GMT
x-amzn-trace-id
Root=1-6061ab57-65be3ada5908a52a383bbc80;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
MnzZL_S7CkV346Kq1XiNcErYS-cgwMROJOq4dJe1CkqP4neb-jjRyw==
paul-volkmer-AZf7DL-8Qhk-unsplash.jpg
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/paul-volkmer-AZf7DL-8Qhk-unsplash.jpg
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
aed1e980a568d115edea1f9e06f37384f3768dcce1bd873a362dd8788b3e58ac

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 13:20:37 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
37510
x-amzn-requestid
83ba1a16-f754-4aef-accc-ba844ddc5bc1
x-cache
Hit from cloudfront
x-amz-apigw-id
c84VpGDXIAMFxQA=
content-length
8952
last-modified
Mon, 29 Mar 2021 10:34:00 GMT
x-amzn-trace-id
Root=1-6061d424-017172681442fa9e5e2c2ed8;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
ZvNvHkK9GjrIlatkImTPnaNID-dnHgw_ffmsvrj2U8gp0W6Nrj3q3A==
2104.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/2104.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
ef3de6668d3662a9b9f0d2e0b7ed8a965916993423a7b99aa92e55a98bcd0051

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:34:11 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
47496
x-amzn-requestid
177c47fe-9675-4c59-a146-422584f2dded
x-cache
Hit from cloudfront
x-amz-apigw-id
c8f9gGELIAMFovQ=
content-length
10774
last-modified
Mon, 29 Mar 2021 10:30:45 GMT
x-amzn-trace-id
Root=1-6061ad23-17a9be9d5ff2b07721157a9d;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
0nfwoWrp9gFa9b8UV-ZDu3OTFbhtNVLML2sQu_5xDeov0AruWTbAoQ==
29.jpg
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/29.jpg
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
907627cfd037de18e938380dfa627576bd4f3080f93b5caf5a6a106f5419507e

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:27:39 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
47888
x-amzn-requestid
bccc0850-3fe6-468a-b778-3cd815d3236e
x-cache
Hit from cloudfront
x-amz-apigw-id
c8fAVE8yIAMFhQA=
content-length
3582
last-modified
Mon, 29 Mar 2021 10:23:49 GMT
x-amzn-trace-id
Root=1-6061ab9b-7b4da128015b85cd38c7b66b;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
SLgRKBHMz40DjU1kjJK9LZ-d-hwXIFp2cTBaupLFrCq0D7YvlFfmOw==
60606270023d16666157151fjpeg.jpg
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/60606270023d16666157151fjpeg.jpg
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
19e8ae51be2dda90f88b575fa13b02789b74ba2f8ae2c49b6c01aaab624ba78d

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:23:57 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
48110
x-amzn-requestid
87d2077c-c07a-4457-ad35-9cc91ca7bb71
x-cache
Hit from cloudfront
x-amz-apigw-id
c8edmEIjIAMF7Dw=
content-length
9840
last-modified
Mon, 29 Mar 2021 10:22:23 GMT
x-amzn-trace-id
Root=1-6061aabd-46644ec61eef76b85d69aace;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
Zc5WwD0c7TKTRbPgD7rgw5FCulC-ataS-CWUpcn5rI7guWOzvUTRcA==
27.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/27.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
3650ec800734a589593fe3452cef1c0960243a1b1dd100d375c34df6ddd2f102

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:22:32 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
48195
x-amzn-requestid
a4979657-8a80-47cf-bbf0-bdd67faefa37
x-cache
Hit from cloudfront
x-amz-apigw-id
c8eQNFpdoAMFpkg=
content-length
5184
last-modified
Mon, 29 Mar 2021 10:18:57 GMT
x-amzn-trace-id
Root=1-6061aa67-73d382ea56ed68a801294497;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
yb_woGxAAVlydInWc43Cym7N1N_EGjVyO--t5S4wz5iBNCcfii4iTQ==
26.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/26.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f484d7b6d2c75b9f713b1f7d035c7e12ec0d0a01d04d67d9787dc5be07b47084

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:19:18 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
48389
x-amzn-requestid
6160b13f-6452-492c-ac9a-e50381969af1
x-cache
Hit from cloudfront
x-amz-apigw-id
c8dx-FufIAMF0sA=
content-length
17866
last-modified
Mon, 29 Mar 2021 10:04:19 GMT
x-amzn-trace-id
Root=1-6061a9a6-6c5715164ab450ad4093c92d;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
tLGqn4e5WygcLACA2aOfYUWakR8AsTGmJ4VSjspbm05Lqno7Go--og==
23.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/23.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a9c5e28c1f9682cb007db8dfd6c2334f745bbf2fb472a128bcdb0c1bf2e28761

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:11:39 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
48848
x-amzn-requestid
6439eb73-6559-43ad-8dca-2648e77b29aa
x-cache
Hit from cloudfront
x-amz-apigw-id
c8cqPHvNoAMFVUA=
content-length
8986
last-modified
Mon, 29 Mar 2021 10:02:31 GMT
x-amzn-trace-id
Root=1-6061a7db-6d9b98ce6fdac090761698da;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
FRCNgOBdJp01Mxb6nvlwZIYHcc5cGZyL7V1jbmNvvDBmj2dfhQl43A==
22.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/22.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2cdc4595f781c5a2e0d201d150cd4e87550d166c9b276ba7b7593ce6aebf4806

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:02:47 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
49380
x-amzn-requestid
afe24639-b4a4-4cb0-8b52-0e125fd987f1
x-cache
Hit from cloudfront
x-amz-apigw-id
c8bXDGeeoAMF0hA=
content-length
14166
last-modified
Mon, 29 Mar 2021 10:01:06 GMT
x-amzn-trace-id
Root=1-6061a5c6-74c02bce4ba7fdc22e85d03d;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
5umcluuppf4Gy4yKUDCu00RyqV1VpeKk4cdC7BT1kNEWbd4445omQg==
21.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/21.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2095d45239484e88400685593d160d9c604c8ef95330dfb3af3e20ed5c893f2b

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 10:01:14 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
49473
x-amzn-requestid
4c86c234-1e43-4080-940f-a8bb3e2eb027
x-cache
Hit from cloudfront
x-amz-apigw-id
c8bImHu_oAMFYzA=
content-length
15262
last-modified
Mon, 29 Mar 2021 09:58:43 GMT
x-amzn-trace-id
Root=1-6061a56a-3b6b674c452f55b959d034e8;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
iyhL43gKtoG55dG4lV6U7XsdrK42HycFTva6fpfzNmln-5gTusSBNA==
20.png
dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/filters:format(webp)/fit-in/328x328/storage/images/blog/primary/20.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
20b3277162f760a32083e9aca11cb7b46eb80ce1d1d1b46611d2ac9f38e12c92

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 09:58:50 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
49616
x-amzn-requestid
8f94e5b9-2b40-41ad-9e78-6fcaca70cf4d
x-cache
Hit from cloudfront
x-amz-apigw-id
c8ayKFRuoAMFSbA=
content-length
4506
last-modified
Mon, 29 Mar 2021 09:57:21 GMT
x-amzn-trace-id
Root=1-6061a4da-607745b669b624726d61c60a;Sampled=0
access-control-allow-methods
GET
content-type
image/webp
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
pM-1PJ0zLszVHkhXoHpjNtUcFy1jGiosQICdnFQ5YogfTJK3g_1WKQ==
emailIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/emailIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
dd66790b560c209e8728695755cb004a2b9718ef3547f7503f78dbd993536d0b

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 07:22:17 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
4033410
x-amzn-requestid
250f3283-e860-4636-a37f-83c213870d6c
x-cache
Hit from cloudfront
x-amz-apigw-id
akcucE0hIAMFRKA=
content-length
2130
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-6024db29-73769dc75cd415c74230440b;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
eKJql5BXnO2WeLdv5t2zugWgGnN5OLnxOyFn_d5kLh0O_QSRD9Hzmg==
FbIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/FbIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
eb896fc2ebd419ffd56371d1e861b60a9f4b43a9a8787a5ba177d15a85f68110

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Feb 2021 00:02:42 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
4232585
x-amzn-requestid
39eb140a-b0d5-4640-8c83-4a0a4c8554ed
x-cache
Hit from cloudfront
x-amz-apigw-id
ac2dTEx1oAMFSDQ=
content-length
18668
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-6021d121-17ab60365ae6c807329c2643;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
tDLbg-ryGRO_eBcWF9yi98i1PrJLkjF5U--VKXKKE5bthZFxEbKwPw==
InstaIcon.png
dz8osaahf9pd7.cloudfront.net/images/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/InstaIcon.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9c94441f7144c585500c71f4a1487b4f0afdb080ae0563cdc5c953a2a4d6cc47

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Feb 2021 10:29:13 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
4454194
x-amzn-requestid
97811d9a-41af-47d4-ae17-383487c9b5a2
x-cache
Hit from cloudfront
x-amz-apigw-id
aUZaoFWyIAMFvRg=
content-length
13627
last-modified
Tue, 10 Nov 2020 17:01:07 GMT
x-amzn-trace-id
Root=1-601e6f77-40e4892b4107814577f332b4;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
wZ-MgYn_2NBlzLoxrAbo_UYY0Io4E7C9r47Fg-sJQ3kG7eo8NXUiaw==
apple_store_badge2.png
dz8osaahf9pd7.cloudfront.net/images/assets/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/assets/apple_store_badge2.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
de2e5b40fee871756364795172ebb15a9db29d19e65db92944c50367fbffe8d0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 07:22:17 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
4033410
x-amzn-requestid
e0769a91-ed65-4b2d-bbea-cfc36bfc5ded
x-cache
Hit from cloudfront
x-amz-apigw-id
akcuYGwDIAMF2Ug=
content-length
13218
last-modified
Tue, 15 Dec 2020 17:46:29 GMT
x-amzn-trace-id
Root=1-6024db28-667222833d3e746f00d9240c;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
FXlJK-9YVu7fBpYPQoLi4-7VPjisosNRayCjitux-3FkK5wFOCUUaA==
google_store_badge2.png
dz8osaahf9pd7.cloudfront.net/images/assets/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dz8osaahf9pd7.cloudfront.net/images/assets/google_store_badge2.png
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:ca00:1b:ab56:eac0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cdb40a6bf43fb2a4839ef9e53706a0fa1f72ea0b85200cb3487900fc2eb8d11f

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 13:42:37 GMT
via
1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
age
5133790
x-amzn-requestid
42860233-d4c3-4592-876b-1da30441acec
x-cache
Hit from cloudfront
x-amz-apigw-id
Z6eQHE6UIAMFUJw=
content-length
19053
last-modified
Tue, 15 Dec 2020 17:44:11 GMT
x-amzn-trace-id
Root=1-601410cd-6aee917424ba947b590d6d97;Sampled=0
access-control-allow-methods
GET
content-type
image/png
cache-control
max-age=31536000,public
access-control-allow-credentials
true
x-amz-cf-pop
VIE50-C1
access-control-allow-headers
Content-Type, Authorization
x-amz-cf-id
6UrkmUW8ch57eGE4TYHuz48asxh3zIHlVzi_74DttFJ7Lu5Dx6Qs_A==
app.js
www.leafythings.com/js/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/js/app.js?id=4046017c234ea882af2b
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a43dd5927b6177bd28a68d04a62989d551a56b43b21f340cedce03df27cb85a8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Thu, 25 Mar 2021 12:44:29 GMT
Server
Apache
ETag
"108f70-5be5bc6c36746-gzip"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
api.js
www.google.com/recaptcha/ 		850 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 23:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
555
x-xss-protection
1; mode=block
expires
Mon, 29 Mar 2021 23:45:47 GMT
css
fonts.googleapis.com/ 		2 KB
565 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/css/app.css?id=f7d0ce92aea6c287b25d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
72651cc2f523cfee728144c35e3b98acad4d8235ea5a4e7832839509ad29b0a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 23:23:44 GMT
server
ESF
date
Mon, 29 Mar 2021 23:45:47 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 29 Mar 2021 23:45:47 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
nBCMtWiIjVI+bOa4jMbs7ZMyvtR9ZWcF8LDKAwYme4AeqlXlFv50zzTv+qptgJuJIcZWhMkXHlRrhinl8xp3Sg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 29 Mar 2021 23:45:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 26 Mar 2021 04:34:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
age
328273
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Sat, 26 Mar 2022 04:34:34 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Mar 2021 12:31:27 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
age
558860
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Wed, 23 Mar 2022 12:31:27 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-153651009-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5440
date
Mon, 29 Mar 2021 22:15:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 30 Mar 2021 00:15:07 GMT
456830754970325
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/456830754970325?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
424cc02859880bd7645acf39a6285b89db0c4aba056614ffe52ad70ab49632c3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
8ThdJijHfDjBYNXjMJ1swt7natNk3HqbQEb+zHsdRxJMewCwHwy7iV0Q3BePcECSvPwQN/4QiNaUHuBtoufukw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 29 Mar 2021 23:45:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=819238951&t=pageview&_s=1&dl=https%3A%2F%2Fwww.leafythings.com%2Fblog%2Fus-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21&dr=https%3A%2F%2Ffinancialpostcom.tumblr.com%2F&ul=en-us&de=UTF-8&dt=US%20borders%20with%20Canada%2C%20Mexico%20to%20remain%20closed%20to%20nonessential%20travel%20through%20April%2021%20%7C%20Leafythings&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1815241293&gjid=756545508&cid=1388906757.1617061548&tid=UA-153651009-1&_gid=1903044404.1617061548&_r=1&gtm=2ou3h0&z=46661261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 29 Mar 2021 23:45:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.leafythings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-153651009-1&cid=1388906757.1617061548&jid=1815241293&gjid=756545508&_gid=1903044404.1617061548&_u=IEBAAUAAAAAAAC~&z=1930628452
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 29 Mar 2021 23:45:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.leafythings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
comments
www.leafythings.com/blog/BLG:480587b6-5b0d-45e0-8487-eef637339681/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/BLG:480587b6-5b0d-45e0-8487-eef637339681/comments
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=4046017c234ea882af2b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
X-XSRF-TOKEN
eyJpdiI6InRjNTlEUFNKcFwvOVwvemNxMHZEQ0o0UT09IiwidmFsdWUiOiJsR3MzTEs1WGJjMTdOM01aOFB3c2pTazFQeHJoN2MyNjZ3K1Q2K3p6YU0yb05odXROWWxqZUcwaUxHK2s1SHBLXC9pVmp1ZDg2NFJES1JySE4yUXlyYlJPNUc2T2RoaFVaSEtBb3VIYkZNcVh5UWJOM0xFUjdNanBGaVFrc3hXdzMiLCJtYWMiOiI0YjljMTdlODNiYmE3OWRlMWE0ZTUwNGYxZmRiODdjMmJmMzYxNWUxNzU3OTkzM2QwZDBmMDY3MzlhMWIxZDVlIn0=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-RateLimit-Remaining
28
Cache-Control
no-cache, private, s-maxage=10
Transfer-Encoding
chunked
X-RateLimit-Limit
30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
comments
www.leafythings.com/blog/BLG:480587b6-5b0d-45e0-8487-eef637339681/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/blog/BLG:480587b6-5b0d-45e0-8487-eef637339681/comments
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=4046017c234ea882af2b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
X-XSRF-TOKEN
eyJpdiI6InRjNTlEUFNKcFwvOVwvemNxMHZEQ0o0UT09IiwidmFsdWUiOiJsR3MzTEs1WGJjMTdOM01aOFB3c2pTazFQeHJoN2MyNjZ3K1Q2K3p6YU0yb05odXROWWxqZUcwaUxHK2s1SHBLXC9pVmp1ZDg2NFJES1JySE4yUXlyYlJPNUc2T2RoaFVaSEtBb3VIYkZNcVh5UWJOM0xFUjdNanBGaVFrc3hXdzMiLCJtYWMiOiI0YjljMTdlODNiYmE3OWRlMWE0ZTUwNGYxZmRiODdjMmJmMzYxNWUxNzU3OTkzM2QwZDBmMDY3MzlhMWIxZDVlIn0=
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
X-RateLimit-Remaining
28
Cache-Control
no-cache, private, s-maxage=10
Transfer-Encoding
chunked
X-RateLimit-Limit
30
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36523
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132755
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 13:37:05 GMT
anchor
www.google.com/recaptcha/api2/ Frame 8945 		21 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4d20041c954fe595d64067c0399c8575bd400f11556e3c464af79bf69cd296de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qfxY8t8jz1h97ngEZgMpTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.leafythings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.leafythings.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 29 Mar 2021 23:45:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-qfxY8t8jz1h97ngEZgMpTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11965
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8945 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 20:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
11650
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Tue, 29 Mar 2022 20:31:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 8945 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36523
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132755
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 13:37:05 GMT
LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js
www.google.com/js/bg/ Frame 8945 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/LwzEJkrqzuIpy5ZXdMyVZqsv4pxUDwC8wk7uiqYZWNw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 20:31:44 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:00:00 GMT
server
sffe
age
11644
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5706
x-xss-protection
0
expires
Tue, 29 Mar 2022 20:31:44 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 8945 		102 B
240 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=5mNs27FP3uLBP3KBPib88r1g
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&co=aHR0cHM6Ly93d3cubGVhZnl0aGluZ3MuY29tOjQ0Mw..&hl=en&v=5mNs27FP3uLBP3KBPib88r1g&size=normal&cb=jrnlvxje0dr7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 23:45:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 29 Mar 2021 23:45:48 GMT
bframe
www.google.com/recaptcha/api2/ Frame 428C 		7 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=xikj2cogj4ti
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
070c4afa0a2411cb98ee835cac12ec098e2c995c5c13c0fd65137c744a0e0f86
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I1EdZVktK1iMoHbIZvFIBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=xikj2cogj4ti
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.leafythings.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.leafythings.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 29 Mar 2021 23:45:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-I1EdZVktK1iMoHbIZvFIBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 428C 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=xikj2cogj4ti
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 20:31:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
age
11650
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Tue, 29 Mar 2022 20:31:38 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/ Frame 428C 		332 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/5mNs27FP3uLBP3KBPib88r1g/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=5mNs27FP3uLBP3KBPib88r1g&k=6LeCV6MZAAAAAN2q1dyMmLbTm7LA28yo7-t9pO3O&cb=xikj2cogj4ti
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 29 Mar 2021 13:37:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36523
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132755
x-xss-protection
0
last-modified
Mon, 22 Mar 2021 04:06:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 13:37:05 GMT
line-awesome.min.css
www.leafythings.com/vendor/line-awesome/css/ 		88 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Original-Content-Length
89729
Connection
Keep-Alive
Content-Length
15901
Last-Modified
Thu, 25 Mar 2021 12:44:29 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
ETag
"15e81-5be5bc6c3e444-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=0, no-cache
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Expires
Mon, 29 Mar 2021 23:48:11 GMT
mod_pagespeed_beacon
www.leafythings.com/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/mod_pagespeed_beacon?url=https%3A%2F%2Fwww.leafythings.com%2Fblog%2Fus-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Cache-Control
max-age=0, no-cache
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
X-Frame-Options
SAMEORIGIN
auth
www.leafythings.com/broadcasting/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/broadcasting/auth
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/js/app.js?id=4046017c234ea882af2b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache / PHP/7.3.11
Resource Hash
3e4134c9a95dad2228d15c9dc9179f5b121a5c3d736572b0a507883a699287c6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.leafythings.com/blog/us-borders-with-canada-mexico-to-remain-closed-to-nonessential-travel-through-april-21
X-CSRF-TOKEN
ukp3HdKZ4G5i6g6bInsBLpmr1Z0Ap9cdQhLKakm0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Server
Apache
X-Powered-By
PHP/7.3.11
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
la-solid-900.woff2
www.leafythings.com/vendor/line-awesome/fonts/ 		94 KB
95 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/fonts/la-solid-900.woff2
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Last-Modified
Thu, 25 Mar 2021 12:44:29 GMT
Server
Apache
ETag
"179f0-5be5bc6c3f3e3"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
96752
la-brands-400.woff2
www.leafythings.com/vendor/line-awesome/fonts/ 		83 KB
83 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.leafythings.com/vendor/line-awesome/fonts/la-brands-400.woff2
Requested by
Host: www.leafythings.com
URL: https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.60.153.228 Montreal, Canada, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-60-153-228.ca-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Origin
https://www.leafythings.com
Referer
https://www.leafythings.com/vendor/line-awesome/css/line-awesome.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 29 Mar 2021 23:45:48 GMT
Last-Modified
Thu, 25 Mar 2021 12:44:29 GMT
Server
Apache
ETag
"14b24-5be5bc6c3f3e3"
X-Frame-Options
SAMEORIGIN
Content-Type
font/woff2
Cache-Control
s-maxage=10
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
84772

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| fbq function| _fbq function| gtag object| dataLayer object| pagespeed object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate function| Hammer function| _ function| Popper function| jQuery function| $ function| axios function| Pusher object| Echo function| Vue object| SocialSharing object| FontAwesomeConfig object| ___FONT_AWESOME___ object| swiperOptions function| setGoBack function| loadAsyncStyleSheets object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| closure_lm_920270

5 Cookies

Domain/Path Name / Value
www.leafythings.com/ Name: leafythings_session
Value: eyJpdiI6Iml1YVZYOW81aWlzWWlOUFdQRkM4Zmc9PSIsInZhbHVlIjoidmp1OUVhYkZZbHo1QTVMdzFwQnluUWM5MUNnRkd3TEJPejFSVlBNTG9VWm13dCtzRmJtVW5lRkxUc3NYODRGdmRJcUZZS296a1lwTW5rT1BYNGJjSjFGRURGWVA0cGw4Y2FTUU9OOWI4eWEzMnRpTGd3YjgwcDRmZnlwQlFFVVoiLCJtYWMiOiJmOWRhOGZlNmFmM2NmZGQ1NmI3ZmZmYTVlYmQxZmUxOGUzNjBiYTk1NWRmZGQ0ZTAwNGQzOWMzMDBhMzkzN2ZkIn0%3D
.leafythings.com/ Name: _gat_gtag_UA_153651009_1
Value: 1
www.leafythings.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IkE0RytVeURsK21GNmFpaTdxNnRpZ1E9PSIsInZhbHVlIjoia0FoWG9GQm1saXp1Y0pyMzhtUGRhZ1NwUlBRUVZsbGRuSDByeGwrWmxCOVZZdFwvXC9tTldwM0N1WU9qZzJJRVZEMWxTSXpETjV2UlBybnBqa1N3ZkF0bnRmeFNPRkdjK0k2QTNSNWQ2eHdSNTNRalorVnd4ZkdVQmZZRU4wb1hEeSIsIm1hYyI6IjUxNzA4YjljOGQ0MDdjOGI0ZDdmMGUyOTFkODQxNGMxMWNlNjdjOWM3ZTBmNWRiYjM5YmY4YzJmZjU4ZDEyY2EifQ%3D%3D
.leafythings.com/ Name: _gid
Value: GA1.2.1903044404.1617061548
.leafythings.com/ Name: _ga
Value: GA1.2.1388906757.1617061548

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[fbpixel] 456830754970325 is unavailable. Go to Events Manager to learn more

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tumblr.com
connect.facebook.net
dz8osaahf9pd7.cloudfront.net
financialpostcom.tumblr.com
fonts.googleapis.com
fonts.gstatic.com
static.tumblr.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.leafythings.com
192.0.77.40
2600:9000:206e:ca00:1b:ab56:eac0:21
2a00:1450:4001:802::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2004
2a00:1450:4001:828::200a
2a00:1450:4001:82a::2003
2a00:1450:400c:c00::9a
2a03:2880:f01c:8012:face:b00c:0:3
52.60.153.228
74.114.154.18
070c4afa0a2411cb98ee835cac12ec098e2c995c5c13c0fd65137c744a0e0f86
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
0d44204bbe591689e3e0226a948618e0e3224cc7f47d0a79916b5dc3a6a64963
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10a68e01209d939afa9318ee71601b0a6e10f025d4cd6d98a492d340b73941fb
10b2dad4a5a5c1dd31bb13374dcaaca2d56332bb2cebc31eb853f8a600560b75
19948ab8698fa54cf1840478baf1d51b0ec4e6ae0b0712ebc0777b59c58b75fb
19e8ae51be2dda90f88b575fa13b02789b74ba2f8ae2c49b6c01aaab624ba78d
2095d45239484e88400685593d160d9c604c8ef95330dfb3af3e20ed5c893f2b
20b3277162f760a32083e9aca11cb7b46eb80ce1d1d1b46611d2ac9f38e12c92
2717dcc1ddd778f68223461ebd53610370e7617b6c74366bfc16a1e6e979cc58
2cdc4595f781c5a2e0d201d150cd4e87550d166c9b276ba7b7593ce6aebf4806
2f0cc4264aeacee229cb965774cc9566ab2fe29c540f00bcc24eee8aa61958dc
300f17eec438a8cac8bf392d19b5456e128b091b59977516ad53969d1702e1bf
3650ec800734a589593fe3452cef1c0960243a1b1dd100d375c34df6ddd2f102
3e4134c9a95dad2228d15c9dc9179f5b121a5c3d736572b0a507883a699287c6
41bba75dc965bd66d3e80845bdda7bd4b1fd943adf739c6446c13043b00b9d29
424cc02859880bd7645acf39a6285b89db0c4aba056614ffe52ad70ab49632c3
4d20041c954fe595d64067c0399c8575bd400f11556e3c464af79bf69cd296de
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72651cc2f523cfee728144c35e3b98acad4d8235ea5a4e7832839509ad29b0a6
755fc16c048c7375eb92052140a46cdb3aeb33046799cb298a0c1e3292b23071
907627cfd037de18e938380dfa627576bd4f3080f93b5caf5a6a106f5419507e
9c94441f7144c585500c71f4a1487b4f0afdb080ae0563cdc5c953a2a4d6cc47
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a43dd5927b6177bd28a68d04a62989d551a56b43b21f340cedce03df27cb85a8
a9c5e28c1f9682cb007db8dfd6c2334f745bbf2fb472a128bcdb0c1bf2e28761
aed1e980a568d115edea1f9e06f37384f3768dcce1bd873a362dd8788b3e58ac
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
c8a7d71935396f7d4e73146f7318d1567e1a6657e4df196f1702be190c841141
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
cdb40a6bf43fb2a4839ef9e53706a0fa1f72ea0b85200cb3487900fc2eb8d11f
ce61a18cf084f15003798340044643f329ac5f90045acb2d9e778368bd799854
ceb1730ff66f8ea9ca4a98ef7f3bfce7be07826a0e22c5d193bc43b63a0501fc
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd66790b560c209e8728695755cb004a2b9718ef3547f7503f78dbd993536d0b
de2e5b40fee871756364795172ebb15a9db29d19e65db92944c50367fbffe8d0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8252fa3cc5ce221d2551af07bfc94a52bf36455037de2d59b1c01212484133
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb896fc2ebd419ffd56371d1e861b60a9f4b43a9a8787a5ba177d15a85f68110
ec361bce3349b6cbb5e414df65c58151bf4ad12078c6fc15ffd9dffcfbfa92d6
ef3de6668d3662a9b9f0d2e0b7ed8a965916993423a7b99aa92e55a98bcd0051
f484d7b6d2c75b9f713b1f7d035c7e12ec0d0a01d04d67d9787dc5be07b47084
ff70c9bc4650cf5e6b12d1feaa7af29ebf0681993fc0c5ffe3658cea0dbd5403