urlscan.io logo urlscan.io
SecurityTrails logo

gentleleaf.live Open in urlscan Pro
2606:4700:3032::ac43:8b27  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://editwrite.org/388264my0nn20253mp55828bk0nx8009rr
Effective URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Submission: On February 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700:3032::ac43:8b27, located in United States and belongs to CLOUDFLARENET, US. The main domain is gentleleaf.live.
TLS certificate: Issued by GTS CA 1P5 on January 23rd 2024. Valid for: 3 months.
This is the only time gentleleaf.live was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2 2606:4700:303... 13335 (CLOUDFLAR...)
1 172.99.172.39 398343 (BAXET-GROUP)
31 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
41 7
2    2606:4700:3034::6815:37a0 (United States)

ASN13335 (CLOUDFLARENET, US)
editwrite.org
1    172.99.172.39 (United States)

ASN398343 (BAXET-GROUP, US)
jellovest.com
31    2606:4700:3032::ac43:8b27 (United States)

ASN13335 (CLOUDFLARENET, US)
gentleleaf.live
1    2606:4700:3035::6815:5068 (United States)

ASN13335 (CLOUDFLARENET, US)
trk-adulvion.com
2    2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6812:1a32 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mouseflow.com
1    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2606:4700:3031::ac43:b1e2 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-adulvion.com
Apex Domain
Subdomains		 Transfer
31 gentleleaf.live
gentleleaf.live
282 KB
5 trk-adulvion.com
trk-adulvion.com — Cisco Umbrella Rank: 467550
event.trk-adulvion.com — Cisco Umbrella Rank: 503411
3 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
154 KB
2 editwrite.org
editwrite.org
1 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
254 B
1 mouseflow.com
cdn.mouseflow.com — Cisco Umbrella Rank: 7107
50 KB
1 jellovest.com
jellovest.com
437 B
41 7
Domain Requested by
31 gentleleaf.live jellovest.com
gentleleaf.live
4 event.trk-adulvion.com trk-adulvion.com
2 www.googletagmanager.com gentleleaf.live
www.googletagmanager.com
2 editwrite.org 2 redirects
1 www.google-analytics.com www.googletagmanager.com
1 cdn.mouseflow.com gentleleaf.live
1 trk-adulvion.com gentleleaf.live
1 jellovest.com
41 8

This site contains no links.

Subject Issuer Validity Valid
jellovest.com
R3		 2024-01-13 -
2024-04-12		 3 months crt.sh
gentleleaf.live
GTS CA 1P5		 2024-01-23 -
2024-04-22		 3 months crt.sh
trk-adulvion.com
GTS CA 1P5		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
cdn.mouseflow.com
Cloudflare Inc ECC CA-3		 2023-10-25 -
2024-10-23		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Frame ID: 66F61A8F1F9578C6EB275786C4E21307
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Reward Pending - Pharmacy - We Want Your Opinion!

Page URL History Show full URLs

  1. http://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 301
    https://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 302
    https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0 Page URL
  2. https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn\.mouseflow\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

41
Requests

100 %
HTTPS

88 %
IPv6

7
Domains

8
Subdomains

7
IPs

1
Countries

490 kB
Transfer

1295 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 301
    https://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 302
    https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0 Page URL
  2. https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 301
  • https://editwrite.org/388264my0nn20253mp55828bk0nx8009rr HTTP 302
  • https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0
jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/
Redirect Chain
  • http://editwrite.org/388264my0nn20253mp55828bk0nx8009rr
  • https://editwrite.org/388264my0nn20253mp55828bk0nx8009rr
  • https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0
140 B
437 B 		Document
General
Check archive.org
Download Go to
Full URL
https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.99.172.39 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
140
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 23:32:33 GMT
server
Apache

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85cc779f5afd42fc-EWR
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 23:32:32 GMT
location
https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ascCmPmSteKBzby0tM7D%2FR8n5imQJ%2B4vQkWsOJ75z0%2BfYdVErBhVSzhj3Drk8sd%2FiiagPcCyl6fxoF5ig4gU6iZAhNLbA%2FnK7iSLBN78lo7QI6zl976SATX80ULloWojGs09olh51VVnN2n9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.4.16
Primary Request /
gentleleaf.live/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Requested by
Host: jellovest.com
URL: https://jellovest.com/0/0/0/e2362ec3719aee9a9006aba402645b65/76/388264/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3799cccc72da8c7a695f236740f4e057a0f23f75cf4092c201f7759a3fa0b614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://jellovest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85cc77bb3df8438b-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Feb 2024 23:32:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=68%2Bx0Czm3RozIAW%2FwiNk1qKNDVihAIhNHcEVvWlSdPygTv41uPeYXjMx27AQJrKJ6NDeOhy%2F6pb1bdicZvezBuE70nWof%2F5SGvFq2aifguFAgIT9eZi1LcB95zNEAT5u9UkGgHDIhRrZPQ2NSfU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
5bdb9ab3a9bbaa0240d97da39e638dd2
gentleleaf.live/ 		57 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2?_ax=w
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7d88ebe285bd16d50c666cca67ed4a10ae84cb4eb41d55bd5dac1b21a9dca47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGKttmhQeKPLioD4O8YCRC7iFDyQ%2B%2FlKBkGn%2BHZ7a%2Be0nXcUjYzbn20dpbk%2ByG%2F064DvP8I834rp6J6r4k3UpnurRN48V0HvNNZbJKoAeJFi4DBivuRWEaHSs83cUUvuvCFOAXatOLPyCdNEDpI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
85cc77be19d3438b-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
bootstrap.min.css
gentleleaf.live/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=05xFJ2NvWwXXYqFA69IzPxIG2gYaQi5UqjMgMiHWXzlIVt6AyaWbamD3p0UK8yIvCGoUE%2FgGbPWtDbRUjYhAZf7pm2NFYLYcbwjK5%2BbUrWDweIy2ZlCZ7KCLQS8%2B8nebl0Nc6ZokLs%2BL2KzLrGw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ef3d7288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
all.css
gentleleaf.live/assets/vendors/fontawesome/css/ 		72 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/vendors/fontawesome/css/all.css
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371167
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJL5mSo1P04S0piFj5W3JpDLazno4QS3tpN9MuYwM5Rx0Z1B%2FtafCS5pLhWVXsVBps2U%2BPQdnWv2y08FM8bXZaV1RiLyQFCKNcIpwQXUFsBb%2BcECk%2FhxIu6mef6L6S3jZjLsJod%2F3SPca8ZTnMc%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ef407288-EWR
expires
Sat, 02 Mar 2024 16:26:29 GMT
common-hybrid.css
gentleleaf.live/assets/css/giza/dist/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/css/giza/dist/common-hybrid.css?v=e8445df6d6e948373063969efc6dcc94
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8f8b38ca3a12a773d850945bfdb5d0d6a89b9ca30f7a6dc5c728101f508636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 19 Jan 2024 16:23:08 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M95ExBZnPtAX6tLPKY50KSmaOM2cXjOuKsFuprabRULGFqhOe3Xd6Cca5cStW2c4RF5MdphvBCUhWprLKbpCfuNWTwsZKcCSXhZma3fWtwSNb1%2BuObshkF%2B%2FYflA4xeLN5NZNxYVDHrdUiaUtkA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ef427288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
msg.v3.js
gentleleaf.live/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/inc/msg.v3.js?65dfc29482a58
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 05 Dec 2023 15:48:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDgVZJKAi7%2FYG7fs2q29lDNEcm2H5AwzlB1GCKF%2BTc6AyqGPBmLMw1pdAh2SKSsMSdoUJanHuxXRHhibzIZdwXCuRWHnR3YwKMh%2BL4MeSDiBcoJPjxk9vmbdPh4KG3LyXJGk5rAkiqkf1d4A4uY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ef457288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
cvss.png
gentleleaf.live/uploads/archive/company/6/images/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/uploads/archive/company/6/images/cvss.png
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ac229ea2e47946652a6421a7de94c5b16bb7969641db06d9b302bf9ff056f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
content-length
18759
x-xss-protection
1; mode=block
last-modified
Wed, 15 Feb 2023 19:06:32 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EuTnlu4lujsoTZRsH0noZcVcYKBW5em2%2BFLijWf1L254SL5DrUPptLYL0NTE5QQfQNZhq9n5I7XOypxOw1ugyB3ovIPWGVjKDY97HcCOpSRoB7czXq5Fy6ejPlQd72E5r4K4KsSKdXi9WgaFRY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff4a7288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
flag-us.png
gentleleaf.live/assets/images/flags/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/flags/flag-us.png
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10218
alt-svc
h3=":443"; ma=86400
content-length
2692
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBZsD51c9saRDYTFLiJziHpA8t%2BtewCxarq4pkEVTSxjKutnLK12kGN6p4NUXqBVpsRRlpj%2B5xpIHxfPPne4zxlFNXCAyaY5TazWeigBwv9QaLxZU4kWDRBThUTUVxtZvzM0aETr0LvifMnUkTY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff4e7288-EWR
expires
Wed, 06 Mar 2024 20:42:18 GMT
check.svg
gentleleaf.live/assets/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/check.svg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 11 Jul 2023 19:59:15 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLj9cZk8SrQPD7%2Fu4AEPML%2FWU7Leq1ECSPD3ZLb4F5RtfCi1DwurCktNHu6c4z4Jbiju9ROozt8fFDdv7OUqf%2BXrSMUhrBGhiL4kU0MKh80dPyXWCbvFPymxRH2G54oeTMMUDTkMhKYMgKodzI8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff527288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
ci17.jpg
gentleleaf.live/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci17.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba8f9dfea5bada9ef456b4518fba0c7185a4c6ed0f6c9bda71e9c5b11a5342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
26227
alt-svc
h3=":443"; ma=86400
content-length
2044
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COiJGkPnIKBwb83El%2FQpyCtt8mEZ7dMTBZtkF%2BKWy7T2X4imOF%2FRi7RLUr%2F1sW9Tk8%2Fkw16SnZBPDN5GG3HsFuYfY2Q6WQEUbcQDW0fhJ21dRGliM6duYAIApu%2B8zAgxaieGMwIO6fWQhilv%2FE0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff557288-EWR
expires
Wed, 06 Mar 2024 16:15:29 GMT
vicon.png
gentleleaf.live/assets/images/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/vicon.png
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
content-length
972
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dxa%2F47niahhhpxdS2mmRixb5v6Z706Ixts%2Fr2CLQLVMSnF1FUiGhKA4fLnawB5Kd1iXzvt5AdAxCB1GkYSuHWWdUOVCPWvJVbvRr03MA5ZG3s7jRsHuhMFRpmjayHDRsfPom1PIZOusI4A%2FlMF4%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff587288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
ci29.jpg
gentleleaf.live/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci29.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10218
alt-svc
h3=":443"; ma=86400
content-length
1925
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OvGFb%2F5oQgyQ9km3NyTEvKfoisQkzbEK0%2FSF9m4vmMlr2SGyp0MRRDEfMeHe3jWBpJh5UEtjJgbcMT1JRMv8panK03yTdO94QEEm97n8kWTpCSrhpDOl96dkU92HbYAD3L3qJmvd4K4TlGlvJw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff597288-EWR
expires
Wed, 06 Mar 2024 20:42:18 GMT
ci6.jpg
gentleleaf.live/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci6.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
123219
alt-svc
h3=":443"; ma=86400
content-length
2258
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPt%2B8MPLY5Sez5jya7jT14P4EoJ3sB0AuNaCpjFpUxGCqVJ5oJPiLx2vIaBAmIweP8aPRIr1jkpFoY%2BoXny5P%2F3Y9ghPudPaWsdNM15iw6O2zjQfZ%2F11dht8aEI3Ty6cjAJ3WEuLWw11VoD4OjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff5b7288-EWR
expires
Tue, 05 Mar 2024 13:18:57 GMT
ci38.jpg
gentleleaf.live/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci38.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181846
alt-svc
h3=":443"; ma=86400
content-length
2081
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZceMN0wp9wrqhEVPv0s3%2BLfBsmGTF4klsPSrhokz7FJfn3cwhssjlhDyok1qStqpXj9dfkBWWW9AZrk%2FtLMRA0r7rQd5VpES9xfIH6M9pXJMqEXo7wuUA%2F2zcb5Bj7k3x%2Fk3zXYGD5y%2BWBANGlw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff5c7288-EWR
expires
Mon, 04 Mar 2024 21:01:49 GMT
ci14.jpg
gentleleaf.live/assets/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci14.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
181846
alt-svc
h3=":443"; ma=86400
content-length
1993
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fpt9dsc3iq25699%2BC1PFf3ZaF7PRkfy1BxPoqSIJsO9Kv3%2BQt7thJcuSExjLplCeYTkrI7sCk0ZwvptHUgA8TnGs4Md6kkuuimPvsk0tDafE%2FBDTfkPi8J2%2FOlfoR86Uvv8dbQ95y8dpsPhbdoA%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff5e7288-EWR
expires
Mon, 04 Mar 2024 21:01:49 GMT
ci20.jpg
gentleleaf.live/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci20.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1bfd00a1efec5d94e650f5c29012d1f9ee342ff658a6167746403214701bd81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12315
alt-svc
h3=":443"; ma=86400
content-length
1394
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8WfAKit7CH%2FPzrV6tKEvI5mrFzHTBmCusn9E3wVEWl4uaES2Al9vc9wwYxtQHFzq%2BvKiFPa0gJ%2FPKSWsuyVTpIgncAKNPCwuWVUG5HiLNllHP7BSXw2A1DXr5A0LVMLca8Dv%2F%2BPVW9M3kp687c%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff5f7288-EWR
expires
Wed, 06 Mar 2024 20:07:21 GMT
ci26.jpg
gentleleaf.live/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci26.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96412
alt-svc
h3=":443"; ma=86400
content-length
2069
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeI%2BxLL2dlfyPBEHjuh2LD2TiPHEJXYGV9aUJI9lNCGJyZXwP4RIkazT10hMlfzr082Mf7j2ZDfNqWG%2BjEcD%2BhUqQ7KNMwnZW2UOUAEA%2FXryjWODAWXyDuCx4va%2BAgzskBVR60MQXiF0E1S4KvI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff617288-EWR
expires
Tue, 05 Mar 2024 20:45:44 GMT
ci2.jpg
gentleleaf.live/assets/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/ci2.jpg
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2066
x-xss-protection
1; mode=block
last-modified
Tue, 03 Jan 2023 16:28:53 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm9cy9KELkh3ToXDgKeFCydWUFxOOSb3fIKBHuTdQRtGHRBx8wEp%2Bd7U%2Bcuw22PlXOrP4cif%2BOifZ9RFdCP6zIYu287gADNzCm8mUYXzqC6YWb%2BfFTCNCXqfQGjw5dAIFOwIjAoX0jeBee9a5x8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff637288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
x.png
gentleleaf.live/assets/images/common/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/common/x.png
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fl1SI0L6HIofnTI%2FwBj8DFAOKHrDeI1A7uMmhLMoHLJlO%2FcfsQuxpXUk6ToPZ0Ec9XYqR1XEkWw0dpBpQLAsHXNKtE8GBTsV6ZFqw8tLmnbkW3bhe1GWRXYeTN%2FLbPbqYSikfzKniY37OHYLIBU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff657288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
email-decode.min.js
gentleleaf.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Feb 2024 17:10:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65d8d185-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0LavC87aXO4OiotV6AaBf4GZdKjtfaaSUKL%2Fkdb49r6vnG7AzulCCIG00qojQwJl9gZY1HsZ4jaHx6VGgsAJS8RQ%2FRB5oAIkIQBF9DiCJKXX42TLX5VvdwxZ05E7JWBVyRVkMzo7NOmjXxuGBo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85cc77c0ff677288-EWR
expires
Fri, 01 Mar 2024 23:32:36 GMT
jquery-3.4.1.min.js
gentleleaf.live/assets/js/vendor/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371167
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02oMcnatpjel6ohYlll6xmWwe4AeK2vr%2FBHkhIPAl9I0bkUAFI4nNaoqFO1Zfm1dS6%2FyNnnlLp4%2FAo8tBfWLwOeCH8Vr0ZCJajCEAdZAF7azomK%2B9GeJ%2BJA1jp0MbdK71W1sefMHyPwsbgzLxYs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff687288-EWR
expires
Sat, 02 Mar 2024 16:26:29 GMT
bootstrap.min.js
gentleleaf.live/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
371167
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVrEPkKlpvTyDB43%2FM%2BVdA3HbGa2Kjnr5GsHcXVKOCzebtWTZdNOfbYOsUusrpkzVEnjHv3ovUzLh1NWjt9ZE3u2Aqe7V7yISDbsVKw61wx2l024AdiwtGEPYn2S58gZ2zWCP0GBrjXSY3dq%2BjU%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff6c7288-EWR
expires
Sat, 02 Mar 2024 16:26:29 GMT
functions.js
gentleleaf.live/assets/js/ 		814 B
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/functions.js?v=e8445df6d6e948373063969efc6dcc94
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 25 Aug 2023 14:17:59 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwbFbyPsfQ3AM5gyBm1lYSJQzZOnUTWKcKEcxSXRWwqq0ZOZ4%2BDfOdWEYB71VwmsnZ8MgQM5uS4lRLojJXe9qWEPO1wNjTWzoI%2B5pXh0h7gf4w4N4fgEhuI8r3MLIBnXDOB%2FE3XBbJRGO8FXde0%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff6e7288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
gbvar.js
gentleleaf.live/assets/js/ 		41 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/gbvar.js?v=75
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41
x-xss-protection
1; mode=block
last-modified
Wed, 21 Feb 2024 21:29:05 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEdRpzogEhCYd2K1vsH6tyMrRU4oA7CqmkLteTWgztGMR6D3fbN1mg2OlGb8mr40oHfKXCN2%2FFK1fE8cv6elLZUwTqGJ9AA0as8SnXT1g4tjb8EwAbKMnQi6W%2BZ2i8BjcavJIDuJZzluKTcK3zs%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c0ff6f7288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
intl_functions.js
gentleleaf.live/assets/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/intl_functions.js?v=e8445df6d6e948373063969efc6dcc94
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 14 Sep 2023 15:07:29 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYQnSIQoGjFYxlt%2BPzD488PROfMPD0mmdpO5QILcSaPTTakPfHpc%2F%2F4AFsrtM70Vy0Kpg7n6uDk%2BARclUhIyMZcUI1Tbjim%2BbXoblyCFx4pSLEs0YSmOaHKQr%2BOd38TK9y6KvM0BpPMNyCeBGNM%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff707288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
common-hybrid.js
gentleleaf.live/assets/js/giza/dist/ 		99 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/js/giza/dist/common-hybrid.js?v=e8445df6d6e948373063969efc6dcc94
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/?s1=350444&s2=1148868482&s3=2575&s4=3142&ow=&s10=3205
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7443101b1a65d654948e1cf90e1c237fcd321cfa417467959548cfe04579527
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 26 Feb 2024 17:25:03 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct5mSTTKaDx6JdY3dO4FNza76iuNEBQoMwovWew8TdCRRSAvn0hbUKun2HyXKvYC5KK6jEMVbxKHwu89M21TDzwAoxy94EzIAInrsukKPWsSJtaXH0xMM2KTp9rB0I0QFQhjlm92V%2Bd7bNMfq0E%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
85cc77c0ff727288-EWR
expires
Wed, 06 Mar 2024 23:32:36 GMT
v9e118mez8
trk-adulvion.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-adulvion.com/scripts/push/v9e118mez8
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/inc/msg.v3.js?65dfc29482a58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:5068 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6419
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 28 Feb 2024 21:45:37 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdSHi4N9kriK3yQbn4Xc7KwihtVYFpyrxrxYNBP6N4JT5%2BIJ6EnMLverMm0EgdUBnDpbDOrfEM3gFuBVJwqSfekk1VIw5THTZSKRuRlngpyRcBslJFrJPjCv8DzzaO0x4Ox5U11grQJ9vbzb%2B9de"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
85cc77c2b9e17d08-EWR
expires
0
gtm.js
www.googletagmanager.com/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67b46adbdda55496e2841cbcf8bfc7dc579a616d19d30df79b0f3fe8d8015deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68754
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 28 Feb 2024 23:32:36 GMT
vicon.png
gentleleaf.live/assets/images/ 		972 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gentleleaf.live/assets/images/vicon.png
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
469122
alt-svc
h3=":443"; ma=86400
content-length
972
x-xss-protection
1; mode=block
last-modified
Tue, 12 Sep 2023 17:01:27 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKF8gG1AuVyFNCaFNlgnZeKmR0UBBSgMMyYEzQYdjIldxxyxk96klPbKTG2hYem7Png6BxO%2BsmQejSC3SsO7nS%2BnBTUZ454exDIupaeKLkntNKUT5UOXNrZ57%2F%2BFcJZ%2By00M2WiOSUODJPeL3Q8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c229177288-EWR
expires
Fri, 01 Mar 2024 13:13:54 GMT
RubikMonoOne.ttf
gentleleaf.live/assets/css/giza/dist/ 		2 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/css/giza/dist/RubikMonoOne.ttf
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/assets/css/giza/dist/common-hybrid.css?v=e8445df6d6e948373063969efc6dcc94
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3799cccc72da8c7a695f236740f4e057a0f23f75cf4092c201f7759a3fa0b614
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/assets/css/giza/dist/common-hybrid.css?v=e8445df6d6e948373063969efc6dcc94
Origin
https://gentleleaf.live
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QCop5nKjQBFxvEDUYNI1Em9OCDPUL7CxmqfZsAd5212223RmexNoYfUPgsKVaJjKv7stKHTAeSA0cnqjVJlb3nS%2FEANthtW%2BMZA8oxASjiBGcfvXfaKRIqk9lW3dS8qVSv7CcTDxxQFslDHdNQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
85cc77c259597288-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
fa-solid-900.woff2
gentleleaf.live/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/assets/vendors/fontawesome/css/all.css
Origin
https://gentleleaf.live
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
441833
alt-svc
h3=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRuIWv%2BCx5t1QZVZ%2FX%2Fu1RKC9WxhuUUe1OhHN3%2B7l6tt5x53TbtNXpSuidwDDMU6cxTUqtMQwF7Q5G3js5Wz6a27rt0Q6tFvY9%2FepXbRII010suNM7qDzP86BBykoD0XXZupL2Oxye2ZYSY4T4A%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c2595b7288-EWR
expires
Fri, 01 Mar 2024 20:48:43 GMT
fa-regular-400.woff2
gentleleaf.live/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/assets/vendors/fontawesome/css/all.css
Origin
https://gentleleaf.live
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2227
alt-svc
h3=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
font/woff2
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prm0e8Tz8vSuOIGV2sVbX44Tafzq6dv6IsXGSpLnpTczqx1W68sS2TUR4lvG3sRoNVeuY0ocQcce1jfNsFvdJ6SSrOpRscI9m1RA%2BSOfdnJLUto4oTGIP3fIfdzUTCjzsXSiLIolKd2PHNyFqOY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
85cc77c2595e7288-EWR
expires
Wed, 06 Mar 2024 22:55:29 GMT
76ab289e-1fff-435e-ad8e-90afc2b72a38.js
cdn.mouseflow.com/projects/ 		172 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mouseflow.com/projects/76ab289e-1fff-435e-ad8e-90afc2b72a38.js
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e473643b4e2f495e9c2f4706e90f45d8bf878b26fd07550bed4b91e1611c8eb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
26974
x-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-mf-script-region
non-enforced-privacy
last-modified
Wed, 28 Feb 2024 16:01:55 GMT
server
cloudflare
etag
W/"805b51735f6ada1:0"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cf-ray
85cc77c3ab598c6f-EWR
expires
Thu, 29 Feb 2024 23:32:37 GMT
5bdb9ab3a9bbaa0240d97da39e638dd2
gentleleaf.live/ 		25 B
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Requested by
Host: gentleleaf.live
URL: https://gentleleaf.live/inc/msg.v3.js?65dfc29482a58
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:8b27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 28 Feb 2024 23:32:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwTrkTy0SFU3X2BLsFrANR4pR8AysYpAmr6I5xjuPkASm8cwP361bphtvTDjuGFeatv7qfpz2RohWwOJWAkY%2FSFLd9%2Bw9DgG8btud%2FTNC4J%2F47ZhfNQ5sf%2Fk0dXN2T6yFRSJiqz5o8vkWqocU0g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
85cc77c34b307288-EWR
expires
Thu, 19 Nov 1981 08:52:00 GMT
js
www.googletagmanager.com/gtag/ 		248 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3b2b55393268466f171305833e7c4643e3f19c1cbcf1f3d71819181f64341c32
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Wed, 28 Feb 2024 23:32:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88314
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 28 Feb 2024 23:32:37 GMT
collect
www.google-analytics.com/g/ 		0
254 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=45je42q1v884746590z8844508622za200&_p=1709163156800&gcd=13l3l3l3l1&npa=0&dma=0&cid=248055681.1709163157&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709163157&sct=1&seg=0&dl=https%3A%2F%2Fgentleleaf.live%2F5bdb9ab3a9bbaa0240d97da39e638dd2&dr=https%3A%2F%2Fjellovest.com%2F&dt=%5B1%5D%20Reward%20Pending%20-%20Pharmacy%20-%20We%20Want%20Your%20Opinion!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1621
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gentleleaf.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Feb 2024 23:32:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gentleleaf.live
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 28 Feb 2024 23:32:37 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyT2wqk9hzQSPZlEXnkLO67B%2FHmF6m2%2BFoTRP6ORmxQNfy%2BNO4kZRcccJzKQgdaCmlUpdrRkLtIVoZpXX5pOEihUIKbZM1Tlu6M20VvhBBPJOWPnmDe8PWdMSZDONWtrOyV2dZSLrnT8l%2FmkPAWEdC62Ah4%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
85cc77c67cb841d3-EWR
x-pushplatformapp-params
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gentleleaf.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85cc77c5ec1641d3-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 28 Feb 2024 23:32:37 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H3u3XdisFL%2Fg8xBQEkWzvVZXLktnUxiFwpUKVd9NrQEUXk9Qw9vs%2Fss6MZfFKV5D4u08CDfrM2N4Q%2F%2F%2BXO%2F3AsoPOFmwb9n96F136zs%2BYWIShJDvrj61chkU%2FvDgeetG8SUzU30yXcDh%2F0pTK9%2FnjKqckjhD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://gentleleaf.live
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85cc77c5ec1241d3-EWR
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 28 Feb 2024 23:32:37 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4bf81i8w%2FVPsPYUKC3QcM2i5vPnDq8Wk7f4pdjcwRrdfg81qu%2F9%2FDVIYxeKeH1xi70ASJm7YBNqZD%2Ft1FAsDply1YOWP5mI4m2h0JuFL94NM9A3AX4wBJxULzlXzu%2BImagBBsavkVdeQp%2ByBcRUaUzNrFHR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-adulvion.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-adulvion.com/register/event_log/v9e118mez8
Requested by
Host: trk-adulvion.com
URL: https://trk-adulvion.com/scripts/push/v9e118mez8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b1e2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gentleleaf.live/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 28 Feb 2024 23:32:37 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAE3auGjWBGBrEYmEo1UpIo1Loy8kJXymHYd8gvjEfLiLCKnhA8mZBBKS7UKK5DkOhiCJrzKkkes8gmAydfisB07d7R1Ci7suAKa4cLBjwlMhEV%2FersTwhCfHq%2BwvWHSs8NLgFpa%2BKYWvMatu8c4sYZycaVZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
85cc77c67cb741d3-EWR
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

137 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _0x4eba function| _0x3ccf function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint object| dataLayer function| $ function| jQuery object| bootstrap number| refresh_page function| startTimer number| duration undefined| time undefined| refresh function| startINTSurvey function| startQuestion function| startSurveyDub function| showSurveyDub function| callPushNotify string| LNG string| CMP string| CNT string| BID string| FNP string| CMPID string| mfq_cmpid object| _mfq object| currentdate object| months function| a0_0x2a5df1 string| attrChoices string| domain string| pipeline string| zipcode string| state_selected boolean| skip_modal_email boolean| email_send_modal object| states function| birthdayFill function| beforeShowQuestion function| showOfferWall function| createQuestion function| sendOf function| runT function| replaceUrlParam function| a0_0x49bd function| startsurvey function| nextQuestion function| formatPhoneNumber function| overflowP function| switchTypeQuestions function| validatePhone function| validateEmail function| validateZip function| sendZipIp function| validateHeightF function| validateHeightI function| validateWeight function| validateAll function| validateName function| validateLName function| a0_0x2f74 function| validateBirthday function| days function| daysInMonth function| dashedNumber function| alpha function| validateKeyStrokes function| showStreetState function| leadgenForm function| emailPixel function| startSurveyU function| switchTypeQuestionsU function| nextQuestionU function| showOfferWallU function| validateData function| showStreetStateU function| showDisclaimer function| preventS string| aff_id string| click_id string| Brand string| lpid string| lpow object| prepop string| emailURL string| phoneURL string| zipcodeURL string| cityURL string| stateURL string| languageCode string| countryCode string| popUrl function| putVarCommon function| count_p function| mfq_tags function| showEmailModal function| hideM number| advEmail number| email_pixel string| prod_var number| answered number| prevProgress number| stepsTotal number| progress string| cheerstx string| txt function| cheers function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore object| google_tag_manager object| google_tag_data boolean| mouseflowDisableKeyLogging boolean| mouseflowEnableCssRecording object| mouseflowHeatmap object| mouseflow function| onYouTubeIframeAPIReady object| gaGlobal boolean| mouseflowAutoStart

4 Cookies

Domain/Path Name / Value
jellovest.com/ Name: uid2575
Value: 1148868482-20240228183233-51cd74691425c8c2de45052cead6d772-3375
gentleleaf.live/ Name: PHPSESSID
Value: aed7d2eef04645bf70f55234d9ce6432
.gentleleaf.live/ Name: _ga_DKB9VH2QW4
Value: GS1.1.1709163157.1.0.1709163157.0.0.0
.gentleleaf.live/ Name: _ga
Value: GA1.1.248055681.1709163157

3 Console Messages

Source Level URL
Text
other warning URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Message:
Failed to decode downloaded font: https://gentleleaf.live/assets/css/giza/dist/RubikMonoOne.ttf
other warning URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Message:
OTS parsing error: invalid sfntVersion: 1014195058
other error URL: https://gentleleaf.live/5bdb9ab3a9bbaa0240d97da39e638dd2
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
editwrite.org
event.trk-adulvion.com
gentleleaf.live
jellovest.com
trk-adulvion.com
www.google-analytics.com
www.googletagmanager.com
172.99.172.39
2606:4700:3031::ac43:b1e2
2606:4700:3032::ac43:8b27
2606:4700:3034::6815:37a0
2606:4700:3035::6815:5068
2606:4700::6812:1a32
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200e
0e34d082ccdc00408c7c4ddda543f1247f981ebc756c8458e2b6321d8a4d42a9
11c1ca79b0c58eb32236c8cdfd0cb4465efb5d03744efdc53fa4418beccb626d
23b333974694cd7a3512ebc085f87c3c7fd29d7f80361657036275d26d292c76
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2e473643b4e2f495e9c2f4706e90f45d8bf878b26fd07550bed4b91e1611c8eb
3799cccc72da8c7a695f236740f4e057a0f23f75cf4092c201f7759a3fa0b614
3b2b55393268466f171305833e7c4643e3f19c1cbcf1f3d71819181f64341c32
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
5665269840fa23faac662dba33673aab6d0f06fcf1edca2fea09f669ce6baaad
5deddf7c5858ea17a9c6113f84b6624e75e00efaba9a11da2c7aae49ce0d8861
612c58d05c6097b07b839936cd1c605a42165861422f23914b30f09aab06c949
67b46adbdda55496e2841cbcf8bfc7dc579a616d19d30df79b0f3fe8d8015deb
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6d8f8b38ca3a12a773d850945bfdb5d0d6a89b9ca30f7a6dc5c728101f508636
72b629cd526729bd25e6091b21e3e3ed6e16e17fb549a700f029f0c5693b0f4f
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
91caebaa07e970b9566eb195570097c03616d933955113dbfb1eced337a5f8b5
9437d87812b34d91f53e5421eeed60dd3aa108b42cb34f4a8dbb855a0531a55b
9fa2bbb4c27f55e1d9ef824fdfcb1459b34974b50426301fac1b5f8d8f8790b1
b1bfd00a1efec5d94e650f5c29012d1f9ee342ff658a6167746403214701bd81
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c0ac229ea2e47946652a6421a7de94c5b16bb7969641db06d9b302bf9ff056f1
c86fc6524af3fab1567a1206ea20eca001d2b8eaa06b1fef573a7319f45c467c
d7443101b1a65d654948e1cf90e1c237fcd321cfa417467959548cfe04579527
d7d88ebe285bd16d50c666cca67ed4a10ae84cb4eb41d55bd5dac1b21a9dca47
dba8f9dfea5bada9ef456b4518fba0c7185a4c6ed0f6c9bda71e9c5b11a5342e
dca6865d61263f859163bd345931bc032ef3c7e090c8e35ff9ae0731811d5bca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e76803c59c910dabc01ef803f9064c86bc4128de152874796a1f3947c4b25662
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ec006ed8744a3d28521058de2dcf88a3b2b6675af4c094410bdc7026db636d23