Submitted URL: https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-...
Effective URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+...
Submission: On June 04 via manual from US — Scanned from DE

Summary

This website contacted 71 IPs in 4 countries across 67 domains to perform 244 HTTP transactions. The main IP is 2606:4700:10::6816:2cf6, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.firstleaf.com.
TLS certificate: Issued by GTS CA 1P5 on April 25th 2024. Valid for: 3 months.
This is the only time www.firstleaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 25 2620:1ec:bdf::42 8075 (MICROSOFT...)
1 1 13.107.238.51 8075 (MICROSOFT...)
2 2620:1ec:bdf::67 8075 (MICROSOFT...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.230.228.22 16509 (AMAZON-02)
1 52.222.169.53 16509 (AMAZON-02)
1 13.32.145.105 16509 (AMAZON-02)
6 34.96.102.137 396982 (GOOGLE-CL...)
1 2606:2800:133... 15133 (EDGECAST)
1 16 104.18.70.113 13335 (CLOUDFLAR...)
5 3.215.5.161 14618 (AMAZON-AES)
1 104.18.72.113 13335 (CLOUDFLAR...)
3 20.50.88.238 8075 (MICROSOFT...)
3 104.16.53.111 13335 (CLOUDFLAR...)
3 3 89.207.16.75 41041 (VCLK-EU-SE)
68 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 23.56.201.9 ()
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 157.230.94.108 ()
2 2a03:2880:f08... 32934 (FACEBOOK)
4 2620:1ec:c11:... ()
1 35.244.142.80 ()
5 35.201.112.186 396982 (GOOGLE-CL...)
1 7 35.227.244.1 ()
3 2600:9000:26d... ()
1 67.225.220.126 ()
2 35.234.162.151 ()
1 2 104.115.82.24 20940 (AKAMAI-ASN1)
3 2600:9000:225... ()
1 151.101.0.176 ()
2 2606:4700::68... ()
2 2001:4860:480... ()
1 157.230.230.25 ()
1 35.186.247.156 ()
1 2400:52e0:1e0... ()
1 2600:9000:20a... ()
1 13.32.13.117 ()
1 35.186.194.58 ()
4 138.197.61.175 ()
1 51.77.64.70 ()
1 2600:1f16:ebf... ()
2 2a03:2880:f17... ()
1 2 104.17.3.184 ()
4 2606:4700:10:... ()
1 142.250.181.232 ()
1 2a00:1450:400... ()
3 104.16.51.111 ()
1 151.101.192.176 ()
1 3.33.220.150 ()
16 20 35.204.74.118 ()
1 2600:9000:237... ()
2 3 46.228.174.117 ()
1 76.223.111.18 ()
1 2600:1f18:612... ()
1 2 34.111.113.62 ()
1 18.194.241.18 ()
2 2 2600:1901:0:8... ()
1 3 172.217.16.194 ()
1 2 54.78.254.47 ()
1 52.72.130.114 ()
1 2.19.244.177 ()
1 34.255.230.248 ()
1 34.251.32.20 ()
1 35.244.174.68 ()
1 1 142.250.184.194 ()
1 1 142.250.181.228 ()
1 172.217.18.3 ()
1 3 185.89.210.153 ()
1 69.173.144.139 ()
1 34.98.64.218 ()
1 52.217.97.84 ()
1 35.190.54.17 ()
1 75.2.91.175 ()
244 71
Apex Domain
Subdomains
Transfer
77 firstleaf.com
www.firstleaf.com
images.firstleaf.com
rbv9j7km.firstleaf.com
fbapi.firstleaf.com
api.firstleaf.com
ct.firstleaf.com
3 MB
26 perkspot.com
url1941.psmark.perkspot.com — Cisco Umbrella Rank: 230528
email.perkspot.com — Cisco Umbrella Rank: 405179
pslogin.perkspot.com — Cisco Umbrella Rank: 196391
ochsner.perkspot.com
776 KB
22 simpli.fi
tag.simpli.fi
i.simpli.fi
um.simpli.fi
10 KB
16 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2393
ekr.zdassets.com — Cisco Umbrella Rank: 2866
586 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 375
168 KB
7 shop.pe
shop.pe
shopper.shop.pe
app.shop.pe
11 KB
7 zendesk.com
assets.zendesk.com — Cisco Umbrella Rank: 10859
perkspot.zendesk.com — Cisco Umbrella Rank: 156954
penrosehill.zendesk.com
3 KB
7 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1007
127 KB
6 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2422
rs.fullstory.com
77 KB
6 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4085
88 KB
5 cybba.solutions
files1.cybba.solutions
app.cybba.solutions
29 KB
5 brilliantcollector.com
lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 20123
606 B
4 cloudfront.net
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
76 KB
4 bing.com
bat.bing.com
14 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
665 B
3 mczbf.com
www.mczbf.com
16 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
308 KB
3 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 591
540 B
2 exelator.com
loadm.exelator.com
2 KB
2 pro-market.net
fei.pro-market.net
911 B
2 tapad.com
pixel.tapad.com
1 KB
2 1rx.io
sync.1rx.io
712 B
2 cloudflare.com
challenges.cloudflare.com
14 KB
2 facebook.com
www.facebook.com
3 KB
2 adsrvr.org
js.adsrvr.org
insight.adsrvr.org
5 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net
123 B
2 lightboxcdn.com
www.lightboxcdn.com
2 KB
2 stripe.com
js.stripe.com
148 KB
2 trkn.us
trkn.us — Cisco Umbrella Rank: 2447
1 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
153 KB
2 typography.com
cloud.typography.com
884 B
2 azureedge.net
psprods3ep.azureedge.net — Cisco Umbrella Rank: 112839
8 KB
1 nytrng.com
nytrng.com
1 safeopt.com
manage.safeopt.com
833 B
1 amazonaws.com
addshoppers.s3.amazonaws.com
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com Failed
3 KB
1 openx.net
us-u.openx.net
273 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 google.de
www.google.de
64 B
1 google.com
www.google.com
24 B
1 googleadservices.com
www.googleadservices.com
23 B
1 rlcdn.com
idsync.rlcdn.com
98 B
1 lijit.com
ce.lijit.com
223 B
1 crwdcntrl.net
bcp.crwdcntrl.net
266 B
1 bluekai.com
stags.bluekai.com
479 B
1 bfmio.com
sync.bfmio.com
421 B
1 agkn.com
aa.agkn.com
342 B
1 tremorhub.com
simplifi.partners.tremorhub.com
175 B
1 3lift.com
eb2.3lift.com
140 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
378 B
1 smaato.net
s.ad.smaato.net
236 B
1 google-analytics.com
www.google-analytics.com
21 KB
1 ip-api.com
pro.ip-api.com
462 B
1 sentry.io
sentry.io
324 B
1 firstleaf.club
rbv9j7km.firstleaf.club
409 B
1 rtb123.com
www.rtb123.com
2 KB
1 pdst.fm
cdn.pdst.fm
18 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 631
306 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1009
7 KB
1 emjcd.com
www.emjcd.com — Cisco Umbrella Rank: 18855
1 KB
1 dotomi.com
cj.dotomi.com — Cisco Umbrella Rank: 19093
1 KB
1 kqzyfj.com
www.kqzyfj.com — Cisco Umbrella Rank: 89127
613 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2987
47 KB
1 go2sdk.com
js.go2sdk.com — Cisco Umbrella Rank: 29059
4 KB
1 rollbar.com
cdn.rollbar.com — Cisco Umbrella Rank: 16224
24 KB
1 zjptg.com
www.p.zjptg.com — Cisco Umbrella Rank: 52742
49 KB
0 intentiq.com Failed
sync.intentiq.com Failed
244 67
Domain Requested by
66 www.firstleaf.com ochsner.perkspot.com
www.firstleaf.com
22 ochsner.perkspot.com ochsner.perkspot.com
20 um.simpli.fi 16 redirects
14 static.zdassets.com ochsner.perkspot.com
assets.zendesk.com
static.zdassets.com
www.googletagmanager.com
11 cdn.cookielaw.org www.firstleaf.com
cdn.cookielaw.org
ochsner.perkspot.com
7 unpkg.com ochsner.perkspot.com
6 dev.visualwebsiteoptimizer.com ochsner.perkspot.com
dev.visualwebsiteoptimizer.com
5 edge.fullstory.com ochsner.perkspot.com
edge.fullstory.com
5 lib-us-1.brilliantcollector.com cdn.rollbar.com
ochsner.perkspot.com
4 app.cybba.solutions files1.cybba.solutions
4 bat.bing.com www.googletagmanager.com
bat.bing.com
www.firstleaf.com
4 rbv9j7km.firstleaf.com ochsner.perkspot.com
rbv9j7km.firstleaf.com
www.firstleaf.com
3 app.shop.pe www.firstleaf.com
3 ib.adnxs.com 1 redirects edge.fullstory.com
3 penrosehill.zendesk.com static.zdassets.com
3 api.firstleaf.com www.firstleaf.com
3 www.mczbf.com ochsner.perkspot.com
www.firstleaf.com
3 d2mjzob2nc713b.cloudfront.net www.firstleaf.com
shop.pe
3 shop.pe 1 redirects d2mjzob2nc713b.cloudfront.net
3 www.googletagmanager.com www.firstleaf.com
www.googletagmanager.com
3 perkspot.zendesk.com static.zdassets.com
3 dc.services.visualstudio.com cdn.rollbar.com
2 loadm.exelator.com 1 redirects
2 cm.g.doubleclick.net
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 sync.1rx.io 2 redirects
2 ct.firstleaf.com www.firstleaf.com
2 challenges.cloudflare.com 1 redirects www.firstleaf.com
2 www.facebook.com www.firstleaf.com
2 us-central1-adaptive-growth.cloudfunctions.net ochsner.perkspot.com
2 www.lightboxcdn.com ochsner.perkspot.com
www.firstleaf.com
2 js.stripe.com www.firstleaf.com
js.stripe.com
2 trkn.us 1 redirects www.firstleaf.com
2 connect.facebook.net ochsner.perkspot.com
connect.facebook.net
2 cloud.typography.com 2 redirects
2 ekr.zdassets.com assets.zendesk.com
ochsner.perkspot.com
2 psprods3ep.azureedge.net ochsner.perkspot.com
2 pslogin.perkspot.com 2 redirects
1 nytrng.com d2mjzob2nc713b.cloudfront.net
1 manage.safeopt.com www.firstleaf.com
1 shopper.shop.pe shop.pe
1 addshoppers.s3.amazonaws.com d2mjzob2nc713b.cloudfront.net
1 us-u.openx.net
1 pixel.rubiconproject.com
1 www.google.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 idsync.rlcdn.com
1 ce.lijit.com
1 bcp.crwdcntrl.net
1 stags.bluekai.com
1 sync.bfmio.com
1 aa.agkn.com
1 simplifi.partners.tremorhub.com
1 eb2.3lift.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net
1 insight.adsrvr.org js.adsrvr.org
1 i.simpli.fi tag.simpli.fi
1 www.google-analytics.com www.googletagmanager.com
1 fbapi.firstleaf.com www.firstleaf.com
1 pro.ip-api.com www.firstleaf.com
1 rs.fullstory.com www.firstleaf.com
1 js.adsrvr.org www.rtb123.com
1 d2rp1k1dldbai6.cloudfront.net www.rtb123.com
1 files1.cybba.solutions www.rtb123.com
1 sentry.io www.firstleaf.com
1 rbv9j7km.firstleaf.club rbv9j7km.firstleaf.com
1 tag.simpli.fi www.googletagmanager.com
1 www.rtb123.com ochsner.perkspot.com
1 cdn.pdst.fm ochsner.perkspot.com
1 geolocation.onetrust.com cdn.cookielaw.org
1 images.firstleaf.com www.firstleaf.com
1 static.cloudflareinsights.com www.firstleaf.com
1 www.emjcd.com 1 redirects
1 cj.dotomi.com 1 redirects
1 www.kqzyfj.com 1 redirects
1 assets.zendesk.com 1 redirects
1 az416426.vo.msecnd.net ochsner.perkspot.com
1 js.go2sdk.com ochsner.perkspot.com
1 cdn.rollbar.com ochsner.perkspot.com
1 www.p.zjptg.com ochsner.perkspot.com
1 email.perkspot.com 1 redirects
1 url1941.psmark.perkspot.com 1 redirects
0 b0vbfk2zr6.execute-api.us-east-1.amazonaws.com Failed www.firstleaf.com
0 sync.intentiq.com Failed
244 88

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
help.firstleaf.com
apply.workable.com
Subject Issuer Validity Valid
*.perkspot.com
Go Daddy Secure Certificate Authority - G2
2023-06-03 -
2024-07-04
a year crt.sh
*.azureedge.net
Microsoft Azure RSA TLS Issuing CA 08
2024-05-22 -
2025-05-17
a year crt.sh
unpkg.com
GTS CA 1P5
2024-05-30 -
2024-08-28
3 months crt.sh
www.p.zjptg.com
Amazon RSA 2048 M02
2024-06-02 -
2025-07-01
a year crt.sh
cdn.rollbar.com
Amazon RSA 2048 M03
2024-04-11 -
2025-05-09
a year crt.sh
js.go2sdk.com
Amazon RSA 2048 M01
2023-08-06 -
2024-09-02
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2023-07-06 -
2024-07-06
a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA
2024-01-30 -
2025-01-30
a year crt.sh
*.brilliantcollector.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-04-08 -
2025-04-16
a year crt.sh
zdassets.com
E1
2024-05-01 -
2024-07-30
3 months crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04
2024-04-10 -
2025-04-05
a year crt.sh
perkspot.zendesk.com
E1
2024-05-14 -
2024-08-12
3 months crt.sh
firstleaf.com
GTS CA 1P5
2024-04-25 -
2024-07-24
3 months crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3
2024-03-01 -
2024-12-31
10 months crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-05-08 -
2024-08-06
3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3
2023-11-13 -
2024-11-12
a year crt.sh
*.getrockerbox.com
*.getrockerbox.com
2019-06-06 -
2049-05-29
30 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-14 -
2024-06-12
3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 02
2024-05-01 -
2024-06-27
2 months crt.sh
cdn.pdst.fm
WR3
2024-05-17 -
2024-08-15
3 months crt.sh
edge.fullstory.com
GTS CA 1D4
2024-05-03 -
2024-08-01
3 months crt.sh
rtb123.com
R3
2024-04-29 -
2024-07-28
3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-07 -
2024-12-07
a year crt.sh
www.mczbf.com
Amazon RSA 2048 M03
2024-04-20 -
2025-05-19
a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA
2024-05-22 -
2024-08-22
3 months crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3
2023-10-09 -
2024-10-08
a year crt.sh
misc.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-08 -
2024-09-07
a year crt.sh
files1.cybba.solutions
R3
2024-05-28 -
2024-08-26
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
rs.fullstory.com
GTS CA 1D4
2024-05-02 -
2024-07-31
3 months crt.sh
*.cybba.solutions
Sectigo RSA Domain Validation Secure Server CA
2023-08-08 -
2024-06-17
10 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-21 -
2025-01-20
a year crt.sh
fbapi.firstleaf.com
Amazon RSA 2048 M02
2024-05-20 -
2025-06-19
a year crt.sh
penrosehill.zendesk.com
E1
2024-05-14 -
2024-08-12
3 months crt.sh
*.shop.pe
RapidSSL TLS RSA CA G1
2023-07-13 -
2024-07-12
a year crt.sh
*.g.doubleclick.net
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01
2024-04-22 -
2025-04-07
a year crt.sh
*.safeopt.com
GlobeSSL DV CA
2024-05-17 -
2025-06-14
a year crt.sh
nytrng.com
Amazon RSA 2048 M03
2024-02-23 -
2025-03-23
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh

This page contains 10 frames:

Primary Page: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Frame ID: A1461AFB0128073ADE87141862888A83
Requests: 268 HTTP requests in this frame

Frame: https://static.zdassets.com/ekr/asset_composer.js
Frame ID: 0E0F1ED1180946100956992A7F6BAEFE
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Frame ID: 1886B6484D4DECA7308104E0A93E33DD
Requests: 7 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Frame ID: 73EFBBE109DAF103164FF10545A8A64A
Requests: 9 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: FB0695D755F04FAD399E2A0ECA2576CD
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 01BEBEF307DCB335ACC9FD528ED3D027
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 198BE7822872F3E4DFC247ADF5E23D21
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 38C09DA86CE80BECAC4686E652837DF2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=l7cyjy0&ref=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&upid=hm2fj8w&upv=1.1.0
Frame ID: 0225282203A4A8AFF0F57C9EBD7827CD
Requests: 1 HTTP requests in this frame

Frame: https://nytrng.com/iframe?vcp=4dd5h0np&as_id=3a14d060f035496e8b311936ff44a078
Frame ID: 32B1F7333E38375A2A5066DFCA54E317
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

America's #1 Awarded Wine Club Subscription - Firstleaf

Page URL History Show full URLs

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfe... HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Small&enti... HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=ef252901-b630-4e85-8fb5-81e2f005f625&auth=4a24cd3e82fe0fac2bf... HTTP 302
    https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=6JPNMJH1W6BK0BVGWRNXYJXKD HTTP 302
    https://cj.dotomi.com/d566cy65O/y49/NRROUURU/OMVTMSO/M/M/M?h=v5vq%3DJWcaZWUEjJOXDOiTjeaklWkXQ%3c%3... HTTP 302
    https://www.emjcd.com/qn72ft10L/t-4/IMMJPPMP/JHQOHNJ/H/LHHMHMOLNNNQJMPOIO:7lUs2lE1UDJH/rttKwLNHJJs... HTTP 302
    https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=185... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • /react-redux(@|/)([\d.]+)(?:/[a-z]+)?/react-redux(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

244
Requests

87 %
HTTPS

32 %
IPv6

67
Domains

88
Subdomains

71
IPs

4
Countries

5786 kB
Transfer

21005 kB
Size

46
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgDTBj4qKEY9ePYgT11nH748GvQXKRGGuL3ibTOt1cJ72D80EGMoz8lyPct8wwxFmoDbuT4EDgIiOzpVgAeIlcuzYUI9csVAIcqIgajT0L0HneryU5oVf1AEQI4KtqJuYX9CGVIQNNNiIScbu7lZu28xgWe6j7igvGuaS6fHKkzSuKaPyUsj8x51fFMzwAf7stVsl3elGgaikNl0elxjxTBE4r9LmPrR3Tovm75xdbzH4URLVNbTNgF90ZhUrJLo0gcE8DAY-2BJbbreu64isngkZycUbooShR5byraMpjJIddxWHcQ1rTzlhBxioY-2FBKkKOp4hZHuHnGVjBRVaxg4FwNhxRmxYGZjqAO9gh8je7TDM-3D6s7D_E3jX7UdwUvWW16GmiaKN7K-2FxDJSJdm-2BWrXWTng6AOS8Ba1sflC1treIpEIVDI2-2FAnWjgpX1YNhNnfaVhvpDkGUUM2Ye3FiPnMJZusOa3-2BelbNV3uOEknp-2FILoNev09idIKadkPQl3USOt5TcDHlOGzUtypduYQLL0BMsRqQ1AEHFbQgKbwRE-2BhxikTJ-2BqTsbT0Z-2Bcxl1W1Zub-2Fj6ieZdG39nt72TYMTZCuUlMYWXnuA-3D HTTP 302
    https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=2&dt=s&ao=1431609&esp=sg&userId=35058995&email=danielle.fontenot%40ochsner.org&communityid=1070&cmpnid=977&entityEmailTypeCode=weeklyblast&auth=e88b989bd6b3913c63597e6c042b0cce HTTP 302
    https://pslogin.perkspot.com/auth/email?sid=ef252901-b630-4e85-8fb5-81e2f005f625&auth=4a24cd3e82fe0fac2bf7fe761c4e0536&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
    https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
    https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast Page URL
  2. https://www.kqzyfj.com/click-2097062-15528858?sid=6JPNMJH1W6BK0BVGWRNXYJXKD HTTP 302
    https://cj.dotomi.com/d566cy65O/y49/NRROUURU/OMVTMSO/M/M/M?h=v5vq%3DJWcaZWUEjJOXDOiTjeaklWkXQ%3c%3cu6625%3A%2F%2F999.x3CBsw.p1z%2Fpyvpx-FDMKDJF-EIIFLLIL%3c%3cT%3cu6625%3A%2F%2F1pu50r4.2r4x5216.p1z%2F%3c%3cE%3cE%3cD%3cD%3c HTTP 302
    https://www.emjcd.com/qn72ft10L/t-4/IMMJPPMP/JHQOHNJ/H/LHHMHMOLNNNQJMPOIO:7lUs2lE1UDJH/rttKwLNHJJsIIIvwPKJvvLtwHrIPsPwP?d=sxni%3DBOUSROM6bBGP5GaLbWScdOcPI%3chot!27u4-imyoCyv%3cmyyux%3A%2F%2F111.pv43ko.htr%2Fhqnhp-75EC5B7-6AA7DDAD%3c%3cL%3cmyyux%3A%2F%2Fthmxsjw.ujwpxuty.htr%2F%3cgf95g9jk-k8E6-99g8-Dj98-CifiikDkfgEB%3c6%3c6%3c5%3c5%3c HTTP 302
    https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgDTBj4qKEY9ePYgT11nH748GvQXKRGGuL3ibTOt1cJ72D80EGMoz8lyPct8wwxFmoDbuT4EDgIiOzpVgAeIlcuzYUI9csVAIcqIgajT0L0HneryU5oVf1AEQI4KtqJuYX9CGVIQNNNiIScbu7lZu28xgWe6j7igvGuaS6fHKkzSuKaPyUsj8x51fFMzwAf7stVsl3elGgaikNl0elxjxTBE4r9LmPrR3Tovm75xdbzH4URLVNbTNgF90ZhUrJLo0gcE8DAY-2BJbbreu64isngkZycUbooShR5byraMpjJIddxWHcQ1rTzlhBxioY-2FBKkKOp4hZHuHnGVjBRVaxg4FwNhxRmxYGZjqAO9gh8je7TDM-3D6s7D_E3jX7UdwUvWW16GmiaKN7K-2FxDJSJdm-2BWrXWTng6AOS8Ba1sflC1treIpEIVDI2-2FAnWjgpX1YNhNnfaVhvpDkGUUM2Ye3FiPnMJZusOa3-2BelbNV3uOEknp-2FILoNev09idIKadkPQl3USOt5TcDHlOGzUtypduYQLL0BMsRqQ1AEHFbQgKbwRE-2BhxikTJ-2BqTsbT0Z-2Bcxl1W1Zub-2Fj6ieZdG39nt72TYMTZCuUlMYWXnuA-3D HTTP 302
  • https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=2&dt=s&ao=1431609&esp=sg&userId=35058995&email=danielle.fontenot%40ochsner.org&communityid=1070&cmpnid=977&entityEmailTypeCode=weeklyblast&auth=e88b989bd6b3913c63597e6c042b0cce HTTP 302
  • https://pslogin.perkspot.com/auth/email?sid=ef252901-b630-4e85-8fb5-81e2f005f625&auth=4a24cd3e82fe0fac2bf7fe761c4e0536&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&CommunityId=1070 HTTP 302
  • https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast HTTP 302
  • https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Request Chain 37
  • https://assets.zendesk.com/embeddable_framework/main.js HTTP 301
  • https://static.zdassets.com/ekr/asset_composer.js
Request Chain 61
  • https://cloud.typography.com/7410416/6307592/css/fonts.css HTTP 302
  • https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Request Chain 127
  • https://shop.pe/widget/widget_async.js HTTP 301
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Request Chain 132
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697 HTTP 302
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697;ip=80.255.10.204;cuidchk=1
Request Chain 208
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/26ed7e9dda49/api.js
Request Chain 226
  • https://cloud.typography.com/7410416/6307592/css/fonts.css HTTP 302
  • https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Request Chain 257
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=21B7F233A8484D38AD5208B64D39DC63
Request Chain 258
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/21B7F233A8484D38AD5208B64D39DC63 HTTP 302
  • https://sync.1rx.io/usersync/simplifi/21B7F233A8484D38AD5208B64D39DC63?zcc=1&cb=1717533200652 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-2efe3d6f-ab0f-4f11-829c-4ace5b059cc1-003
Request Chain 259
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=21B7F233A8484D38AD5208B64D39DC63&dongle=yf3
Request Chain 260
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=21B7F233A8484D38AD5208B64D39DC63
Request Chain 261
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63
Request Chain 262
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 263
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 266
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=21B7F233A8484D38AD5208B64D39DC63;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=21B7F233A8484D38AD5208B64D39DC63;mimetype=img;sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODIwMDMwNDUxMjU4NDkyNjAyMA==
Request Chain 267
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0&xl8blockcheck=1
Request Chain 269
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 270
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=21B7F233A8484D38AD5208B64D39DC63
Request Chain 271
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 272
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 273
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=21B7F233A8484D38AD5208B64D39DC63
Request Chain 274
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1717533200481&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI5PO74uXChgMVhXNBAh00vwuuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Gmh0dHBzOi8vd3d3LmZpcnN0bGVhZi5jb20v HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI5PO74uXChgMVhXNBAh00vwuuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Gmh0dHBzOi8vd3d3LmZpcnN0bGVhZi5jb20v&is_vtc=1&cid=CAQSGwDaQooL2ZbocEupmahT2RU03N-5ynApFKO_CA&random=1365871237 HTTP 302
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI5PO74uXChgMVhXNBAh00vwuuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Gmh0dHBzOi8vd3d3LmZpcnN0bGVhZi5jb20v&is_vtc=1&cid=CAQSGwDaQooL2ZbocEupmahT2RU03N-5ynApFKO_CA&random=1365871237&ipr=y
Request Chain 276
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=21B7F233A8484D38AD5208B64D39DC63 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D21B7F233A8484D38AD5208B64D39DC63
Request Chain 277
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=21B7F233A8484D38AD5208B64D39DC63&expires=365
Request Chain 278
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=21B7F233A8484D38AD5208B64D39DC63

244 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
none
ochsner.perkspot.com/offer/1431609/
Redirect Chain
  • https://url1941.psmark.perkspot.com/ls/click?upn=u001.JX5yNMmulKenkKh8ieBztAqgFmqnC-2Bnxzv6GBQq-2Fla3Bgj9glXDJfeO2maHOvWfXDFh6cxOsS-2FwbARgXBAF9ZiD5oYCOI5pylJF-2BPi5kmb-2F2G0w1uCWyNi42AKpp5A-2BgDTB...
  • https://email.perkspot.com/e/v3/click/offer/1431609?merchantName=FirstleafWineClub&assetType=Small&entityEmailTypeCode=weeklyblast&communityid=1070&pt=sss&at=s&ap=0&pk=2&dt=s&ao=1431609&esp=sg&user...
  • https://pslogin.perkspot.com/auth/email?sid=ef252901-b630-4e85-8fb5-81e2f005f625&auth=4a24cd3e82fe0fac2bf7fe761c4e0536&redirectUrl=%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklybl...
  • https://pslogin.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
  • https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
24 KB
13 KB
Document
General
Full URL
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
265ec3f5c3f81755932ce9e735f44dfb9bfbec532499d537b6e6c010ceb73ea0
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-expose-headers
Request-Context
cache-control
private
content-encoding
gzip
content-length
9621
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 20:33:11 GMT
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
vary
Accept-Encoding
x-azure-ref
20240604T203310Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016ta2
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

access-control-expose-headers
Request-Context
cache-control
private
content-length
204
content-security-policy
frame-ancestors *.perkspot.com
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 20:33:10 GMT
location
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
x-azure-ref
20240604T203310Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016t9u
x-cache
CONFIG_NOCACHE
x-content-security-policy
frame-ancestors *.perkspot.com
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET
core.css
ochsner.perkspot.com/Content/sass/dist/
133 KB
32 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:43 GMT
etag
"80ed3b7f7b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tb2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
32540
x-content-security-policy
frame-ancestors *.perkspot.com
perxcss.css
ochsner.perkspot.com/Content/sass/dist/
465 KB
57 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
84aafd3b0424d927bd3bcc5d9a9d1a194d229fd26021e29643a85f1526d4726c
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:43 GMT
etag
"80ed3b7f7b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tb3
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
58343
x-content-security-policy
frame-ancestors *.perkspot.com
psBootstrap.css
ochsner.perkspot.com/Scripts/React/
774 KB
79 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/Scripts/React/psBootstrap.css?v=1.0.0.0
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0e8abd9abf618f3004615d16dbe6d2fb4ba97e5bde8381a1fe2641c989cc9d6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"80c46797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tb4
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
80498
x-content-security-policy
frame-ancestors *.perkspot.com
community-css
ochsner.perkspot.com/
63 KB
12 KB
Stylesheet
General
Full URL
https://ochsner.perkspot.com/community-css?communityId=1070
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
ffbc89001d744f391897c2e5e3103609c2877b745780a94fb574e3249cbc0314
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
11453
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:11 GMT
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tb5
access-control-expose-headers
Request-Context
cache-control
private, max-age=86400
accept-ranges
bytes
expires
Wed, 05 Jun 2024 20:33:11 GMT
insights
ochsner.perkspot.com/bundles/
4 KB
3 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
2628
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:11 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tb6
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 04 Jun 2025 20:33:11 GMT
PerkSpot_TLF_SDK_6-1.js
ochsner.perkspot.com/scripts/
161 KB
53 KB
Script
General
Full URL
https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"80c46797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240604T203315Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tn7
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
54239
x-content-security-policy
frame-ancestors *.perkspot.com
logo_1070.png
psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/
5 KB
5 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/communities/logo_1070.png
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
747a09321aacb9796be726ab2490560a06c01a7171ef773d58670cc575fe22e5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
last-modified
Tue, 14 May 2024 19:54:27 GMT
x-amz-request-id
XEP0P4XTY7GWY3CX
etag
"78daf1d239de238a89fd4768dea49d91"
x-amz-server-side-encryption
AES256
x-azure-ref
20240604T203311Z-16577d9575dtkpws23hyetcq9g00000002cg000000019ce4
x-cache
TCP_HIT
content-type
image/png
cache-control
public, max-age=18000
x-fd-int-roxy-purgeid
70895118
accept-ranges
bytes
content-length
4864
x-amz-id-2
STYQjIvFhDT7c4IL2nwSYlkF41v2QS2OqDzhhbjnPzB7D6R06M338j5u0UprOG8/G/mT+X9oECE=
logo_44971.webp
psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/
2 KB
2 KB
Image
General
Full URL
https://psprods3ep.azureedge.net/cdn.perkspot.com/images/merchants/logo_44971.webp
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac37996ea31bb4a1009ab93325cd2e100f3a04159a10ba7d7335f8f9b6d8a430

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
last-modified
Wed, 15 May 2024 07:20:22 GMT
x-amz-request-id
5CCE890VFJC5EAEE
etag
"e04ded651669d79a41441a63a5926aa5"
x-amz-server-side-encryption
AES256
x-azure-ref
20240604T203311Z-16577d9575dtkpws23hyetcq9g00000002cg000000019ce5
x-cache
TCP_HIT
content-type
application/octet-stream
cache-control
public, max-age=172800
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
70895118
accept-ranges
bytes
content-length
2106
x-amz-id-2
aNpIX+Sc7EKjjDcl49kzdhNrLooqLVESAMq5N9BRs+B++/fqxqQ6S6geQYCxE/7rS9U7xO2mLc0=
jquery
ochsner.perkspot.com/bundles/
827 KB
314 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jquery?v=J6h_AL6u6wuvcIz6tbrKyATCmVd_tSErMeClln0d-iU1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Tue, 04 Jun 2024 20:33:11 GMT
expires
Wed, 04 Jun 2025 20:33:11 GMT
x-powered-by
ASP.NET
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tba
x-cache
CONFIG_NOCACHE
access-control-expose-headers
Request-Context
cache-control
public
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
jqueryval
ochsner.perkspot.com/bundles/
40 KB
16 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/jqueryval?v=YzRBe6gfD164-CLYW2zoB8py-eOZPLHUgoPct44VgDo1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
15663
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:11 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tbc
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 04 Jun 2025 20:33:11 GMT
bootstrap
ochsner.perkspot.com/bundles/
41 KB
14 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/bootstrap?v=7jtbseVPa_P_wxk-ANB0JbEiqz4vMc1fIXNwp0ieQEk1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
14262
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:11 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tbh
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 04 Jun 2025 20:33:11 GMT
react.production.min.js
unpkg.com/react@18.0.0/umd/
11 KB
6 KB
Script
General
Full URL
https://unpkg.com/react@18.0.0/umd/react.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7180203
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFPWV0DQA2SNG3V5FTW1Z9-fra
server
cloudflare
etag
"2a04-xsszuHb0TYvo8H4oHFeLkFVRBIk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab2501e13372f-FRA
react-dom.production.min.js
unpkg.com/react-dom@18.0.0/umd/
128 KB
59 KB
Script
General
Full URL
https://unpkg.com/react-dom@18.0.0/umd/react-dom.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7189159
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRW75JEX5J7DH8K2AQK6RZMX-fra
server
cloudflare
etag
"2014a-4hvyK4+Q49dCXSLyG13VROqaHvw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab2504e69372f-FRA
react-redux.min.js
unpkg.com/react-redux@7.2.8/dist/
16 KB
7 KB
Script
General
Full URL
https://unpkg.com/react-redux@7.2.8/dist/react-redux.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7180144
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFRQE4V7M7TG8BRWW6W3F6-fra
server
cloudflare
etag
"3ed0-hpbGJdoINWADjmP0Akj8XlSsvxg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab2507eaf372f-FRA
axios.min.js
unpkg.com/axios@0.26.1/dist/
17 KB
8 KB
Script
General
Full URL
https://unpkg.com/axios@0.26.1/dist/axios.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7180346
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFJG27X48N35RW8YH3WTMH-fra
server
cloudflare
etag
"457f-zA7QrHnYYTK2xYcjaiN3JvTqWzo"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab250af01372f-FRA
purify.min.js
unpkg.com/dompurify@2.4.0/dist/
21 KB
11 KB
Script
General
Full URL
https://unpkg.com/dompurify@2.4.0/dist/purify.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7180144
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWFRQEDHSKAPJW75P5TPD5E-fra
server
cloudflare
etag
"5495-OpC3QS0Kv+nnoIqpV/fCIUZWBuk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab250df3f372f-FRA
react-query.production.min.js
unpkg.com/react-query@3.39.1/dist/
48 KB
18 KB
Script
General
Full URL
https://unpkg.com/react-query@3.39.1/dist/react-query.production.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7185022
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3VR4FDD12M67QCM42KED-fra
server
cloudflare
etag
"bf18-Rt6LU5PcFI8/cFoIPW8wSWdNlHI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab2510f95372f-FRA
redux-toolkit.umd.min.js
unpkg.com/%40reduxjs/toolkit@1.8.1/dist/
39 KB
18 KB
Script
General
Full URL
https://unpkg.com/%40reduxjs/toolkit@1.8.1/dist/redux-toolkit.umd.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:11 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
7185017
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWB3W3TYWAEP0KX1XZRJR8X-fra
server
cloudflare
etag
"9a02-Q4Nq/njKcJAXmF3qDmhO8lBlpCM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
88eab2514ff1372f-FRA
toast.bundle.js
ochsner.perkspot.com/Scripts/React/
19 KB
5 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/toast.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
a491c75feed5de07c5670575157d1a18d8e0cec1254e9a4e09e35473fa20d015
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"80c46797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tce
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
4542
x-content-security-policy
frame-ancestors *.perkspot.com
reduxStore.bundle.js
ochsner.perkspot.com/Scripts/React/
6 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/reduxStore.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
405fbe83464869d07a363774c6b85f4e198cee730a5495f9e0f9de7f279a4311
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"80c46797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tch
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
2047
x-content-security-policy
frame-ancestors *.perkspot.com
dependencies.bundle.js
ochsner.perkspot.com/Scripts/React/
46 KB
15 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/dependencies.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
78e04595db9933ecf5e24650b1501604f66e2d977befd16f85f449e378aae9b3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"80c46797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tck
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
15042
x-content-security-policy
frame-ancestors *.perkspot.com
runtime.bundle.js
ochsner.perkspot.com/Scripts/React/
2 KB
2 KB
Script
General
Full URL
https://ochsner.perkspot.com/Scripts/React/runtime.bundle.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
90a531b621d2e8b6d11496fa4dceb4e3a66b73b0453ed8140b7a3b094de729a3
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"882c7c797b2da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tcm
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
1296
x-content-security-policy
frame-ancestors *.perkspot.com
perkspot.interstitial
ochsner.perkspot.com/bundles/
70 B
681 B
Script
General
Full URL
https://ochsner.perkspot.com/bundles/perkspot.interstitial?v=75limDE-2tqT07c2TKoyoRaneuVhjVbGd0-jy267eRQ1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
175
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:12 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203311Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tcn
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 04 Jun 2025 20:33:12 GMT
100001
www.p.zjptg.com/tag/1850771/
49 KB
49 KB
Script
General
Full URL
https://www.p.zjptg.com/tag/1850771/100001
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.228.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-228-22.muc50.r.cloudfront.net
Software
CloudFront /
Resource Hash
1f8b1e7f9cadc01a60f84f57941f4906b23a5f03b003bc910ae4a0adbf4e01ab

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:10:57 GMT
via
1.1 c2741d5ee2beeb4c9f22fb24f76708b6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P5
age
1335
x-cache
Hit from cloudfront
content-length
50259
x-amz-cf-id
M2MT4Xwe8zn5PCIvNUQ-RbEh0_4INuvYX_g4Q2DiziAzCOHo8CcJCA==
addtohomescreen
ochsner.perkspot.com/bundles/
9 KB
4 KB
Script
General
Full URL
https://ochsner.perkspot.com/bundles/addtohomescreen?v=dQY7ReEN3P6AvpTV4mVTeWSR8WQitK0nH1fxax2VNoA1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-content-security-policy
frame-ancestors *.perkspot.com
date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
gzip
content-security-policy
frame-ancestors *.perkspot.com
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
content-length
3536
request-context
appId=cid-v1:12044e8b-5494-457f-8033-cf6208c05b82
last-modified
Tue, 04 Jun 2024 20:33:15 GMT
vary
User-Agent,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
x-azure-ref
20240604T203315Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tn6
access-control-expose-headers
Request-Context
cache-control
public
accept-ranges
bytes
expires
Wed, 04 Jun 2025 20:33:15 GMT
rollbar.min.js
cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/
77 KB
24 KB
Script
General
Full URL
https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.222.169.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-169-53.cdg52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 20 May 2024 03:33:04 GMT
Content-Encoding
gzip
Via
1.1 cf82d48fdf484813132bbd9c90904672.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
CDG52-P2
Age
1357209
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 14 Sep 2022 17:49:55 GMT
Server
AmazonS3
ETag
W/"16c901ad672c76633691d7e04767ba75"
Vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=30672000,public
X-Amz-Cf-Id
CKnADZoVXMj7i_hI25O5SIgAeNCxML5ZFW_s95_1vViE_oBLTra90w==
tune.js
js.go2sdk.com/v2/
4 KB
4 KB
Script
General
Full URL
https://js.go2sdk.com/v2/tune.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-105.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 03 Jun 2024 23:18:48 GMT
x-amz-version-id
null
via
1.1 4dd111c814b0b5cf8bf82e59008da624.cloudfront.net (CloudFront)
last-modified
Mon, 04 Mar 2024 18:55:58 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C2
age
76465
etag
"3301ce2b9ef7fa3f72c5ae2b296d4ceb"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4142
x-amz-cf-id
BMzDiNjVTn7g0NQ6bCcSHNAHKriV7ig3-SmdQ6-XodqNh_k7vjdaCQ==
j.php
dev.visualwebsiteoptimizer.com/
42 KB
10 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
a85a67d9f4bb9e8573c9ef248e8e3ee59312a30048dd1e7649eb78b93b9f6c62

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1717531891_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
35A1AD_0_0.woff2
ochsner.perkspot.com/Content/fonts/
28 KB
28 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_0_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"53b7db797b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203312Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tcr
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
28718
x-content-security-policy
frame-ancestors *.perkspot.com
fontawesome-webfont.woff2
ochsner.perkspot.com/Content/fonts/
69 KB
69 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/fontawesome-webfont.woff2?v=4.6.1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/Content/sass/dist/core.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:34 GMT
etag
"6ddee2797b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203312Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tcs
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
70728
x-content-security-policy
frame-ancestors *.perkspot.com
35A1AD_3_0.woff2
ochsner.perkspot.com/Content/fonts/
41 KB
41 KB
Font
General
Full URL
https://ochsner.perkspot.com/Content/fonts/35A1AD_3_0.woff2
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/Content/sass/dist/perxcss.css?v=1.0.0.0
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:12 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:33 GMT
etag
"b419de797b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203312Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tct
content-type
font/woff2
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
42010
x-content-security-policy
frame-ancestors *.perkspot.com
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/
120 KB
47 KB
Script
General
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/bundles/insights?v=to06oIlwehQWm-xrmEMdoBd0yB91KJAuDMMP4SAO9aI1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFD) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:12 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
MPOa5dHQWkOQRqdkBRC0hg==
age
563
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
content-length
48078
x-ms-lease-status
unlocked
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
server
ECAcc (frc/4CFD)
x-ms-meta-aijssdkver
2.8.18
etag
0x8DC490392FC747D
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
18c0734e-c01e-008c-03bd-b69ab3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Tue, 04 Jun 2024 21:03:12 GMT
va_gq-13ef3a9970619213b4c7aba096ab7d99.js
dev.visualwebsiteoptimizer.com/edrv/
251 KB
66 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/va_gq-13ef3a9970619213b4c7aba096ab7d99.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
3f7e683e432438eb81fd7c0bcfe2df76b0ed1e2004fad6bcd4bb134094bd360d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 04 Jun 2024 15:04:36 GMT
server
gfra1
etag
"665f2d04-10621"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67105
nc-f027e2f8b6d886ae70364d8e0c97d3f3.js
dev.visualwebsiteoptimizer.com/edrv/
9 KB
3 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/edrv/nc-f027e2f8b6d886ae70364d8e0c97d3f3.js
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=793633&u=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&vn=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
8444915c7d150ad579f3e581586b2653e06238571c3c7c2bc50432943fac3b57

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Origin
https://ochsner.perkspot.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
br
via
1.1 google
last-modified
Tue, 04 Jun 2024 15:04:36 GMT
server
gfra1
etag
"665f2d04-cc1"
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3265
v.gif
dev.visualwebsiteoptimizer.com/
35 B
143 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=793633&d=ochsner.perkspot.com&u=D50867EE89CB91C169C4A9A99CFAB6655&h=71e78da7062a956bf548c5fafd0cf4ee&t=true
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:14 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=43200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
6aad2ded-dfbb-4411-93d9-49050c28d62e
https://ochsner.perkspot.com/
524 B
0
Other
General
Full URL
blob:https://ochsner.perkspot.com/6aad2ded-dfbb-4411-93d9-49050c28d62e
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77ddbbaa5177966bea803a36f5e4b512969529bba2f61e6524571e49182d0edc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Length
524
Content-Type
application/javascript
asset_composer.js
static.zdassets.com/ekr/ Frame 0E0F
Redirect Chain
  • https://assets.zendesk.com/embeddable_framework/main.js
  • https://static.zdassets.com/ekr/asset_composer.js
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/asset_composer.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ochsner.perkspot.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
x-amz-version-id
KdUtYfTvhN3NWk63zbedRawrUoa4O1MG
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
PZERAEDAFZ9SYDTC
age
23
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
tr/so4/RjvATt57vT5wh/Tz8DnV+qeKn9kxsgChY1AajmU8f2RwhpxcTMLctipwAH7PwDn9UhU4=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BkAgq0jNCDltkUKaWOOyV08xNLPnx7ANjn%2FnTUSXKIu35boEP%2BZb%2BPX%2BmC0tm%2FIs%2FEl6%2BsObV8cttZz8b7dVH2sDtvr9wRuSNLl3ZxFlm4HT6pcdzTociL%2BCXRadHfppEm97oec%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
88eab266deb0927d-FRA
access-control-allow-headers
*

Redirect headers

date
Tue, 04 Jun 2024 20:33:15 GMT
strict-transport-security
max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DA6X7qxQRI4Mn4W8ixbzh7WIo7Ltr0fuuhMoLWtnB%2BAcnGYsPvpOJjnLfkNp2jfPsR1FCv7PhJ0quc26nv2so%2Fg7gmw5XFGZCO3jOvFf9zsjnxDQ6vtYu542tguxySiMx59ptg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
location
https://static.zdassets.com/ekr/asset_composer.js
cache-control
max-age=3600
cf-ray
88eab2669b489112-FRA
content-length
167
expires
Tue, 04 Jun 2024 21:33:15 GMT
s.gif
dev.visualwebsiteoptimizer.com/
35 B
53 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/s.gif?account_id=793633&u=D50867EE89CB91C169C4A9A99CFAB6655&s=1717533192&ed=%7B%22sr%22%3A%221600x1200%22%2C%22sc%22%3A24%2C%22de%22%3A%22UTF-8%22%2C%22ul%22%3A%22de-de%22%2C%22r%22%3A%22%22%2C%22lt%22%3A1717533195301%2C%22tO%22%3A-2%2C%22tz%22%3A%22Europe%2FBerlin%22%7D&cu=https%3A%2F%2Fochsner.perkspot.com%2Foffer%2F1431609%2Fnone%3Futm_medium%3Demail%26utm_id%3Dweeklyblast&r=0&p=1&cq=0&vn=undefined&vns=undefined&vno=undefined&eTime=1717533192307&v=dd54cc59f
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:15 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
access-control-allow-origin
*
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-5-161.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 04 Jun 2024 20:33:15 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
f6ce702d3c824416a11711d09caffe00
lib-us-1.brilliantcollector.com/collector/switch/
1 B
245 B
XHR
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/f6ce702d3c824416a11711d09caffe00
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-5-161.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://ochsner.perkspot.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
nodeid
wscollector-989cd4b76-79k87
content-length
1
settings.js
dev.visualwebsiteoptimizer.com/
63 KB
9 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/settings.js?a=793633&settings_type=1&vn=&eventArch=1&uuid=&ec=759621|876184&exc=31|53|64|69
Requested by
Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/edrv/va_gq-13ef3a9970619213b4c7aba096ab7d99.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gfra1 /
Resource Hash
fe742c630272483414ecb99846b0f5ea038985940c4a9a766894808d3220f62b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
gzip
via
1.1 google
server
gfra1
etag
W/"1717531891_EA"
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
perkspot.zendesk.com
ekr.zdassets.com/compose/web_widget/ Frame 0E0F
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/web_widget/perkspot.zendesk.com
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd2607bd1e0d28c5c660af6719320d3e1aaac939df14f8888c554c15f5e0ee3f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
27
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
88e6ccb5cad04857-SEA, 88e6ccb5cad04857-SEA
x-runtime
0.003635
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"cd2607bd1e0d28c5c660af6719320d3e"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nzhPFUGYsnu1ZQ42U%2B3IYf0MUGu6JbB1RfYSF2aLQQQxFj%2FPyoxppjNh3cgArQt0dhGxRfR14%2Bjs1WO1%2B1mNs6fcPi49H39kWVvOnTQjJZtRb%2B4LOjwK4Iz%2FJPtY8m3QYEs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
88eab2677b395d3d-FRA
track
dc.services.visualstudio.com/v2/ Frame
0
0
Preflight
General
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 04 Jun 2024 20:33:14 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/
189 B
293 B
XHR
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://ochsner.perkspot.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 20:33:14 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
5 KB
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico?v=69Pda6nAAr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:35 GMT
etag
"2c3007b7b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203315Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tnk
content-type
image/x-icon
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
4286
x-content-security-policy
frame-ancestors *.perkspot.com
web-widget-main-c554e5f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1886
972 KB
278 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Requested by
Host: assets.zendesk.com
URL: https://assets.zendesk.com/embeddable_framework/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e54d8b5abd14920406ad0ce9ae99de43df27b0b8121a25e93536c8b27ab2ca
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
x-amz-version-id
M6SFlpuOd5Qmy5hzuDRKb.76mBVtEYd9
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H09AD88VC75HXRP
age
96
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
x6P07Mk4dU5ZSm9wZb4vgUjZWwKQbxvZiHVH/WwMT1YjQbu8khQdjYvzVtHWD+whoaKQd61yE7vg6gDhLXFemQ==
last-modified
Tue, 28 May 2024 06:15:37 GMT
server
cloudflare
etag
W/"5438a6a010b9fd0277fb4b091570d814"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wm%2BrAW%2F0Si6j%2Bd0imsxaPiQjZjOeio0z9EDV7%2F4yHDR5cicnlCqRbvhzOyR1LJoNWCIGtDachWSvK6nLhjghbkA%2BFjbWhliyCbmaWfo7QczVm9Y%2FaYre%2B5DQhIY6muWM14DIQQg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab268087f927d-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:15:36 GMT
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
5 KB
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:35 GMT
etag
"2c3007b7b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203315Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tnt
content-type
image/x-icon
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
4286
x-content-security-policy
frame-ancestors *.perkspot.com
en-us-json-c554e5f.js
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 1886
25 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
x-amz-version-id
NSUZ6R9S.8NfnxE7QaHKj5QFEPo8oYOL
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H08RNEXDTK4NZB0
age
42685
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ijvwi98i753M2ud3Bt8acyQWY+LRFox8Ou1v9m7iemOtUXjxIw6X/JQhUA35D4yeDOPlUk5kmsXM6nF28FLgyw==
last-modified
Tue, 28 May 2024 06:15:38 GMT
server
cloudflare
etag
W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eII3lOi3qMspbVReOEGHITJ2B27fww7ibopqW2OcVr8piH8QDRi3ZJyUPqFoRiKJNY6nccD25wKeieFWgPzasYE0B3ttUwRn9l1eDaOnk5cYRK3WeyQN7Z9IwbN6AKOx9gTMR7o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab268c9f9927d-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:15:37 GMT
config
perkspot.zendesk.com/embeddable/ Frame 1886
799 B
1 KB
Fetch
General
Full URL
https://perkspot.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56803e8fac0559c6f22f3b7ab50580285d4b64e77fefe70496e347483ad2e195

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
55
x-zendesk-origin-server
embeddable-app-server-7d5d7c48d7-scncv
x-cached
STALE
x-runtime
0.003498
last-modified
Tue, 04 Jun 2024 20:32:20 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3RTx5pMH9PZeT%2Bww5DST8NkFj2whUglC1RMqgDRKxuwZlL5NnZXGWSq6yrX2arOwo6kW7vLsdXwLR7JMgS0as6BOmc7bwOxx2ipT364VW6TS28ak77DS6H2AKwLj0q7wCjccLXbg"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
88eab2690b74362a-FRA
collectorPost
lib-us-1.brilliantcollector.com/collector/ Frame
0
0
Preflight
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-5-161.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods
POST
access-control-allow-origin
https://ochsner.perkspot.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Tue, 04 Jun 2024 20:33:15 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
0
collectorPost
lib-us-1.brilliantcollector.com/collector/
38 B
361 B
Fetch
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-5-161.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Content-Encoding
gzip
X-Tealeaf-SyncXHR
false
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Tealeaf-MessageTypes
1,2,12,14,17
X-Tealeaf-SaaS-AppKey
f6ce702d3c824416a11711d09caffe00
X-Tealeaf-SaaS-TLTSID
42970361454662089624209081955675
X-Requested-With
fetch
sec-ch-ua-platform
"Win32"
X-Tealeaf
device (UIC) Lib/6.1.0.1989
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ochsner.perkspot.com/
X-TealeafType
GUI
X-PageId
P.ADJ33BYQ78QDB2R83SMNLFNXRRBE
X-TeaLeaf-Page-Url
/offer/1431609/none

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://ochsner.perkspot.com
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
tltsid
42970361454662089624209081955675
nodeid
wscollector-989cd4b76-79k87
content-length
38
expires
Fri, 31 Dec 1998 12:00:00 GMT
web-widget-chat-sdk-c554e5f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1886
216 KB
53 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
x-amz-version-id
.856AVQ5u0d3qc7NtoxlFz0GoMk6pSyZ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
A9PDSDX9WGBRE480
age
42685
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZnzlBf0d20Bl8J+8VEnL9gDBlNC8bskoK6opdwIR95OvJw8ZWLIMDxIbHt+GEgMOviA8lR6tq30=
last-modified
Tue, 28 May 2024 06:15:37 GMT
server
cloudflare
etag
W/"bf7f24c006f934261d7ff732b528402b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUWm9seGOa7fYc9U80jrDDm7IUeWv052iLAtyde%2Bj569nfeknbyiZez9qNWZ3ZQaPI8jcZGrWBKyhYvXZnmfBrf90gGuSburA%2Fc0pg%2FqGP4ZPfXyEgG5CAFknNiXUBom7mbA9WA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2690a6a927d-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:15:35 GMT
favicon.ico
ochsner.perkspot.com/Content/images/icons/
4 KB
0
Other
General
Full URL
https://ochsner.perkspot.com/Content/images/icons/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::42 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:15 GMT
content-security-policy
frame-ancestors *.perkspot.com
last-modified
Wed, 29 May 2024 20:33:35 GMT
etag
"2c3007b7b2da1:0"
x-powered-by
ASP.NET
x-frame-options
SAMEORIGIN
x-azure-ref
20240604T203315Z-16577d9575dmm7x8a7tqwb4qpg00000002u0000000016tnt
content-type
image/x-icon
x-cache
CONFIG_NOCACHE
accept-ranges
bytes
content-length
4286
x-content-security-policy
frame-ancestors *.perkspot.com
web-widget-chat-incoming-message-notification-c554e5f.js
static.zdassets.com/web_widget/classic/latest/ Frame 1886
236 B
838 B
Script
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:16 GMT
x-amz-version-id
61Rc4sTvafSu3tM1BCSylXg7kYb8okKi
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
A9P69CT04QXXT9VY
age
42686
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
F5AH9fXgYX7Yl46yWhrd+Ah5w2OUmWJb/UnPL1kWFcadi3KghSULhXwd914eNVVp3JBtQzEgj4Y=
last-modified
Tue, 28 May 2024 06:15:37 GMT
server
cloudflare
etag
W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FobRkGMonvsmFozlDs8bhNzdgL7ref8MWsx1aHr%2FjcwS0KPJ44kCwTnHafQ%2FOCkTJnQljhSxg2BJDT6zs5aB0zybij03TPSBGP7SqOsSbaKInMBq7pCFPKS8K8G3EahtMl3DBT0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab26d88ed927d-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:15:35 GMT
fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 1886
19 KB
20 KB
Media
General
Full URL
https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
Range
bytes=0-
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:16 GMT
x-amz-version-id
Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
KH5VE2Z70ZGQ75A2
age
7180396
x-amz-server-side-encryption
AES256
Content-Range
bytes 0-19697/19698
x-amz-replication-status
COMPLETED
Content-Length
19698
x-amz-id-2
LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified
Wed, 29 Nov 2023 08:06:43 GMT
server
cloudflare
etag
"f11ce9e8f40a392830217253fe75d6de"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0d7OpAzxQTaHxZ1A568O%2BCS5T6qNkl%2FsT2kj%2FglM6ebBQu0WnjFH0HdSSUkEKtKLJYiGDEmMKB%2BRdSNyXY%2Fn2uYC%2BZP55bXkv%2B5CwnL2BuwIECzdG3oXQRl5Z3az7VIVs0VY0Tk%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab26dc98d927d-FRA
access-control-allow-headers
*
expires
Thu, 28 Nov 2024 08:06:42 GMT
Primary Request /
www.firstleaf.com/
Redirect Chain
  • https://www.kqzyfj.com/click-2097062-15528858?sid=6JPNMJH1W6BK0BVGWRNXYJXKD
  • https://cj.dotomi.com/d566cy65O/y49/NRROUURU/OMVTMSO/M/M/M?h=v5vq%3DJWcaZWUEjJOXDOiTjeaklWkXQ%3c%3cu6625%3A%2F%2F999.x3CBsw.p1z%2Fpyvpx-FDMKDJF-EIIFLLIL%3c%3cT%3cu6625%3A%2F%2F1pu50r4.2r4x5216.p1z%...
  • https://www.emjcd.com/qn72ft10L/t-4/IMMJPPMP/JHQOHNJ/H/LHHMHMOLNNNQJMPOIO:7lUs2lE1UDJH/rttKwLNHJJsIIIvwPKJvvLtwHrIPsPwP?d=sxni%3DBOUSROM6bBGP5GaLbWScdOcPI%3chot!27u4-imyoCyv%3cmyyux%3A%2F%2F111.pv4...
  • https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+f...
2 MB
301 KB
Document
General
Full URL
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc13a5b15c95c847c3744584433ba0bcbbc857254a6ebf86e5dbd5446873250

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://ochsner.perkspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88eab2752ea703b0-FRA
content-encoding
gzip
content-type
text/html
date
Tue, 04 Jun 2024 20:33:18 GMT
last-modified
Tue, 04 Jun 2024 16:57:11 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
x-amz-cf-id
mHuesaBwcViTdvjdwsWckBJBF_seHAnOpUNd1adELE3ZZ-9BUBxnFg==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront

Redirect headers

Cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Length
811
Content-Type
text/html; charset=UTF-8
Date
Tue, 04 Jun 2024 20:33:17 GMT
Expires
Tue, 04 Jun 2024 20:33:17 GMT
Location
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
P3P
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
Pragma
no-cache
Server
Resin/4.0.66
X-VC-HTTPS
On
track
dc.services.visualstudio.com/v2/
189 B
247 B
Fetch
General
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdn.rollbar.com
URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.25.2/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.238 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
sdk-context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://ochsner.perkspot.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Tue, 04 Jun 2024 20:33:16 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
collectorPost
lib-us-1.brilliantcollector.com/collector/
0
0
Ping
General
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.ADJ33BYQ78QDB2R83SMNLFNXRRBE&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Foffer%2F1431609%2Fnone&X-Tealeaf-SyncXHR=false&X-Tealeaf-MessageTypes=1%2C2%2C7&X-Tealeaf-SaaS-AppKey=f6ce702d3c824416a11711d09caffe00&X-Tealeaf-SaaS-TLTSID=42970361454662089624209081955675&Content-Encoding=gzip
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/scripts/PerkSpot_TLF_SDK_6-1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.5.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-5-161.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://ochsner.perkspot.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

dl
perkspot.zendesk.com/frontendevents/ Frame 1886
0
0
Fetch
General
Full URL
https://perkspot.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jun 2024 20:33:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rhEEjuyg53YUNwAx9eRj4iK5pa0OntfiW9a%2BP1ON5IgG8bELUscFB%2Fae%2FiXLSM2uO5hNw9YntjZa1dAtwzhY8xBViuJCuTRo9bF5CZ8Aoyv8Qp7OBMrwEgK6kqUVhtMvS4C4dI92"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
88eab2744c60362a-FRA
content-length
0
x-request-id
88eab2744c60362a-FRA
dl
perkspot.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://perkspot.zendesk.com/frontendevents/dl?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ochsner.perkspot.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
88eab2730a70362a-FRA
date
Tue, 04 Jun 2024 20:33:17 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESYl9SoR11yCR829ghJx7ziChsbejblBrDOh1uctTl9FXztQ4fp7Y3r8xj0uH3JxPjKeF27A0cJdsGCeno513JIoY77OZZw%2F1Q9sjC40P%2F6yZjbnetHv9k9%2B3DBrhXlLUVy3pz0%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
88eab2730a70362a-FRA
x-zendesk-zorg
yes
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
21 KB
7 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
YmFgVUTeB0lXZXM9YgX19A==
age
86001
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6882
x-ms-lease-status
unlocked
last-modified
Mon, 03 Jun 2024 03:31:36 GMT
server
cloudflare
etag
0x8DC837DAC34E5D4
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
6fc74684-901e-0041-23d0-b5697a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab278782d9bd4-FRA
expires
Tue, 04 Jun 2024 20:39:57 GMT
14C15B4DD1F268EF7.css
www.firstleaf.com/fonts/863556/
Redirect Chain
  • https://cloud.typography.com/7410416/6307592/css/fonts.css
  • https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
251 KB
189 KB
Stylesheet
General
Full URL
https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
122604dbe0e33b2a80cff78e90bd1aefe742828d19a66b357bde8c250035ca33

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Jun 2023 18:04:53 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"01b0c035e870e010817990f18af07eeb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=14400
cf-ray
88eab28128b503b0-FRA
x-amz-cf-id
RaFOHx1OR1PXR-3FZefxKTnAt3S6KB94lZfyZK1JRJQpcfL48BPizA==

Redirect headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Last-Modified
Tue, 13 Jun 2023 18:10:29 GMT
Server
AkamaiNetStorage
X-HCo-pid
16
ETag
"9a52622c3b0b353cd052a5e4518bd213:1686679828.962264"
Content-Type
text/html
Location
https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Tue, 04 June 2024 20:33:19 GMT
gtm.js
www.googletagmanager.com/
400 KB
117 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cf8fbc7a8ffcfe8bc7e2295e4d28b08680c72c965fb73143c48d9de35f353e13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119658
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
90pts-15e4ebaa7e7b9b01d8b91feb293cd430.png
www.firstleaf.com/static/
14 KB
14 KB
Image
General
Full URL
https://www.firstleaf.com/static/90pts-15e4ebaa7e7b9b01d8b91feb293cd430.png
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29096421d65f89dbc13eae16c384c9740d9501763d3e205b640ec6c8ec9ddead

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
14042
last-modified
Wed, 24 Aug 2022 12:51:54 GMT
server
cloudflare
etag
"f9402bea176c89b78d9e749da3df939b"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab2789b9b03b0-FRA
x-amz-cf-id
3kzN0DH1maXGG0bfo4RIwF25xWd608_IDfJmnOhXJw_mZOyvLuxHBA==
email-decode.min.js
www.firstleaf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
847 B
Script
General
Full URL
https://www.firstleaf.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 24 May 2024 15:04:33 GMT
server
cloudflare
etag
W/"6650ac81-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
88eab278aba803b0-FRA
expires
Thu, 06 Jun 2024 20:33:18 GMT
app-0fc218b53b5d752b098f.js
www.firstleaf.com/
6 MB
2 MB
Script
General
Full URL
https://www.firstleaf.com/app-0fc218b53b5d752b098f.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24eb53eabe33e11103a138ff57db03bfc503990300bec8d827b0bc8888f33a85

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
via
1.1 b744839339b269ebb49818cc6c300b6a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
5191
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 04 Jun 2024 16:57:10 GMT
server
cloudflare
etag
W/"bde7cc2aa55f79532f8ad5e7a99b3395-2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
88eab2794c9f03b0-FRA
x-amz-cf-id
RLWGN5LeDBQRcj-51sI0UZBcF9tuPFQsygpwvpcpJ1RD5GrjV2g3CQ==
framework-a08bc9de2f7ae97b3053.js
www.firstleaf.com/
146 KB
46 KB
Script
General
Full URL
https://www.firstleaf.com/framework-a08bc9de2f7ae97b3053.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
292105f3e2b9986f0cd0ccdbd5e7b6c77ac28631b7177931cc503b6a131a9496

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
1102182
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 04 May 2024 08:16:28 GMT
server
cloudflare
etag
W/"fc7b78db7bf9648a0640f7723a6613ce"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
88eab2794ca103b0-FRA
x-amz-cf-id
bgewlb-IZSkz4uiqEZg-RaOdsvuqdd5EA2MB8qXyHWSRzvSSPgP7vQ==
webpack-runtime-399e3d69c254243f395b.js
www.firstleaf.com/
4 KB
2 KB
Script
General
Full URL
https://www.firstleaf.com/webpack-runtime-399e3d69c254243f395b.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eaeac41fb882ea71147095af18b42229c7039e7ca7172077118b4f1a1427837

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
via
1.1 73ce513d12556804240bd1d312686daa.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
76081
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 03 Jun 2024 18:17:23 GMT
server
cloudflare
etag
W/"ad2c09ae7971f7ef6a79f0abaa529db3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
88eab2794ca303b0-FRA
x-amz-cf-id
MsQt7w1ulx5t6QrXzX0JSIyr6VNiP5ctvye6e-eKQapHLs6gzsP1AA==
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
last-modified
Mon, 03 Jun 2024 22:09:07 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88eab27979e737fe-FRA
d59f7da2-0cea-4d7b-9f00-32f1d3392306.json
cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/
5 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/d59f7da2-0cea-4d7b-9f00-32f1d3392306.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5079c2044ec67bf73a5e412ccd6a94937df21a933b67aa05537651d828b08688
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17399
content-md5
VUgUDxTIPqfnxbrARuTO+A==
content-length
1814
x-ms-lease-status
unlocked
last-modified
Tue, 20 Feb 2024 20:31:55 GMT
server
cloudflare
etag
0x8DC3252FAC58192
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
fe39f0cf-301e-00a2-413b-64039a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab279195a3718-FRA
expires
Wed, 05 Jun 2024 20:33:18 GMT
sp-at-v2-14-0.js
images.firstleaf.com/js/
98 KB
30 KB
Script
General
Full URL
https://images.firstleaf.com/js/sp-at-v2-14-0.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
via
1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
last-modified
Mon, 27 Jul 2020 04:28:00 GMT
server
cloudflare
x-amz-cf-pop
FRA60-P9
etag
W/"8dba669b94e3865c9205ef8fd15ee4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
88eab2797cf203b0-FRA
x-amz-cf-id
PdGcL0T06PZ2jyQVKcREVDlPXYA-o4aFhBu6tah6GjZum2yS_MyKRQ==
truncated
/
5 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db72946d7e5de9f5eedf02409003a70621fb312a412b20ad7101dce429f4c660

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64579265ac53250228d0e6597896c3faf62fbcd2af4525187ff6c7aca3a941ef

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
618 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7b8ca6808841631e8986d8a43b2b27636a2798b634857d8371a25aa242a8ed15

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0957d3f57a55721932bb9108206408cf1ab73cb07b68c906b0bae5b33d6c86da

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
370 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
265ee206b3bbec34580c9ccd3d5c99b07aab46a6979b8b6c6d8ad7795ec8d29c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34d47e495f9f683e26f67a8757fdd6053f8a9bc1d95d1ffe1c69358567105a44

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
613 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76390c8f01397fe473dd1a9689e94caea2a001592c7b71bc85410c388078d304

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1cef3c9f2d582f913f12a16fe304c7d64bd80739793a9bf8d7d8978c311e294

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
304 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
752b0df67450b460c6070644d74502a5ee3bf5f7681cde08b88b9a565ea7d900

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75abe68aefa57c71e32c2a41bc8d4e55918f581d76029cd09184f4a686e16885

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
443 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef7c3ec15e1e423c22bab123027bd62ff8d14d0905051478fd115c3fcf482d56

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
320 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df4915a52982babc1ba87778cb1c1d68184fee5fe5d8133daf63ee37916d6b4e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
381 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
84202b70bdd60a2d4d292c955cb907a98ff6c96939d043aa3aeb73cddb7ff14a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b1cfc36a0f3d40f2e7750ec4c544c44148745f86a584b49f4a73eb615be70e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb90630563e30e234ad66a39f4fe11f207a37232dd0b8de2e045299a41166a4b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12a71a8d2d1307f74607a807ceb66a66f427a11d65538021190b620efcb0bb3e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49e44366a56a91fd7870e6427b68d01a63cf56679eb0d5406542b6244bb379fb

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1045430f393626478daa15a99c433956371eb7363b26a5239f721f014ba52fa0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
4 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
258d39625e15cbce053f80b72dc2f7ca999fc5a6943fb10e75e3cb2126be996e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
248545e3f805a6f3ff979c55e0e3951a2fa6f1018529b99f291e93c7a803ee1d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
631 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3235f2fbf9e2142357ed4a2a96e684976b5c0928dfe3419edde88e9b030678f9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b5bb6b017ac0ac368ddddd713df7f918eeb1d86fbe3ef7895f040f170b15699

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
671 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4eb1ca83acf3409e1a0553e0d84cec3787630361ec5668dd1dde93860f3bc357

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5e3256799bc9eb6a1ad57001ad69b0946e4532d103092dd0557c02d84e6b4a7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
492 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
623c33b9ef9f3871f596b2f721d622b8c4a530b147cc6a9ec2e405f89fe68f7a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
68 B
306 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
accept
application/json
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
88eab27a0fc1382e-FRA
access-control-allow-headers
Content-Type
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d5ac92cc9565d62cd713fe2d946793ffb805012b57f610830403afb67907030

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
568 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02d0cddb81ecbfffffc3b2eba469a45372e7cc0244222faa422b502b3046a509

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
3 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
june-sale.webp
www.firstleaf.com/static/3c00035f02aa8c32b0a07adc8e4c91c2/9a850/
107 KB
107 KB
Image
General
Full URL
https://www.firstleaf.com/static/3c00035f02aa8c32b0a07adc8e4c91c2/9a850/june-sale.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89032564e6d3f942b5fd3006a7400053eaa8b41669312bca3c2439519f51e9d4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 29c868286336e075999c6b1e1de4f42a.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
CDG50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
109514
last-modified
Wed, 29 May 2024 15:40:15 GMT
server
cloudflare
etag
"dca2dd2d2e76a05df2b61fefff8a30ab"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8003b0-FRA
x-amz-cf-id
zhTDrFW699eMsOV-NWyxFS4ZPBdfUQlXFctoZ3uYtohwucu5kJTjsA==
delish-logo.webp
www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/
5 KB
5 KB
Image
General
Full URL
https://www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/delish-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fef107653c701e27e261629b2811d42812092e1a84dd37cf78505f2fc8b9263

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5296
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"6635b416d10084f4b359d8540323ee89"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8203b0-FRA
x-amz-cf-id
Id7myhdvP07cazvXF-g1NPRdH1USYJq5rrnyMI4Tf5cGffA_BVT7WA==
et-logo.webp
www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/
2 KB
3 KB
Image
General
Full URL
https://www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/et-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b3af7627754fb77e81a93ea2f16b79b2031053d89874185cae2c56a483d08c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2556
last-modified
Wed, 24 Aug 2022 12:52:01 GMT
server
cloudflare
etag
"accddb4eea8a3c48a125329a5bd884d7"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8303b0-FRA
x-amz-cf-id
HdUFDHGVAOAkk1kXFcmrw5lqI_0JwrH0A3Icnfpw7SgZBAKLwfFEJw==
refinery-logo.webp
www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/
9 KB
10 KB
Image
General
Full URL
https://www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/refinery-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205c86a65825a5cae580606dc8db260aba5150e8e664ce82429210373dc55500

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9686
last-modified
Wed, 24 Aug 2022 12:51:48 GMT
server
cloudflare
etag
"a0edff43f8f9820869016fff9c1a9a3c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8603b0-FRA
x-amz-cf-id
SCqL-FAQTvxNcXwqRBurQHCF70mtLTqBVRVv6a2wpwGNKQoGJuVeiw==
gq-logo.webp
www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/
3 KB
4 KB
Image
General
Full URL
https://www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/gq-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1415968c3140de6e284d1cfb23dea33007c6a6d330266e79285435391c5eb6ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3406
last-modified
Wed, 24 Aug 2022 12:51:51 GMT
server
cloudflare
etag
"ea5cc5225df2bdbb32b7a3af8e073f65"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8703b0-FRA
x-amz-cf-id
upBH06KewjxiJanF25vKCihcCOqZnBUtGHbo9e-xOSBoCl3h9lLVuQ==
vogue-logo.webp
www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/
5 KB
5 KB
Image
General
Full URL
https://www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/vogue-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daefedd2e398c22660777ab5ef9484f17e983582e7e37acf86eedc070939b5b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5128
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"cd9b8702000743983c55087bec7f8368"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8a03b0-FRA
x-amz-cf-id
Tr4QsvsjkZVVD_S3jF6S_1uEaAVxotdITATuZrNP7mFcqvDeTm8XMQ==
paste-logo.webp
www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/
5 KB
6 KB
Image
General
Full URL
https://www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/paste-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0984caa842a2742f3271f93672d42f9710b94712e52e03afe8cc48cd508f30c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5554
last-modified
Wed, 24 Aug 2022 12:51:46 GMT
server
cloudflare
etag
"670421e827b7cbfe23cd872e5f62c362"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8b03b0-FRA
x-amz-cf-id
XvroKfjddOL75yTOOlrFheugqnJ_5MDUxDo3Ho6qVCqpG4fSkGH4QQ==
how-it-works2.webp
www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/
206 KB
207 KB
Image
General
Full URL
https://www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/how-it-works2.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d7a648ca04cccfc1f7353206a38dfb8e8d83917581b6e4aabbb32fdf96d7b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
211450
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"892a48fc8555d05a705468590846d6b4"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8e03b0-FRA
x-amz-cf-id
Ko9lI2WW5ZYhnVDIfEbGUDV1XpoFdsjlVeE3IVAhrV3Ld2m5y0CqpA==
wineprint-in-mobile.webp
www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/
22 KB
22 KB
Image
General
Full URL
https://www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/wineprint-in-mobile.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22690
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"4ca1653d35f298be8a4317172979871c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed9103b0-FRA
x-amz-cf-id
YUZ3m33nesgRFKaVOwOFyfKS7Zm8yI93sECkCIMACKeybQptFqO5kQ==
sat-guaranteed.webp
www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/
35 KB
35 KB
Image
General
Full URL
https://www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/sat-guaranteed.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f7f75ba1ead3c1ec7462a8b611d4134ea5e35a55548555ae8740e09e53eb25

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
17233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35550
last-modified
Wed, 24 Aug 2022 12:51:50 GMT
server
cloudflare
etag
"cd6ee276c1e8d292afd03e3891f9b8a2"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed9403b0-FRA
x-amz-cf-id
pz32P0ktHzSBfKuRTtDBrDGNx4yiQfXXHRu-zzOZTwehcUNPCnzkJA==
new-wines.webp
www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/
51 KB
51 KB
Image
General
Full URL
https://www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/new-wines.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3fcf5221eab4ec22a205ce0368fc823df1f7331a19358975166ae170978973

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
17233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52056
last-modified
Tue, 04 Oct 2022 15:55:48 GMT
server
cloudflare
etag
"101e5f85d968afd3c0d4cbcab3491acb"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279fd9803b0-FRA
x-amz-cf-id
VCHGtlwLAAcMjkW8juqgqob-0Rs6cGWScZW_1dxkrK9mElu3kgpGuA==
refinery-logo.webp
www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/
9 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/225ee55e4cf2354368ab0e4c6852b77d/7916f/refinery-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205c86a65825a5cae580606dc8db260aba5150e8e664ce82429210373dc55500

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
9686
last-modified
Wed, 24 Aug 2022 12:51:48 GMT
server
cloudflare
etag
"a0edff43f8f9820869016fff9c1a9a3c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8603b0-FRA
x-amz-cf-id
SCqL-FAQTvxNcXwqRBurQHCF70mtLTqBVRVv6a2wpwGNKQoGJuVeiw==
et-logo.webp
www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/
2 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/f5ab334bcff67d57ad02724d710d65c5/fdda5/et-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2b3af7627754fb77e81a93ea2f16b79b2031053d89874185cae2c56a483d08c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2556
last-modified
Wed, 24 Aug 2022 12:52:01 GMT
server
cloudflare
etag
"accddb4eea8a3c48a125329a5bd884d7"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8303b0-FRA
x-amz-cf-id
HdUFDHGVAOAkk1kXFcmrw5lqI_0JwrH0A3Icnfpw7SgZBAKLwfFEJw==
gq-logo.webp
www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/
3 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/5ec02f8cf7724ed8f47fb54cf9ef4615/2dd6f/gq-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1415968c3140de6e284d1cfb23dea33007c6a6d330266e79285435391c5eb6ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 1eee8db55908814c8f0cde754e3bee5a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3406
last-modified
Wed, 24 Aug 2022 12:51:51 GMT
server
cloudflare
etag
"ea5cc5225df2bdbb32b7a3af8e073f65"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8703b0-FRA
x-amz-cf-id
upBH06KewjxiJanF25vKCihcCOqZnBUtGHbo9e-xOSBoCl3h9lLVuQ==
sat-guaranteed.webp
www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/
35 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/4a79346580b4706e22079e7252d5046c/8b621/sat-guaranteed.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f7f75ba1ead3c1ec7462a8b611d4134ea5e35a55548555ae8740e09e53eb25

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 9418ec5c8ad0c320eddf5061646e3d88.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
17233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35550
last-modified
Wed, 24 Aug 2022 12:51:50 GMT
server
cloudflare
etag
"cd6ee276c1e8d292afd03e3891f9b8a2"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed9403b0-FRA
x-amz-cf-id
pz32P0ktHzSBfKuRTtDBrDGNx4yiQfXXHRu-zzOZTwehcUNPCnzkJA==
wineprint-in-mobile.webp
www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/
22 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/wineprint-in-mobile.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22690
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"4ca1653d35f298be8a4317172979871c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed9103b0-FRA
x-amz-cf-id
YUZ3m33nesgRFKaVOwOFyfKS7Zm8yI93sECkCIMACKeybQptFqO5kQ==
delish-logo.webp
www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/
5 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/099f203950f76a6b78aa045527551a6b/316c5/delish-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fef107653c701e27e261629b2811d42812092e1a84dd37cf78505f2fc8b9263

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 67cd7fbfa7b3b35b6217719b3f0167d2.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5296
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"6635b416d10084f4b359d8540323ee89"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8203b0-FRA
x-amz-cf-id
Id7myhdvP07cazvXF-g1NPRdH1USYJq5rrnyMI4Tf5cGffA_BVT7WA==
paste-logo.webp
www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/
5 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/161ef690d899dd6a68ecc73f173bb621/316c5/paste-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0984caa842a2742f3271f93672d42f9710b94712e52e03afe8cc48cd508f30c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 1e0f88a39289286be3e03ff93487da80.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5554
last-modified
Wed, 24 Aug 2022 12:51:46 GMT
server
cloudflare
etag
"670421e827b7cbfe23cd872e5f62c362"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8b03b0-FRA
x-amz-cf-id
XvroKfjddOL75yTOOlrFheugqnJ_5MDUxDo3Ho6qVCqpG4fSkGH4QQ==
new-wines.webp
www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/
51 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/a1c3206251698ad6c2fe364e00bea160/83805/new-wines.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3fcf5221eab4ec22a205ce0368fc823df1f7331a19358975166ae170978973

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 9ac192ffc1203361ea1141b56df84966.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS58-P3
age
17233
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
52056
last-modified
Tue, 04 Oct 2022 15:55:48 GMT
server
cloudflare
etag
"101e5f85d968afd3c0d4cbcab3491acb"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279fd9803b0-FRA
x-amz-cf-id
VCHGtlwLAAcMjkW8juqgqob-0Rs6cGWScZW_1dxkrK9mElu3kgpGuA==
vogue-logo.webp
www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/
5 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/09d59b0136674797911e344bd81bb44d/316c5/vogue-logo.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daefedd2e398c22660777ab5ef9484f17e983582e7e37acf86eedc070939b5b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f99e0a5708c6297d4aa91b3e4794707e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
5128
last-modified
Wed, 24 Aug 2022 12:51:45 GMT
server
cloudflare
etag
"cd9b8702000743983c55087bec7f8368"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8a03b0-FRA
x-amz-cf-id
Tr4QsvsjkZVVD_S3jF6S_1uEaAVxotdITATuZrNP7mFcqvDeTm8XMQ==
how-it-works2.webp
www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/
206 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/3b28ccc45b5e797669c9daddbc1e3c17/230e2/how-it-works2.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d7a648ca04cccfc1f7353206a38dfb8e8d83917581b6e4aabbb32fdf96d7b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 d8ec42efeb409ac816e90eb0236c1f4a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219123
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
211450
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"892a48fc8555d05a705468590846d6b4"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8e03b0-FRA
x-amz-cf-id
Ko9lI2WW5ZYhnVDIfEbGUDV1XpoFdsjlVeE3IVAhrV3Ld2m5y0CqpA==
js
www.googletagmanager.com/gtag/
344 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3TS4P88RE5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
39f6aced528e1c221ee02c35a0dc94817de422dccf470e73e235f999b4c46a80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
109132
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 04 Jun 2024 20:33:18 GMT
wxyz.cs.js
rbv9j7km.firstleaf.com/assets/
49 KB
11 KB
Script
General
Full URL
https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.94.108 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:18 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
fbevents.js
connect.facebook.net/en_US/
219 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Jun 2024 20:33:18 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=12, mss=1297, tbw=2779, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Y9mdt4Mlvjl+SA+plc8U99Gkrn5CKLeA3jg9bQZjNi9QKQGfMgcifn+vuoJJ+KLH7qsJq5I907gUg0OklNq+WQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bat.js
bat.bing.com/
45 KB
13 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 04 Jun 2024 20:33:18 GMT
last-modified
Thu, 29 Feb 2024 19:58:06 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E537191F6CB549CE9222943336DE7CEC Ref B: FRA31EDGE0516 Ref C: 2024-06-04T20:33:18Z
etag
"01b4e9c496bda1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
13261
ping.min.js
cdn.pdst.fm/
18 KB
18 KB
Script
General
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 19:50:31 GMT
age
2567
x-guploader-uploadid
ABPtcPq1cPXrLTHIhZzxmc8kHlcz7xFUsJOvGoOmOmRFC9yVrMcT2OnPufeIZlKiarF1AjF2x8jFQrRohw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17985
last-modified
Tue, 14 May 2024 14:35:47 GMT
server
UploadServer
etag
"d7cac522641241ca4e9ceac4f1b458e8"
x-goog-generation
1715697347359123
x-goog-hash
crc32c=Q65p8w==, md5=18rFImQSQcpOnOrE8bRY6A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
17985
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 04 Jun 2024 20:50:31 GMT
fs.js
edge.fullstory.com/s/
273 KB
74 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:16:40 GMT
content-encoding
br
age
998
x-guploader-uploadid
ABPtcPoNn0_QgAhjxTrrqADq7Ol3fEAz_0YCe268ur12jiFM469qKTSf_7vrcekCQDcx8IfPfaHXmdl1-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75399
last-modified
Mon, 03 Jun 2024 19:13:28 GMT
server
UploadServer
etag
"9518bfdd8ce5a4d07426912e49eab44e"
vary
Accept-Encoding
x-goog-generation
1717442008056727
x-goog-hash
crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75399
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jun 2024 21:16:40 GMT
widget_async.js
d2mjzob2nc713b.cloudfront.net/widget/
Redirect Chain
  • https://shop.pe/widget/widget_async.js
  • https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
3 KB
2 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Server
2600:9000:26db:6000:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f235d19f5cf10061b266c784723b2829a7acab9b88ac8924b5aac3d0be0b438

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:13:40 GMT
content-encoding
gzip
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1192
last-modified
Mon, 20 May 2024 15:33:23 GMT
server
AmazonS3
etag
"5bcfe272ba6cc455636cdb5e7f6bce0c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
Hf4PxQsj_SSAP27m_fYAZXrjVUG1bXYgL2J7kt1t9cdty84xyUGpJw==
x-amz-meta-mtime
1716219202.04

Redirect headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-security-policy
frame-ancestors none;
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
server
nginx
x-frame-options
deny
content-type
text/html
location
https://d2mjzob2nc713b.cloudfront.net/widget/widget_async.js
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
162
btp.js
www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/
5 KB
2 KB
Script
General
Full URL
https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
67.225.220.126 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-powered-by-plesk
PleskWin
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 18:43:00 GMT
server
Microsoft-IIS/10.0
etag
"092bb8ef317da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
1649
4f1bd082-d454-42cb-bafd-026640e9800e
tag.simpli.fi/sifitag/
3 KB
2 KB
Script
General
Full URL
https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F9XnWB82ToI4nt3hsSsB
expires
Thu, 01 Jan 1970 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/
10 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
16EJPM9K30XP37FF
age
55
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
z1V/NuijnK7Md6R8xho26aVzAi5YWZpIy2l2KX04qLLf562XDGukX+pnpGWp4oLzz96OIYLMddM=
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y7ojv4UHWNwYMbGVC%2Ba6zRzmpc6vSLsnqhXpd5ut4MLoEIkY4HVveSytzKZ29dBNlxoMGV3277wk3HboRLdo4sfHTo8NXuonb2qB%2FPIACFrUmk%2BeSija%2BilwLsREQirDcK%2FTnTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
88eab27afe438fdc-FRA
access-control-allow-headers
*
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202401.2.0/
430 KB
105 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ekgyiOgvSPjNzcyXVUS11Q==
age
9115
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
106739
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:28 GMT
server
cloudflare
etag
0x8DC3E996ED117D9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e31c6377-501e-009b-7f34-71f886000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab27aab789bd4-FRA
ppt=18168;g=landing_page;gid=41654;ord=666786697;ip=80.255.10.204;cuidchk=1
trkn.us/pixel/conv/
Redirect Chain
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697
  • https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697;ip=80.255.10.204;cuidchk=1
42 B
721 B
Image
General
Full URL
https://trkn.us/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697;ip=80.255.10.204;cuidchk=1
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
HTTP/1.1
Server
104.115.82.24 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-115-82-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 04 Jun 2024 20:33:18 GMT
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection
keep-alive
Content-Length
42
Expires
Sun, 9 Nov 1980 12:58:00 GMT

Redirect headers

Location
/pixel/conv/ppt=18168;g=landing_page;gid=41654;ord=666786697;ip=80.255.10.204;cuidchk=1
Date
Tue, 04 Jun 2024 20:33:18 GMT
X-Content-Type-Options
nosniff
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
tag.js
www.mczbf.com/tags/11334/
44 KB
14 KB
Script
General
Full URL
https://www.mczbf.com/tags/11334/tag.js
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b600:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a78545ff9d332fc6562856806b47f06b30d9c198b665e2da6cc38b772f0e0c8c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:17 GMT
Content-Encoding
gzip
Via
1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
MUC50-P1
Age
1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Cache-Control
max-age=1800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
X-Amz-Cf-Id
K97mpNpnvrY3E9kqyfgzqYrwNwSA5LO120VoVsE5rLPKWxKjo65Dcg==
X-Request-ID
aca5fdad-22b1-11ef-813a-5ff2242ff265
v3
js.stripe.com/
606 KB
148 KB
Script
General
Full URL
https://js.stripe.com/v3
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-0fc218b53b5d752b098f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.0.176 -, , ASN (),
Reverse DNS
Software
Fastly /
Resource Hash
7ed8e48609e218aece99f83120c470278732e49fa4aa008eef438954ce8396bb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 varnish
age
37
x-cache
HIT
content-length
151105
x-request-id
70217c3e-b861-4ab9-8b16-f1b9fb2ddea4
x-served-by
cache-fra-etou8220115-FRA
last-modified
Tue, 04 Jun 2024 17:44:27 GMT
server
Fastly
etag
"bbe585b71b38abf556d606be4c6cbb03"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
9
43-045885a313a9d7be16f4.js
www.firstleaf.com/
95 KB
24 KB
Script
General
Full URL
https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/webpack-runtime-399e3d69c254243f395b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d119667c2e81e94f2b472e140074e3f61ad2e1344fc9a426c65a74f840cc803

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
507876
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Wed, 17 Apr 2024 16:38:46 GMT
server
cloudflare
etag
W/"ed82ab776b0de7517f560e99aa00e706"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
88eab27b982603b0-FRA
x-amz-cf-id
XYqQh8_6S9PGQO47nr7ll3rnqvMAWiAvPmo9luHWRzGX-DlMvdUN3w==
app-data.json
www.firstleaf.com/page-data/
50 B
370 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/app-data.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-0fc218b53b5d752b098f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ef93342665779e972e36327617e91a5afaeb1aee603a3bf6bc78288203e22a1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Jun 2024 16:57:12 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"fe6dc10a88e18d49e1bb2af6ed9c1265"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27b982803b0-FRA
x-amz-cf-id
7wb7p018efD2IQcx6s2Dvw1rrurAUro5LZ2cKi4fqwALj7tQLT2BnQ==
page-data.json
www.firstleaf.com/page-data/index/
467 B
530 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/index/page-data.json?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/app-0fc218b53b5d752b098f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8f44264d68c7262a98c0ff3408e35c98df3173b17e4d4274554ba2050d7e4b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Mon, 29 Apr 2024 15:27:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"80cacce87d148cf2fd3151134632c48c"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27ba82903b0-FRA
x-amz-cf-id
dGLrmwkEKGLaUkbyIMgX4WvtBY4a8kJbI5P1sJdY_kFtCbXAfZjZxg==
june-sale.webp
www.firstleaf.com/static/3c00035f02aa8c32b0a07adc8e4c91c2/9a850/
107 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/3c00035f02aa8c32b0a07adc8e4c91c2/9a850/june-sale.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89032564e6d3f942b5fd3006a7400053eaa8b41669312bca3c2439519f51e9d4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 29c868286336e075999c6b1e1de4f42a.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-cf-pop
CDG50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
109514
last-modified
Wed, 29 May 2024 15:40:15 GMT
server
cloudflare
etag
"dca2dd2d2e76a05df2b61fefff8a30ab"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed8003b0-FRA
x-amz-cf-id
zhTDrFW699eMsOV-NWyxFS4ZPBdfUQlXFctoZ3uYtohwucu5kJTjsA==
1669030446688031
connect.facebook.net/signals/config/
306 KB
94 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1669030446688031?v=2.9.157&r=stable&domain=www.firstleaf.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f184432dd488ab3c95ed958bae7c5af3ba1ad6e2bcb7d922b9f04753b19be689
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 04 Jun 2024 20:33:19 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1297, tbw=63510, tp=-1, tpl=-1, uplat=553, ullat=0
pragma
public
x-fb-debug
MHcNGCi8F3dA0H99psz6LSQLpLlD7P1DyQyOPWzGR4gaFUjsRUyFanKc8nokz7fTzVnMWJWqPib19uS7Or66RA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
en.json
cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/2e7c8b06-d602-4a88-beb5-ebeaca523976/
55 KB
14 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/d59f7da2-0cea-4d7b-9f00-32f1d3392306/2e7c8b06-d602-4a88-beb5-ebeaca523976/en.json
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b62d8bb6ef0f7b2aaaffc6023c4c9f2de1a262a77cdbf55c0da18ff9a992a08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
17397
content-md5
QRaoFyV4sBeQMNGFOhNHTg==
content-length
13926
x-ms-lease-status
unlocked
last-modified
Tue, 20 Feb 2024 20:32:08 GMT
server
cloudflare
etag
0x8DC3253023AF6B0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
88b30b95-a01e-0009-5169-797c50000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab27d2edf3718-FRA
expires
Wed, 05 Jun 2024 20:33:18 GMT
web
edge.fullstory.com/s/settings/134SPF/v1/
8 KB
2 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/134SPF/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
79304d689151775ea29bf5cd88088cab3584d5267a3aefa1e8260fd668df9386

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPpDZ2GPcmrmPCHzJn9_36iIwoTlxHzfITM8HVBGIsVf1L06vNrkNlfum2Z2XznYLePQopY
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2146
last-modified
Tue, 04 Jun 2024 20:30:47 GMT
server
UploadServer
etag
"ad44e1b0fa8192b86be572fa8474f65a"
x-goog-generation
1717533047227257
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=+HZNBQ==, md5=rUThsPqBkrhr5XL6hHT2Wg==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
2146
accept-ranges
bytes
expires
Tue, 04 Jun 2024 20:48:19 GMT
b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
ekr.zdassets.com/compose/
1 KB
1 KB
Fetch
General
Full URL
https://ekr.zdassets.com/compose/b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1837f042b4fc484360f5c6c95f266846218f5293833687d8409863f8d1e30490
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
age
1
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
88e8ff64f8369b78-SEA, 88e8ff64f8369b78-SEA
x-runtime
0.026415
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1837f042b4fc484360f5c6c95f266846"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MwkMMmzPNd6Er4j70pe%2B0f3AdkwrJ7yq8gtTBUZPTU7ywpob3pCslt9gdvsuPqQXTANWYN4sWgCnRYsBbKHvRBQgKxYFrqxiR9v5Aio5iD94WQYGkOD%2F%2F6pcRkhnR%2BQ1BQ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
88eab27e19e23722-FRA
seteventid.png
www.mczbf.com/tags/images/acc3f46022b111ef832ee4cf0a18b8f8/11334/21318c99-4930-4af1-9f4a-44674f5fe53c/
68 B
995 B
Image
General
Full URL
https://www.mczbf.com/tags/images/acc3f46022b111ef832ee4cf0a18b8f8/11334/21318c99-4930-4af1-9f4a-44674f5fe53c/seteventid.png?hasConsent=true&cjConsent=MXxZfDB8WXww
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b600:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Via
1.1 dcfe318aa268be733627ea7884246be4.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
DdZwV-U5UlgUTYPZ3s1ejXruGXuKXE1vLoDJbx-BpI9j-0GN7VZhAg==
X-Request-ID
adb17af9-22b1-11ef-ac38-c358117534a6
lightbox_speed.js
www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/
3 KB
1 KB
Script
General
Full URL
https://www.lightboxcdn.com/vendor/8158d925-0b30-4be6-bcc9-4670b48f34c8/lightbox_speed.js?mb=1717533199038
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6d19321dde38e335a0d585c0a5e083e7ed041bca02a1152c8157112cf15164

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
90lsP72i/fnEnHAjzhK4BQ==
age
1
cf-polished
origSize=4971
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 03 Jun 2024 14:01:36 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
12ca5030-d01e-0022-0ec2-b57606000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
88eab27e7ae718cd-FRA
expires
Tue, 04 Jun 2024 20:34:19 GMT
5565374.js
bat.bing.com/p/action/
0
117 B
Script
General
Full URL
https://bat.bing.com/p/action/5565374.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Tue, 04 Jun 2024 20:33:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BCC1F001C2A47CFB86312B3D523B558 Ref B: FRA31EDGE0516 Ref C: 2024-06-04T20:33:19Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
287 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=d6b4f0e3-57eb-4cf8-b10b-1d0d0f2fca4b&sid=adb18b6022b111ef99d7fdce064dd159&vid=adb4207022b111ef9893c3dbaf8bd2e2&vids=1&msclkid=N&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&p=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&r=https%3A%2F%2Fochsner.perkspot.com%2F&lt=1181&evt=pageLoad&sv=1&rn=273345
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 20:33:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B24C8AEA8DF8438087F92E70DBCEDA3B Ref B: FRA31EDGE0516 Ref C: 2024-06-04T20:33:19Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/
2 B
123 B
Fetch
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://www.firstleaf.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
server
Google Frontend
access-control-allow-methods
GET, POST
content-type
text/html; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
042aad71cdace214e865bd8cbb9fab92
cache-control
private
function-execution-id
x5v3qy2o8kra
access-control-allow-headers
Content-Type, Accept
content-length
22
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame
0
0
Preflight
General
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 20:33:19 GMT
function-execution-id
g57o3htm8hdc
server
Google Frontend
x-cloud-trace-context
ddb89a326f5aa2148f7cc43ff6fae997
integrations
rbv9j7km.firstleaf.com/
48 B
252 B
Script
General
Full URL
https://rbv9j7km.firstleaf.com/integrations?source=firstleaf
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.94.108 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
jpuid
rbv9j7km.firstleaf.club/
67 B
409 B
Script
General
Full URL
https://rbv9j7km.firstleaf.club/jpuid?jsonp=RB.jsonPUID
Requested by
Host: rbv9j7km.firstleaf.com
URL: https://rbv9j7km.firstleaf.com/assets/wxyz.cs.js?rb_sync=rbv9j7km.firstleaf.club
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.230.25 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
51b1a105286a5a2b40636abe563ec29f44a9567ab90dd0fb05c4b051bc49cae7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Content-Encoding
gzip
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript
/
sentry.io/api/1397651/envelope/
2 B
324 B
Fetch
General
Full URL
https://sentry.io/api/1397651/envelope/?sentry_key=ff909656e90d411f9069253f654c00ac&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.26.0
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
pageInfo
www.mczbf.com/11334/
68 B
714 B
Fetch
General
Full URL
https://www.mczbf.com/11334/pageInfo
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:b600:16:4ed5:12c0:93a1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Referer
https://www.firstleaf.com/
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Via
1.1 f8d34d99bd5a267bad6857ae101ea8e2.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
MUC50-P1
X-Cache
Miss from cloudfront
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
68
X-Amz-Cf-Id
dIu_LcJW3KBtKt0vRUmrEF6xDqqlwb7lHqnbyQdc-KKlQh5TU7OoSw==
X-Request-ID
adc7e89b-22b1-11ef-a2ea-7b848c940cf1
1127810653.json
www.firstleaf.com/page-data/sq/d/
898 B
580 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1127810653.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cbc6dcd7a381454f1aa9968e8213c7f46620a43e4f38ac4d248aec2c422547a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"d9e5d79a522a63af8a6e2cdcb13a408e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edca803b0-FRA
x-amz-cf-id
bHpUEaKbOFCwLNeUbzJtMX6-REucDoKsgI4vAdPwPuXRnAqhjBEKDQ==
1336607429.json
www.firstleaf.com/page-data/sq/d/
8 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1336607429.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cce753ae3b1e52fa4eaeff638550c3fea3040a4e4822adfc070918eb4f1e0b4e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 64c8688da1fd73389eb91af90ae83792.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 05 Sep 2023 08:20:32 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"6d0f32099667dcd6d847a977984787a3"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcb103b0-FRA
x-amz-cf-id
LgRYx6RxpvpSa8npXXAgtOUY_z_LsRjytFuybHegwiMiGwnDBHLCtA==
1417137468.json
www.firstleaf.com/page-data/sq/d/
15 KB
3 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1417137468.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba9dac5e99c68daea781ce9e6cd224e9355aeeeb55408e12963cb9d50aaae621

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Jun 2024 16:24:53 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"6fa0c9aed1c5ad2359a545828ac70b2a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcb403b0-FRA
x-amz-cf-id
tOHr2dpzzsMSTbHkoPH49ZN55avFDkTrJiRmSjWL_mWPXV4CqpWbPQ==
1773341317.json
www.firstleaf.com/page-data/sq/d/
321 KB
58 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1773341317.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba11dee09fd18ae7f53cc22c8148bdd86b39fba0b888976a97235e1cd953de0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 74cd4e6bd806cc7209ac94e0173f5ac8.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"1ff359504264325f58bad15afdf413a4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcba03b0-FRA
x-amz-cf-id
pxg1czYc-c1FKg3iVc_1kHm8RmutZbbNZ1Y3dMyOy6GC67ySKqMqWQ==
1806462600.json
www.firstleaf.com/page-data/sq/d/
3 KB
750 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/1806462600.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d4d591156a0c14d4990f575daea57d7ca5ae8bb4021fc38d66445578e77b3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 12 Oct 2023 19:54:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"98900a93434132189ab0148c1acaf82b"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcbd03b0-FRA
x-amz-cf-id
5TXrarqnyfKS1viMa_3K1HIsloM1OvCBEfOlkkBHhklDRUdc_qZcqg==
2343482889.json
www.firstleaf.com/page-data/sq/d/
81 B
306 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2343482889.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c472f5fc6038aa27db8aa76648236f916446c78b691d4211ef95a546411ca8b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 a530f843a2269d63579bc4238b63fbac.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Aug 2022 12:51:27 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"bcbe45f39971408a2e07253a116c24f7"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcc003b0-FRA
x-amz-cf-id
Dfnhs9DB-Yb9f0BhUV6o5K4go0ge5gCAmdBBfrHEhpCLov5ZdIPc8A==
2446253125.json
www.firstleaf.com/page-data/sq/d/
2 KB
951 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2446253125.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc84cd40ef02e70aa5996747df4659e7ea7da89f8d108eabac6e589cf34090c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"220e74a11a9dd36eb3f1b15d96abe041"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcc103b0-FRA
x-amz-cf-id
ixro8aAGER0-7xSBvGmp5g4o9DP-AVIfx3mNXOpKQS5EzNSr7i2nKA==
2625547197.json
www.firstleaf.com/page-data/sq/d/
35 KB
6 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2625547197.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34466fc68533c14d790da043c86dd38955d40207eb37dd1e78e50ff0a4847b7f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Jun 2024 16:58:24 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"011d9c27f07ce2caaee00de98e571492"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcc203b0-FRA
x-amz-cf-id
U8YXG75pnaFW9zHxYwLdzDTeN2d5s3MuZWNqQSMSNaZpd5hazvSYiA==
2727750032.json
www.firstleaf.com/page-data/sq/d/
1 KB
792 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2727750032.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d706b4e3d196efcd7c73bb6e45a2adf171af07bcb7408123f660e06ec40caee6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 a96420fb093cd21d1dea3700ef4d43ca.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"490497183ead171309c86ef43de5fc72"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcc303b0-FRA
x-amz-cf-id
2-O7a7JgULkYbN9lwIwFNZ9ibGo0rGcGvFrA0wPnret3hjsxn8ZhGQ==
2729198856.json
www.firstleaf.com/page-data/sq/d/
7 KB
4 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2729198856.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee917ea47cdb075cc4ad5fca582dcb91d431980ca4dadf7cdc36f34f38d5cd7f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 4bf44796811ecea5881c6668d3aa9226.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:10 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"5bd77ecd5663f3a66203d7c3b0ded6f1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27edcc403b0-FRA
x-amz-cf-id
JerBKsZneP19wmdZxSFYcy7Xmz8H7fpLSM6hXmxEHwjYcnANfnPLzg==
2734060729.json
www.firstleaf.com/page-data/sq/d/
20 KB
5 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2734060729.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f83e9b440122162e26168f780eb567cbc84a351c4728c3cc8bd3679e8e362ff9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 01 May 2024 16:32:39 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"13482419a9f2c5b5a126e6d5bd4214a8"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecc703b0-FRA
x-amz-cf-id
FtENO4cyg66UhQoIBbdV6Ch7DV6TT5AOzJdRioHlXJf8w2j7xNZ4ag==
2754068927.json
www.firstleaf.com/page-data/sq/d/
4 KB
1 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2754068927.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aa2e6166c7e04afa18a7adecff919c61d92877b2285d2aef27127476e4b538a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 21 Sep 2023 23:43:05 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"9bf2a50c53bddceb6e916d9b67ae5b54"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecca03b0-FRA
x-amz-cf-id
0uCpg2C9tXkUYRB9ker6DIxrx_P2xBl3ugS8I4xzm0CreIrgde9Ztg==
2764483679.json
www.firstleaf.com/page-data/sq/d/
3 KB
914 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2764483679.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19bdfcbcd23b5134cd377c78bbf03971926795fa6398c62599782d4d6e381620

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 04 Oct 2022 15:55:32 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"f2aabd68d8137b9c2a2b980847ec0644"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eeccc03b0-FRA
x-amz-cf-id
SkCFTutcVTiexhLyelS8OhGmbAo1olc36Tk337lbx7YiP4huPON0hw==
2771237727.json
www.firstleaf.com/page-data/sq/d/
622 B
552 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/2771237727.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4a4d483e6cb4667bed478a5f53e7c24bda8c91025757357eca32835fd69d97

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 a4079c0a5989b4b7af98433fdd07f680.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"79feae68043e971e307220f03c033a26"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eeccd03b0-FRA
x-amz-cf-id
EC9aNWPKls2BOOmibOXraNWYn38bh3EvOvExyxx_qUuRvrJm7P1zqQ==
3065704166.json
www.firstleaf.com/page-data/sq/d/
607 B
483 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3065704166.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b042c650b6af4874dfcad48aa7fd53dc9b32a444a96fba1f7161a02607907a8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Fri, 04 Aug 2023 20:23:09 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"62267b28fd2e454d403e7198dcbde8c4"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecd103b0-FRA
x-amz-cf-id
8xW59jeCZ2lN8x0_GfLysKznvgTYOXVr213A5ihaaaidBD_yJFAKWw==
3079672699.json
www.firstleaf.com/page-data/sq/d/
19 KB
11 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3079672699.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c7a9012153fb4c9b6448858a80fc1dc53e18a5f4c35b4eb73f476b954370aa5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 b81e506afc0d8b7cd6094e636331ca78.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"9712ae56380bee1a24baceeb41e02ecd"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecd203b0-FRA
x-amz-cf-id
6ktw61OBLXmTeQozYrZmBXRQyCBzm0GMPh8zeW5dXND5VHBy7wfdjA==
3102105077.json
www.firstleaf.com/page-data/sq/d/
17 KB
8 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3102105077.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9817ec5019a8c06a73dc786c1b9d33a8789524edcfac8072bdf57b57cae72d0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"6d67c722196931b48368212bcaacef15"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecd603b0-FRA
x-amz-cf-id
mAVGonAP8FmqT-5TpiHvowrGP-nQy1PH2XNVeK1u5qaudOnJooZX2g==
3102962149.json
www.firstleaf.com/page-data/sq/d/
8 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3102962149.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3fa27efb7fa0336505319590fa396a9672fe9e3607dea0b2fa820329d52e763

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 193d38535c6cb246e365763e9c32e672.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 02 Apr 2024 20:37:44 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"ee16d3e928d42c463c4546c8553545ea"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecd903b0-FRA
x-amz-cf-id
zCplF0lizfp08vkoKrvpRBls9sVOIWoFKKt4d2KJhhY46pSb6dAV6Q==
3205276428.json
www.firstleaf.com/page-data/sq/d/
248 KB
63 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3205276428.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73ba50c044ef4809059993250ca1be51372dffb3f9aa4c9d759176b146a74ecd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"34c7a372db31391f1927ece51b370da1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecda03b0-FRA
x-amz-cf-id
3PDtipix7znv71lcTSC7ZUYJmAtWTi4bJH0sxQoZA7NZ1PiUbh4dOQ==
3522674478.json
www.firstleaf.com/page-data/sq/d/
23 KB
5 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3522674478.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bf41b7acd29338b627e442e1c2fc60830496612a8f29a953aa09a2e544fa434

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 29 May 2024 20:20:11 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"bee44c878cce8fec24876e80e2a4add6"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecdc03b0-FRA
x-amz-cf-id
29UjhFFHX9cmQqFduGkP3wtD53yXYHfGLFPybOO-97aCCH2UGhMhGQ==
3679669099.json
www.firstleaf.com/page-data/sq/d/
26 KB
6 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3679669099.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7aade347ff96ad3116b7832a0a8a48f32b5bd4e7f66492bc77b90c93ace9938

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 085a99da24636ecdd172026920429788.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Thu, 30 May 2024 19:35:30 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"ea0d01c9d26431b08ead9ab05ec5c4fe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecde03b0-FRA
x-amz-cf-id
3T_VxwgZjprJn3enk0QqVgT6dI83TIIGDVSFBka1vlkiWWUUK5njrQ==
384391487.json
www.firstleaf.com/page-data/sq/d/
388 B
449 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/384391487.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c03f3488eeb6bcad6fa76499431ef68b5e0283c9eb8d71ed52851c14ff9f5d5c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 2146d75cb402f16f98928cb19acf5ff6.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Wed, 24 Aug 2022 12:51:28 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"af315518cf9c83f1a5039ef893a09a9e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eece003b0-FRA
x-amz-cf-id
rN6HHd2WD3taYggZ-UnSpEb-swcnbPFdeQjOnEEYHZmv9npdsdIpLA==
3963807967.json
www.firstleaf.com/page-data/sq/d/
360 B
464 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/3963807967.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c54090ff41e10e45e8d9f5b1a493db89c09a102305e71939bf7bf535fffea16

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
via
1.1 f36453eb82bc9ab0c6e360ac52cc5972.cloudfront.net (CloudFront)
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2024 17:12:54 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"a8d3a1f18572055cadecd95e072d8b80"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eece203b0-FRA
x-amz-cf-id
Ge7eMI5kDCTB_Z7n59mccUAj90lE9q2GP3UjcFqx3i9EKemj1nD65Q==
4049699997.json
www.firstleaf.com/page-data/sq/d/
5 KB
2 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/4049699997.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
236bc97a188e4940fec1bd29c0f58b4e1bcbacd475911604e5f0016c1a39f12e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 04d30d89cfeb7f513dc1f5b2d3c605d2.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Wed, 28 Feb 2024 20:05:33 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"a0e3c20823fb865018375ee933b0ea4d"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eece603b0-FRA
x-amz-cf-id
l-DZRZZ8MpAU8lazM0IRFYT4xVK2-PUd20iAV858bucwY8GcqVYAtQ==
4076379186.json
www.firstleaf.com/page-data/sq/d/
10 KB
3 KB
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/4076379186.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb00d523e68fb6895d2fceb8b5af7e10d02b25f993ff22deef21c87367080c87

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 83f37b03194be210134265ef78592588.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 28 May 2024 21:57:55 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"cdfc42e17e617374ab6ec3ed1d9ffe3a"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eece803b0-FRA
x-amz-cf-id
tF0gPOiVL4DPZdn3IMIpUc9tYzB76z4f3GB55JjzBhCWrzGweLihAg==
829245689.json
www.firstleaf.com/page-data/sq/d/
2 KB
987 B
XHR
General
Full URL
https://www.firstleaf.com/page-data/sq/d/829245689.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9079e41a84e532c7a5f6363737595134c170c9b48a0ded5a2a1519524f6bf7a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
last-modified
Tue, 13 Feb 2024 17:12:54 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
etag
W/"62b41a52a2aee82b1c0039648ba78152"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/json
cache-control
public, max-age=0, must-revalidate
cf-ray
88eab27eecea03b0-FRA
x-amz-cf-id
1wyjtBVVvuHJUGKxsPgdsmHde7maGnt6sQk5QQZrpGnS2oGKyZzdcQ==
loader.min.js
files1.cybba.solutions/2856/
86 KB
27 KB
Script
General
Full URL
https://files1.cybba.solutions/2856/loader.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1081:1 -, , ASN (),
Reverse DNS
Software
BunnyCDN-DE1-1081 /
Resource Hash
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

cdn-requestpullsuccess
True
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=3600
content-encoding
br
cdn-edgestorageid
1079
cdn-cachedat
05/15/2024 07:13:15
cdn-pullzone
116099
last-modified
Tue, 05 Dec 2023 17:11:23 GMT
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"656f59bb-156fe"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
deny
content-type
application/javascript
cdn-cache
HIT
cdn-uid
a080e070-2552-4896-b206-e42f1464eeab
cache-control
public, max-age=3600
cdn-requestid
b580f8d5558a412a27416f3b8090318c
x-robots-tag
noindex
cdn-requestcountrycode
DE
cdn-status
200
expires
Wed, 15 May 2024 08:13:06 GMT
cybba_latest.min.js
d2rp1k1dldbai6.cloudfront.net/
78 KB
21 KB
Script
General
Full URL
https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ae:2400:d:87ae:bb80:21 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e12b8472ff73f375d686384a427ddfcdef02c8b5e0d95756f60da35c9ad5257

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6Nho3HuaZp08ZSRvbjBcl6b87GRXvfPa
content-encoding
gzip
via
1.1 7b7e33ce27dedf9c28b39ecc0309b556.cloudfront.net (CloudFront)
date
Tue, 04 Jun 2024 03:40:30 GMT
last-modified
Tue, 28 May 2024 19:16:44 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P5
age
60895
x-amz-server-side-encryption
AES256
etag
W/"7cec048f51e17bf6914583e989576553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
vOm-D8CcEa8_6MGU3R-1Fr9HS8nTy7UGxWB-mEcnNcWmfnpjaX2kqA==
up_loader.1.1.0.js
js.adsrvr.org/
12 KB
5 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.rtb123.com
URL: https://www.rtb123.com/tags/A99F5C2A-533B-31BD-43AC-B834BAFF94CB/btp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.13.117 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 04:46:20 GMT
Content-Encoding
gzip
Via
1.1 639dd5dd68d7e7193120d95480cd44ca.cloudfront.net (CloudFront)
Last-Modified
Tue, 28 May 2024 04:42:45 GMT
Server
AmazonS3
X-Amz-Cf-Pop
VIE50-C2
Age
56820
x-amz-server-side-encryption
AES256
ETag
W/"a60a4e2650f94da6f243b9518761b381"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
LZWhlkudEQyl4mm0w5TJxaa3xVdhyPHQfHD4vHiw5IULOG1DylLhbg==
triggerRunner.js
d2mjzob2nc713b.cloudfront.net/widget/
11 KB
4 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/triggerRunner.js?v=53f4a9a
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6000:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 15:33:44 GMT
content-encoding
gzip
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1313976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3876
last-modified
Mon, 20 May 2024 15:33:23 GMT
server
AmazonS3
etag
"f774f3054b32067929bcaf42657d6bb0"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
cuUqy29M2Y-SKVurMYDpA5LglNcOIqVYmkvGNx068q91K9hFQlkBVg==
x-amz-meta-mtime
1716219202.02
otFlat.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/
13 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otFlat.json
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BhDz7QN6NZvDbVeQXXKKbA==
age
9482
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3041
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:21 GMT
server
cloudflare
etag
0x8DC3E996A8D0BAE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
c12b3b06-901e-005f-19d4-708dbf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab27f19c73718-FRA
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/
62 KB
13 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/v2/otPcCenter.json
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
+7hvz1DcCYiP/7X0fBpjjw==
age
42871
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12694
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:24 GMT
server
cloudflare
etag
0x8DC3E996BDADDD4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
b2a2f3d4-001e-0096-34d4-703052000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab27f29c93718-FRA
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202401.2.0/assets/
21 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202401.2.0/assets/otCommonStyles.css
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
age
63008
x-ms-lease-status
unlocked
last-modified
Thu, 07 Mar 2024 11:26:34 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
d2d9e806-701e-000a-08d4-709d34000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88eab27f29cd3718-FRA
web-widget-main-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
456 KB
141 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=b253b5fa-0522-4fcb-b2f3-9056b25ec9b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd5c16184cae5cd33c6341b3f92ff062220589b5f52f494568754047c7c664e6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
XkWDZr3RTqfmR.9dyd1KRbeP9oiZabvv
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H0EME15NE5MYN3Z
age
42690
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
XU4YVGJ0Zv9By+jF/Pl2sRMdVwgcadBm8FqWqm6DyEGahEVJobvaKSlP30KYQHbqYgBB0o7fn1k=
last-modified
Tue, 28 May 2024 06:19:30 GMT
server
cloudflare
etag
W/"b9edf5954aadf2c9e5f7c2d749cd639b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NwbCkSWYQ%2BXQUOEZxOWC9jmdmEtPUGrP59QACsWAvp%2BQjgkqKh7hL39ceqakP2X6qraIeTyHA0Lu8iPp4gfBTrFeRjlRwrCmnYvLVF8l2cwL%2FGoP4MohEGHijaNl%2B%2BwadqttT2g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2800cc48fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:29 GMT
digibox.gif
www.lightboxcdn.com/z9g/
35 B
274 B
Image
General
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1717533199235&h=www.firstleaf.com&e=p&u=44194
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
1823591
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
e979446f-501e-0011-4b70-752f2b000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab2800d7418cd-FRA
widget.js
d2mjzob2nc713b.cloudfront.net/widget/
194 KB
49 KB
Script
General
Full URL
https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:6000:d:370a:51c0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bb8bd87e231ac9f9f22c98b1aae09d04ffc1bed75d096dacf0e629473151074

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 15:33:43 GMT
content-encoding
gzip
via
1.1 5951b29f5460c0b6d21eb11bce7b8168.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1313976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50190
last-modified
Mon, 20 May 2024 15:33:24 GMT
server
AmazonS3
etag
"41961d3c766c3993d219e2cc934e33c0"
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
_mMM-q4gerlOiB29JSbtYrfZp176Oskw4on11oR1tR8rD0p3a6pEmQ==
x-amz-meta-mtime
1716219200.28
page
rs.fullstory.com/rec/
1 KB
744 B
XHR
General
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
52fd5c320b67a491a9d86e9e8a6cc9e98a1f3d4e20019ba938c962818bd035b2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
553
ot_close.svg
cdn.cookielaw.org/logos/static/
651 B
623 B
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_close.svg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
pcXWFGpuVeSg/jVnYCseRg==
age
17943
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 02:37:09 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
612e06a5-b01e-0091-442e-b6d5d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88eab2819c7c9bd4-FRA
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/
497 B
493 B
Fetch
General
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: ochsner.perkspot.com
URL: https://ochsner.perkspot.com/offer/1431609/none?utm_medium=email&utm_id=weeklyblast
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
age
6131
x-ms-lease-status
unlocked
last-modified
Tue, 04 Jun 2024 16:08:06 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
99fb4ee2-901e-004a-46a6-b6710e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88eab281addb3718-FRA
FL_Logotype_Purple_(3).png
cdn.cookielaw.org/logos/627cf43a-de0f-4b49-ad3a-54a9f94ef23e/8eb1dbf4-acc5-45da-85f8-9badfdf81305/49b98577-e68a-467a-877e-9da063be58e4/
17 KB
17 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/627cf43a-de0f-4b49-ad3a-54a9f94ef23e/8eb1dbf4-acc5-45da-85f8-9badfdf81305/49b98577-e68a-467a-877e-9da063be58e4/FL_Logotype_Purple_(3).png
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fd678871d5c502175e5233f33bb7c2cb09eda96eebfa139f527b72683f8b92b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
kb6My5twzXAEkxk7pZWjFQ==
age
1
content-length
17202
x-ms-lease-status
unlocked
last-modified
Wed, 29 Jun 2022 19:40:58 GMT
server
cloudflare
etag
0x8DA5A074A2ECBDD
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
d2af33d1-801e-0031-4f72-79d890000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
88eab281bca49bd4-FRA
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 04 Jun 2024 20:33:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
72904
x-ms-lease-status
unlocked
last-modified
Mon, 03 Jun 2024 03:31:38 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
84e39841-d01e-0064-28e9-b5f1c9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
88eab281bca79bd4-FRA
en-us-json-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 73EF
20 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
ke6X8pqKRmtMcDjhEZLNvBW2zeHf5csd
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
A9P74X5ANJQVQNJN
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
evnPgG85PISUdgNH+9FhiH3oubx2PdXDvB804p9d6ltcMxBxxo0SAIwfcFCeCb+Mlclard+p9oyORpIqLmrvqMO7qxRidGR0
last-modified
Tue, 28 May 2024 06:19:31 GMT
server
cloudflare
etag
W/"8f0c2ab0bd14e9e847312f7e99adb66d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNs%2F6BzZoNmC%2FXMw0fUaZL%2BuLryf1JHViCYrBIq8YhSNZP9WifISi9JS9c5zB3pUjmupwXvXC3yzaIg2lQ1NqkNGVWvNgfH58nx4IRvduyYwWIdYnBNUwwip3yS86XPAwiDOUHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821fa98fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:30 GMT
web-widget-4852-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
139 KB
47 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
fm8QUdQv7CDCu08tupTYRX.zmn7oiWSm
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H0CEBC4CZ8CQ8PR
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
LchEQaE1j8PEj18YFFm80VbDtyobeMf+Rep+6NaAHFPnMJiUyB90AKAd7quHVeAM7oHQ7GRKw/wAs5okEBPgpA==
last-modified
Tue, 28 May 2024 06:19:29 GMT
server
cloudflare
etag
W/"40fb729956c4a956df4256614af4b393"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NoslOe5w%2FaWXtnMHtYjzelrNd5YhzQe2RLDycTlcNzJOU421E3XD9r%2FlsiXHb0ss5jDfWZ3iwqX9qqCpw%2FYoXs%2B6Hswe3F2DtbQ0iLyPFFB6LgArtohH%2FRyz9u6IWYADE25B1PM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821fac8fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:28 GMT
web-widget-9527-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
29 KB
11 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9527-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
gON.1wTQWAtGGAN0ORtynYwh7JSMeInm
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H05EXH4AYK7V5HY
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
WA5WFJkyM5PFlskLz2hGv2bfQjAuf6C7zWgu74OTsfpJVFFK1d5QT5niPNp65UKoWRs7Wk/UGCA=
last-modified
Tue, 28 May 2024 06:19:30 GMT
server
cloudflare
etag
W/"083d4fe56f4013855997ad6d21392f69"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ImKmS9w5a0aUrz8e4NzUEavtEsqwy1zYtt9tlvbWzNrJ9QbiTZWmgbaImmXzDSQcMQ2lQjvPjEyjzX%2FQ3zA35P%2FcqUGYuW%2FYMVX7vQgJTWe%2FIWoY0AGuH6B1j6ptpjz7PxF3Bs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821fae8fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:29 GMT
web-widget-2306-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
14 KB
4 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-2306-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
_f0VVatUORp0VVdUYYYmp7Xaw5.4jspQ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H0C7TVAZCPGXF7M
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
hbQF9LoODX+jigQOC6n3f2ME+wNFusiHUYGYSzaGdfLOnNJYADGkEnW8Asv0Ywz9G4H2TFpohT0=
last-modified
Tue, 28 May 2024 06:19:29 GMT
server
cloudflare
etag
W/"1b2c14135523982db180c989ec11c5cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E31%2F6EezcZtvsUx4tZHW8cbv%2BYugPX6GPCirFViAMCx%2BuaRS9rGt0qKJZCefz1mOT88BI9%2BSm4wEfk9z0pP0oBmldrVy8MT%2B4VRtf74le%2BveaeNJwhr4eRBzpG%2BWK8heAspbAzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821faf8fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:28 GMT
web-widget-5178-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
12 KB
5 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
Rs9JK5F_HWmAEsSgx8FRpU2QVqgsc5mO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H0FPHWNJGTD217N
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
ZAdbxNOV1tdt5YiCNp50bMyYS2OXLDKFIl3dO91OLVl4CiCOrHrPtBKs2yKE+Jp7KOS/TyaB2lY=
last-modified
Tue, 28 May 2024 06:19:29 GMT
server
cloudflare
etag
W/"7ea6a03ae546d28215fb61ff43d384ab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JmcKnNgyu06EjWOTedHT%2BIRj2DfL1ZxsictRh2I0YQOB%2Bk%2B%2F9dztH6XniawizPNkmG8tMMprkB2VLjJs9pxDftrp1xt0Jrg3aw53CqRkeKwXWLp8C3bntNYIrhpuHMukyt63Ato%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821fb18fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:28 GMT
web-widget-9535-c554e5f.js
static.zdassets.com/web_widget/messenger/latest/ Frame 73EF
15 KB
6 KB
Script
General
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-c554e5f.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
x-amz-version-id
xxaRX5K1JPNfWEwPHHUeFIQyB0R8LHJk
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
1H04P4Z8MB5A71S3
age
42689
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
mGRGHFuOZOLcppGJK2zTzZtvMxJRZxtZN27m/JPBd60Wz0A6xTw748CeInH9rp+TUl0fVi3kTrJMewziY1xa503EXysXM6Pz
last-modified
Tue, 28 May 2024 06:19:30 GMT
server
cloudflare
etag
W/"49e0c7e2a647623949726517bb39175a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pAu333oWY7L5HE4RidAggCtgK%2FXuUIebq7SBgwQTDJta%2Bf00d8Xu%2BLYxM4KFqypiEoPZssTet4KMixgrHo%2B6tDtev4uAJIsmevDvbkBVVlBQGkkoEIZOW2sU2YrJgXVLdQNMpA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
88eab2821fb28fdc-FRA
access-control-allow-headers
*
expires
Wed, 28 May 2025 06:19:29 GMT
user
app.cybba.solutions/
122 B
493 B
Script
General
Full URL
https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=2856&oldUserId=undefined&email=null&_ts=1819768
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 -, , ASN (),
Reverse DNS
Software
nginx, nginx /
Resource Hash
4e179f02938f9d51112f3c6a38e0fedb36ba1c24708244bf4fe42230afed49cd
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
122
x-process-time
0.00041794776916503906
Expires
Tue, 04 Jun 2024 20:33:18 GMT
/
pro.ip-api.com/json/
306 B
462 B
XHR
General
Full URL
https://pro.ip-api.com/json/?key=aUoasJP8dMuydUf
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
54110254da981767cfa5127026136b5553df4eeba82b9fd36666445a11346189

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 04 Jun 2024 20:33:19 GMT
Content-Length
306
Content-Type
application/json; charset=utf-8
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?pageReferrer=https%3A%2F%2Fochsner.perkspot.com%2F&url=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&action=view&source=firstleaf&rb_source=firstleaf&script_version=wxyz.rb.js&sessionId=2171ccbd-e81f-4c67-85b3-14fe80823e19&uid=rbos-e1bc4058-f7e9-498d-bc96-0ad3f852afe8
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.94.108 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
rb
rbv9j7km.firstleaf.com/v2/
44 B
337 B
Image
General
Full URL
https://rbv9j7km.firstleaf.com/v2/rb?pageReferrer=https%3A%2F%2Fochsner.perkspot.com%2F&url=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&action=identify&source=firstleaf&rb_source=firstleaf&podsights_session_id=9de528cda1644d1db7b7d74356158c9a&script_version=wxyz.rb.js&sessionId=2171ccbd-e81f-4c67-85b3-14fe80823e19&uid=rbos-e1bc4058-f7e9-498d-bc96-0ad3f852afe8
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.94.108 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:19 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
events
fbapi.firstleaf.com/
0
263 B
XHR
General
Full URL
https://fbapi.firstleaf.com/events
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:ebf:1f02:eb82:36ec:bd97:2494 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.firstleaf.com
date
Tue, 04 Jun 2024 20:33:20 GMT
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&rl=https%3A%2F%2Fochsner.perkspot.com%2F&if=false&ts=1717533199793&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717533199789.354629212954376987&hmd=5b381d55f23c13eef1106b85&pl=https%3A%2F%2Fwww.firstleaf.com&eid=ob3_plugin-set_97599e83ca94ea938e383f253e2b37c7f940142095638a26e6e22035a7eb2c3b&cs_est=true&ler=other&cdl=API_unavailable&it=1717533198891&coo=false&rqm=GET
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2806, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 04 Jun 2024 20:33:19 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1669030446688031&ev=PageView&dl=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&rl=https%3A%2F%2Fochsner.perkspot.com%2F&if=false&ts=1717533199793&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717533199789.354629212954376987&hmd=5b381d55f23c13eef1106b85&pl=https%3A%2F%2Fwww.firstleaf.com&eid=ob3_plugin-set_97599e83ca94ea938e383f253e2b37c7f940142095638a26e6e22035a7eb2c3b&cs_est=true&ler=other&cdl=API_unavailable&it=1717533198891&coo=false&rqm=FGET
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x73ffd2a13afb5501","source_keys":["1","2"]},{"key_piece":"0x9a964ead65255ea1","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Tue, 04 Jun 2024 20:33:20 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=8, rtx=0, c=12, mss=1297, tbw=3123, tp=-1, tpl=-1, uplat=159, ullat=1
pragma
no-cache
x-fb-debug
EzCbBumydsOHc4/0+1Am6KfYqt4Zv3UmYW3g52mRggXeDWyT4Gnxsa7nXHs+aOPBAGtHLyYyyie2X00IR0SEWg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
cjcookie
www.firstleaf.com/
11 B
229 B
XHR
General
Full URL
https://www.firstleaf.com/cjcookie
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
88eab2833c2003b0-FRA
content-length
11
api.js
challenges.cloudflare.com/turnstile/v0/g/26ed7e9dda49/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onTurnstileLoad
  • https://challenges.cloudflare.com/turnstile/v0/g/26ed7e9dda49/api.js
42 KB
14 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/26ed7e9dda49/api.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H3
Server
104.17.3.184 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2a394ecfa4f9b4c1fa348b40019e2b1c9d576ea84a30630411211a8ede3e3a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-encoding
br
last-modified
Wed, 29 May 2024 17:53:08 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
cf-ray
88eab284a90365bc-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 04 Jun 2024 20:33:19 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/turnstile/v0/g/26ed7e9dda49/api.js
cache-control
max-age=300, public
cross-origin-resource-policy
cross-origin
cf-ray
88eab2838f6c65bc-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
checkouts.json
api.firstleaf.com/api/
2 KB
2 KB
XHR
General
Full URL
https://api.firstleaf.com/api/checkouts.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
db65b86389437e8ceed8f5054e6a9875fb107322dd09d880c7f39c1037b5c4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
2b05f5bb-aad4-4ee5-8485-67f7d3b61198
x-runtime
0.145985
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"db65b86389437e8ceed8f5054e6a9875"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
88eab283da863606-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
223-93477160dda2993c6123.js
www.firstleaf.com/
3 KB
2 KB
Script
General
Full URL
https://www.firstleaf.com/223-93477160dda2993c6123.js
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/webpack-runtime-399e3d69c254243f395b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4c521d5535bd16fa41564dc19a2043f492e87104fc8089b9fca8040813a0f80

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 b7c8b552077b93dc0acaa0b82d11fa62.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
645179
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 20 Jun 2023 15:54:17 GMT
server
cloudflare
etag
W/"f2c96b9ae25854b1e183ec2c3ad46955"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000, immutable
cf-ray
88eab2836c6b03b0-FRA
x-amz-cf-id
ntJ7qoKTPFcCVpOytee1vSYt4sJOx76B93DjN2WUZ4F16yrj4CbN4g==
destination
www.googletagmanager.com/gtag/
236 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-935608953&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.232 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40662fc59b620cea1d6acb03132679fa5e17b18db667564d1017a3b8bb13fd79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85817
x-xss-protection
0
last-modified
Tue, 04 Jun 2024 19:41:36 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 04 Jun 2024 20:33:19 GMT
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9e24b2a2c5ae741aba134a5764fe7267376ec85c5fa349acc18e4d21b600292

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18aeba875cb986ff0c9bad79ba5b2b36158f50923f6f4c4284e61e1f2b84536c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
85 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d171bc5152bfb08047c65650bff8f1828cc63f53d95bacd4ae24a3806607c27

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf7d99bfd85f20c422fac114ec71fa775883e8b430f1e20cdac1f5db187350a1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d3238f57e3ae44a7d0b2ef513ff2e8cf9afaf6e442f5fa5a575c4f8efd0290e

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a9fb33e08a93b89c3365895199b512887263e05716811dfedac593db29a3f4

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd7e3ece391682a33c28af9cd8a27168fe9da07dfb2ce47b62142b6815c904cd

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/
87 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17baaf0620679e688805c54583243a34e8491165c5f1029c16977bae6a5f76c0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKCVNW&gtm_auth=1BfIqc--iU-7Fmd2boouvg&gtm_preview=env-1&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 04 Jun 2024 19:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3137
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 04 Jun 2024 21:41:03 GMT
pv
penrosehill.zendesk.com/frontendevents/ Frame
0
0
Preflight
General
Full URL
https://penrosehill.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
88eab284bd482c2a-FRA
date
Tue, 04 Jun 2024 20:33:20 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ped0APBMJ2QZ3LQf6KQdinou%2F8owM79QUa%2BudstBkjG276fj%2BA%2Bvw2ZWfjgXktLyfzPwXA0gvA6kuXGoF2b4Rbw4%2B7AsKFiFi%2FW8X6D4shn0%2B1a07%2FZJdMMuX2%2FA0FqdxoEyHmTAaB%2B"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
88eab284bd482c2a-FRA
x-zendesk-zorg
yes
pv
penrosehill.zendesk.com/frontendevents/ Frame 73EF
0
0
Fetch
General
Full URL
https://penrosehill.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSnXni%2Be1LpSqGTuia9ARN%2FRsOvLyGeOsfXqmzcnt2namslwt6wNJj5hVbCmDx3le9dlcROOuNPRVObYYVv9J6%2Fvtet2xbBHHCs2xMgEfn5GP%2BP5RRYNJ7OVnYKC%2FiiaS0jWd66hIPtg"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
88eab285deed2c2a-FRA
content-length
0
x-request-id
88eab285deed2c2a-FRA
config
penrosehill.zendesk.com/embeddable/ Frame 73EF
763 B
1 KB
Fetch
General
Full URL
https://penrosehill.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-c554e5f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.51.111 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
ea3f55cfeda1a9ae8fca4118eefbcc5101ba91bac201d0b906502108a434e17c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2
x-zendesk-origin-server
embeddable-app-server-85c555769f-s77sq
x-cached
MISS
x-runtime
0.003896
last-modified
Tue, 04 Jun 2024 20:33:18 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LFP1cyZJ14QztqDSmJ5w7nT9DVbtbyt8E6izr5Wp2SAMn6peA2B2wC9%2FXEUWcmLFrWShLz7E01Yvv%2BNaJIHxDqI01oLZqbkE%2BrvtMdSaRqSRrk%2BdzmXAGDlVS0pADw8Sq71IKqu2KHxQ"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
88eab284bd4a2c2a-FRA
0
bat.bing.com/action/
0
237 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5565374&tm=gtm002&Ver=2&mid=d6b4f0e3-57eb-4cf8-b10b-1d0d0f2fca4b&sid=adb18b6022b111ef99d7fdce064dd159&vid=adb4207022b111ef9893c3dbaf8bd2e2&vids=0&msclkid=N&gtm_tag_source=ua_e&gc=USD&tpp=1&ea=page-ready&en=Y&p=https%3A%2F%2Fwww.firstleaf.com%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=186001
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Jun 2024 20:33:19 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 495CF95FC3884A8AB85BB0352B1BE35A Ref B: FRA31EDGE0516 Ref C: 2024-06-04T20:33:20Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
pipeline
ct.firstleaf.com/prh/
2 B
213 B
XHR
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Tue, 04 Jun 2024 20:33:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-origin
https://www.firstleaf.com
access-control-allow-credentials
true
cf-ray
88eab288abcc03b0-FRA
content-length
2
14C15B4DD1F268EF7.css
www.firstleaf.com/fonts/863556/
Redirect Chain
  • https://cloud.typography.com/7410416/6307592/css/fonts.css
  • https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
251 KB
0
Stylesheet
General
Full URL
https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
122604dbe0e33b2a80cff78e90bd1aefe742828d19a66b357bde8c250035ca33

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:19 GMT
content-encoding
gzip
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
last-modified
Tue, 13 Jun 2023 18:04:53 GMT
server
cloudflare
x-amz-cf-pop
FRA56-P8
etag
W/"01b0c035e870e010817990f18af07eeb"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=14400
cf-ray
88eab28128b503b0-FRA
x-amz-cf-id
RaFOHx1OR1PXR-3FZefxKTnAt3S6KB94lZfyZK1JRJQpcfL48BPizA==

Redirect headers

Date
Tue, 04 Jun 2024 20:33:20 GMT
Last-Modified
Tue, 13 Jun 2023 18:10:29 GMT
Server
AkamaiNetStorage
X-HCo-pid
16
ETag
"9a52622c3b0b353cd052a5e4518bd213:1686679828.962264"
Content-Type
text/html
Location
https://www.firstleaf.com/fonts/863556/14C15B4DD1F268EF7.css
Cache-Control
must-revalidate, private
Connection
keep-alive
Content-Length
154
Expires
Tue, 04 June 2024 20:33:20 GMT
pipeline
ct.firstleaf.com/prh/ Frame
0
0
Preflight
General
Full URL
https://ct.firstleaf.com/prh/pipeline
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.firstleaf.com
access-control-max-age
600
cf-cache-status
DYNAMIC
cf-ray
88eab2852c743606-FRA
content-length
0
date
Tue, 04 Jun 2024 20:33:20 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
truncated
/
714 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b1043a0dd1a57bddb307b2bac12686151292cf08f095b86d5702a531f9413af

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
670 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c4d40b3150ea8494d850dc53c34d42806f60a5afeeddd14d64c667b4978f1921

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
662 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b333edfba237a23eccd269faed9f51d3430824ba342db01043166bf8a7d1f09

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
666 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bd4ed71008e5c241321562a82cb6d535d7db6b7fbd3783896a96ae48d5211f3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
664 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8c79e4569e88f2104a0181ddd9428c78b94ee022fc5694a1c4c8805b5fe98560

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
681 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba174758f3512e1225fb25acd56d073b71f92d5cfc332f4ab54a4273765528da

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
659 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0cac1d717f7ebdef430e44e0c211f722a77f29207e553d69e69901276a7e224

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
642 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
136aadbe4eea0b2a6b68a3ec2cd24be6002dc085376ae638768db1d2834c653b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
644 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a0839a70494ec741f3d86d0a3c586be820886d3e5407016453a31ee304d0266

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
667 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87ab28f982528ab1259f99a8c040c11ceb6161e038c8ca1dce09651718058d1d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
truncated
/
658 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74342d26027f9f21a160adb21dea7121e79456c5e7e05579177c6bea0553a7b3

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/jpeg
wineprint-in-mobile.webp
www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/
22 KB
0
Image
General
Full URL
https://www.firstleaf.com/static/27595ab20aadca9b305a6877dedd8de0/a8d6b/wineprint-in-mobile.webp
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:18 GMT
via
1.1 f996db233b87d6765cc5ad56701268d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P8
age
219085
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22690
last-modified
Mon, 11 Sep 2023 15:36:33 GMT
server
cloudflare
etag
"4ca1653d35f298be8a4317172979871c"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
88eab279ed9103b0-FRA
x-amz-cf-id
YUZ3m33nesgRFKaVOwOFyfKS7Zm8yI93sECkCIMACKeybQptFqO5kQ==
referer
app.cybba.solutions/event/2856/
79 B
448 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/referer?data=%7B%22userId%22%3A%224335889946999711%22%2C%22type%22%3A%22referer%22%2C%22domain%22%3A%22ochsner.perkspot.com%22%2C%22url%22%3A%22https%3A%2F%2Fochsner.perkspot.com%2F%22%2C%22generic%22%3A%7B%22url%22%3A%22https%3A%2F%2Fochsner.perkspot.com%2F%22%7D%2C%22utm_source%22%3A%22cj_affiliate%22%2C%22utm_term%22%3A%22%22%2C%22utm_campaign%22%3A%221850771_12%2BInteractive%2BLLC_2097062%22%2C%22utm_content%22%3A%2215528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%22%2C%22utm_medium%22%3A%22cpa%22%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=88922389
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 -, , ASN (),
Reverse DNS
Software
nginx, nginx /
Resource Hash
688bb96efcfd7b990c9a29720a8e9a7b55ce91354ad4a33f4e8251228c292cfa
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:20 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.0007014274597167969
Expires
Tue, 04 Jun 2024 20:33:19 GMT
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
11 KB
11 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01af466f48d14857d97a67cd7025ce67c8a0b9ca83ddb6d3f313c7369c432868

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
truncated
/
5 KB
5 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51b06909334339bd5f4027e70f4d2fd30a2a3977ee44cce7385b908ec8f51903

Request headers

Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
application/x-font-woff2
fs.js
edge.fullstory.com/s/ Frame FB06
273 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:16:40 GMT
content-encoding
br
age
998
x-guploader-uploadid
ABPtcPoNn0_QgAhjxTrrqADq7Ol3fEAz_0YCe268ur12jiFM469qKTSf_7vrcekCQDcx8IfPfaHXmdl1-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75399
last-modified
Mon, 03 Jun 2024 19:13:28 GMT
server
UploadServer
etag
"9518bfdd8ce5a4d07426912e49eab44e"
vary
Accept-Encoding
x-goog-generation
1717442008056727
x-goog-hash
crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75399
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jun 2024 21:16:40 GMT
fs.js
edge.fullstory.com/s/ Frame 01BE
273 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:16:40 GMT
content-encoding
br
age
998
x-guploader-uploadid
ABPtcPoNn0_QgAhjxTrrqADq7Ol3fEAz_0YCe268ur12jiFM469qKTSf_7vrcekCQDcx8IfPfaHXmdl1-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75399
last-modified
Mon, 03 Jun 2024 19:13:28 GMT
server
UploadServer
etag
"9518bfdd8ce5a4d07426912e49eab44e"
vary
Accept-Encoding
x-goog-generation
1717442008056727
x-goog-hash
crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75399
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jun 2024 21:16:40 GMT
fs.js
edge.fullstory.com/s/ Frame 198B
273 KB
0
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin
https://www.firstleaf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:16:40 GMT
content-encoding
br
age
998
x-guploader-uploadid
ABPtcPoNn0_QgAhjxTrrqADq7Ol3fEAz_0YCe268ur12jiFM469qKTSf_7vrcekCQDcx8IfPfaHXmdl1-Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75399
last-modified
Mon, 03 Jun 2024 19:13:28 GMT
server
UploadServer
etag
"9518bfdd8ce5a4d07426912e49eab44e"
vary
Accept-Encoding
x-goog-generation
1717442008056727
x-goog-hash
crc32c=iqU1ow==, md5=lRi/3YzlpNB0JpEuSeq0Tg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75399
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 04 Jun 2024 21:16:40 GMT
p
i.simpli.fi/
798 B
762 B
Script
General
Full URL
https://i.simpli.fi/p?cid=449212&cb=sifi_att_42656._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/4f1bd082-d454-42cb-bafd-026640e9800e
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.234.162.151 -, , ASN (),
Reverse DNS
Software
openresty /
Resource Hash
dd0cc97c5bb9ca54732ba180fdee703fab3e3c9f23b220a187de19348eb6e71f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 38C0
0
0
Document
General
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.176 -, , ASN (),
Reverse DNS
Software
Fastly /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1784362
cache-control
max-age=31536000
content-encoding
br
content-length
154
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 20:33:20 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Fri, 11 Nov 2022 20:25:37 GMT
server
Fastly
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
478171
x-content-type-options
nosniff
x-request-id
f0ac833c-6d48-430f-9467-8f7d2abd0771
x-served-by
cache-fra-etou8220142-FRA
params
shop.pe/widget/main/init/
260 B
756 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=62725feabbf6c339ae0dfd75&product=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&product_url=https%3A%2F%2Fwww.firstleaf.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&external_referer=https%3A%2F%2Fochsner.perkspot.com%2F&callback=AddShoppersWidget.load_widget&no_cookie_callback=AddShoppersWidget.load_no_cookie&sos=false&rand=75355&cookie=&referer=https%3A%2F%2Fochsner.perkspot.com%2F
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
258f0c1f40274ff457f064996c7e0b94b5d57001f335439881d9e4ca9748436e
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"ee1a64645632ca78372e42212f59b7f116e5dd67"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
rum
www.firstleaf.com/cdn-cgi/
0
179 B
XHR
General
Full URL
https://www.firstleaf.com/cdn-cgi/rum?
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://www.firstleaf.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88eab286f98c03b0-FRA
up
insight.adsrvr.org/track/ Frame 0225
0
0
Document
General
Full URL
https://insight.adsrvr.org/track/up?adv=l7cyjy0&ref=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&upid=hm2fj8w&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/html
date
Tue, 04 Jun 2024 20:33:20 GMT
server
Kestrel
/
s.ad.smaato.net/c/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=21B7F233A8484D38AD5208B64D39DC63
0
236 B
Image
General
Full URL
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
2600:9000:237d:be00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
cache-control
no-cache, must-revalidate
via
1.1 3d7648aa47c887339ebd63c859836150.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
MKDbaoya7s2MQ84H_nziYzIto2yfNbSe7zK6ZnxnOcAEQFBG0ZB1YA==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
RX-2efe3d6f-ab0f-4f11-829c-4ace5b059cc1-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/21B7F233A8484D38AD5208B64D39DC63
  • https://sync.1rx.io/usersync/simplifi/21B7F233A8484D38AD5208B64D39DC63?zcc=1&cb=1717533200652
  • https://sync.targeting.unrulymedia.com/csync/RX-2efe3d6f-ab0f-4f11-829c-4ace5b059cc1-003
43 B
378 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-2efe3d6f-ab0f-4f11-829c-4ace5b059cc1-003
Protocol
H2
Server
46.228.174.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-2efe3d6f-ab0f-4f11-829c-4ace5b059cc1-003
pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=21B7F233A8484D38AD5208B64D39DC63&dongle=yf3
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=21B7F233A8484D38AD5208B64D39DC63&dongle=yf3
Protocol
H2
Server
76.223.111.18 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=21B7F233A8484D38AD5208B64D39DC63&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=21B7F233A8484D38AD5208B64D39DC63
43 B
175 B
Image
General
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
2600:1f18:612b:4264:551d:13a8:79ea:bf3e -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 04 Jun 2024 20:33:20 GMT
server
nginx
content-type
image/gif

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63
95 B
436 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
34.111.113.62 -, , ASN (),
Reverse DNS
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=21B7F233A8484D38AD5208B64D39DC63
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g.pixel
aa.agkn.com/adscores/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=21B7F233A8484D38AD5208B64D39DC63
13 B
342 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
18.194.241.18 -, , ASN (),
Reverse DNS
Software
AAWebServer /
Resource Hash
4da730e82bd43b52b497ed1364d6fa2b901968df6325b9ac8b0f4bdef20c22b5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
13
expires
0

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=21B7F233A8484D38AD5208B64D39DC63
0
0

pubmatic
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/pubmatic
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 03 Jun 2024 20:33:20 GMT
freewheel
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/freewheel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 03 Jun 2024 20:33:20 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=21B7F233A8484D38AD5208B64D39DC63;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=21B7F233A8484D38AD5208B64D39DC63;mimetype=img;sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODIwMDMwNDUxMjU4NDkyNjAyMA==
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODIwMDMwNDUxMjU4NDkyNjAyMA==
Protocol
H2
Server
172.217.16.194 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp-eu-5.c.datonics-gcp-01.internal
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=ODIwMDMwNDUxMjU4NDkyNjAyMA==
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0&xl8blockcheck=1
0
775 B
Image
General
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0&xl8blockcheck=1
Protocol
H2
Server
54.78.254.47 -, , ASN (),
Reverse DNS
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=21B7F233A8484D38AD5208B64D39DC63&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
yahoo
um.simpli.fi/
43 B
409 B
Image
General
Full URL
https://um.simpli.fi/yahoo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 03 Jun 2024 20:33:20 GMT
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=21B7F233A8484D38AD5208B64D39DC63
0
421 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=141&uid=21B7F233A8484D38AD5208B64D39DC63
Protocol
HTTP/1.1
Server
52.72.130.114 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 04 Jun 2024 20:33:20 GMT

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=21B7F233A8484D38AD5208B64D39DC63
62 B
479 B
Image
General
Full URL
https://stags.bluekai.com/site/29931?id=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
2.19.244.177 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Tue, 04 Jun 2024 20:33:20 GMT
content-length
62
x-request-id
67643712b534573e6a890e2815b7a618
content-type
image/gif

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
tpid=21B7F233A8484D38AD5208B64D39DC63
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=21B7F233A8484D38AD5208B64D39DC63
49 B
266 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
34.255.230.248 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.225
content-length
49
expires
0

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=21B7F233A8484D38AD5208B64D39DC63
0
223 B
Image
General
Full URL
https://ce.lijit.com/merge?pid=2&3pid=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
34.251.32.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

expires
Fri, 20 Mar 2009 00:00:00 GMT
pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
x-merge
GDPR Optout true
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ce.lijit.com/merge?pid=2&3pid=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
419566.gif
idsync.rlcdn.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=21B7F233A8484D38AD5208B64D39DC63
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/419566.gif?partner_uid=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://idsync.rlcdn.com/419566.gif?partner_uid=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1717533200481&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiww...
  • https://www.google.de/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwb...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI5PO74uXChgMVhXNBAh00vwuuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Gmh0dHBzOi8vd3d3LmZpcnN0bGVhZi5jb20v&is_vtc=1&cid=CAQSGwDaQooL2ZbocEupmahT2RU03N-5ynApFKO_CA&random=1365871237&ipr=y
Protocol
H3
Server
172.217.18.3 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/1026675585/?random=492890325&cv=7&fst=1717533200481&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMI5PO74uXChgMVhXNBAh00vwuuMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Gmh0dHBzOi8vd3d3LmZpcnN0bGVhZi5jb20v&is_vtc=1&cid=CAQSGwDaQooL2ZbocEupmahT2RU03N-5ynApFKO_CA&random=1365871237&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/
0
272 B
Image
General
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=21B7F233A8484D38AD5208B64D39DC63
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D21B7F233A8484D38AD5208B64D39DC63
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
185.89.210.153 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
an-x-request-uuid
20779439-3dba-44b2-8a7b-e633e1f21fec
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.204; 80.255.10.204; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
an-x-request-uuid
12477a55-02a3-43ad-955d-fbae7b416486
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D21B7F233A8484D38AD5208B64D39DC63
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.10.204; 80.255.10.204; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=21B7F233A8484D38AD5208B64D39DC63&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=21B7F233A8484D38AD5208B64D39DC63&expires=365
Protocol
HTTP/1.1
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=21B7F233A8484D38AD5208B64D39DC63&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=21B7F233A8484D38AD5208B64D39DC63
43 B
273 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=21B7F233A8484D38AD5208B64D39DC63
Protocol
H2
Server
34.98.64.218 -, , ASN (),
Reverse DNS
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=21B7F233A8484D38AD5208B64D39DC63
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 03 Jun 2024 20:33:20 GMT
pixel
cm.g.doubleclick.net/
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
params
shop.pe/widget/main/init/
1 KB
683 B
Script
General
Full URL
https://shop.pe/widget/main/init/params?siteid=62725feabbf6c339ae0dfd75&product=America%27s%20%231%20Awarded%20Wine%20Club%20Subscription%20-%20Firstleaf&product_url=https%3A%2F%2Fwww.firstleaf.com%2F&image=&price=&currency=undefined&rating=0&rating_count=0&review_count=0&stock_status=&description=&update_product=true&subcategory=&url=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8&external_referer=https%3A%2F%2Fochsner.perkspot.com%2F&callback=AddShoppersWidget.load_widget&rand=73776&cookie=2%7C1%3A0%7C10%3A1717533200%7C15%3Aaddshoppers.com%7C44%3AM2ExNGQwNjBmMDM1NDk2ZThiMzExOTM2ZmY0NGEwNzg%3D%7Ca3f42505fd56c2cce546e303d455174527b30fc75a6e54bd8b7c87dbf9bd9f1c&referer=https%3A%2F%2Fochsner.perkspot.com%2F
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
f522064ef3128192543bc2ad3d808e9f51c454868686aca8687f394e68fe3acf
Security Headers
Name Value
Content-Security-Policy frame-ancestors none;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-security-policy
frame-ancestors none;
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
backend-version
47
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
data-regulation-gdpr-enforced
true
referrer-policy
no-referrer-when-downgrade
server
nginx
etag
W/"904362a88f988c41869d3b573b69356187699538"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
content-type
text/javascript
access-control-allow-origin
https://my.addshoppers.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
cjcookie
www.firstleaf.com/
11 B
160 B
XHR
General
Full URL
https://www.firstleaf.com/cjcookie
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
88eab2882b2903b0-FRA
content-length
11
R917495475.json
api.firstleaf.com/api/v2/cart/
919 B
477 B
XHR
General
Full URL
https://api.firstleaf.com/api/v2/cart/R917495475.json?order_token=R5zdptXKdbqqvtuDDiBAPA
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b17634b816f9f50be58486e848dbdbe7d73600a8e4a1ab4403053ad5350774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
7abbf47a-114f-4f4d-babd-20bc805aa89f
x-runtime
0.053721
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"a2b17634b816f9f50be58486e848dbdb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
88eab288290a3606-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
update
app.cybba.solutions/event/2856/
79 B
448 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/update?data=%7B%22userId%22%3A%224335889946999711%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1717533199667%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_bqstore=0&_ts=15323319
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 -, , ASN (),
Reverse DNS
Software
nginx, nginx /
Resource Hash
688bb96efcfd7b990c9a29720a8e9a7b55ce91354ad4a33f4e8251228c292cfa
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:20 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.0006682872772216797
Expires
Tue, 04 Jun 2024 20:33:19 GMT
ba5cd1e2255e4f75a0ae1c1cd34f0620.js
addshoppers.s3.amazonaws.com/customize/62725feabbf6c339ae0dfd75/
12 KB
3 KB
Script
General
Full URL
https://addshoppers.s3.amazonaws.com/customize/62725feabbf6c339ae0dfd75/ba5cd1e2255e4f75a0ae1c1cd34f0620.js?_t=1710932643
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.217.97.84 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f2a70caf9e4a17da7c2a145e34625f90d4031f5ed7b690657a514c5c89e26cd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:22 GMT
Content-Encoding
gzip
x-amz-version-id
M2ZIchM.jKTOWMYpMmD_1lJ.BPSUIS5B
Last-Modified
Wed, 20 Mar 2024 11:04:04 GMT
Server
AmazonS3
x-amz-request-id
G6XFJZ6JJTSBX8CC
ETag
"c7f138455b360f8e7e1c0070f44ec49d"
x-amz-server-side-encryption
AES256
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
Content-Length
2146
x-amz-id-2
vSXCA/Z3ST6lR4aQ3yVpTKfYB9Lz6xwcAQ63tINfJDPrqmrHvVIgPrSi7pSGpScwEJzUz78nC+E=
input.js
shopper.shop.pe/
26 KB
9 KB
Script
General
Full URL
https://shopper.shop.pe/input.js
Requested by
Host: shop.pe
URL: https://shop.pe/widget/widget_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.54.17 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 18:12:20 GMT
content-encoding
gzip
age
8460
x-guploader-uploadid
ABPtcPqrNgUc0fNbBWSHh7ibhDro7j8S0KCZ--n0KvGp6P0aAQKqHw6GjVlwVPoDm8cHthnZxJ2WoJGoPg
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8831
last-modified
Tue, 13 Feb 2024 16:47:53 GMT
server
UploadServer
etag
"d311745e83077b078fa566c77a15d9b5"
vary
Accept-Encoding
x-goog-generation
1707842873418606
x-goog-hash
crc32c=mi0bhQ==, md5=0xF0XoMHewePpWbHehXZtQ==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public, max-age=14400
x-goog-stored-content-length
8831
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Tue, 04 Jun 2024 22:12:20 GMT
status
app.shop.pe/app/datapartners/
34 B
509 B
XHR
General
Full URL
https://app.shop.pe/app/datapartners/status?usersite_id=62725feabbf6c339ae0dfd75
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
etag
W/"0467ba22658b680d6de72dc567071b5bc495547f"
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
consent
manage.safeopt.com/
0
833 B
XHR
General
Full URL
https://manage.safeopt.com/consent
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
data-regulation-gdpr-enforced
true
server
nginx
etag
"da39a3ee5e6b4b0d3255bfef95601890afd80709"
x-frame-options
deny
access-control-allow-methods
HEAD, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
Data-Regulation-Gdpr-Enforced
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Data-Regulation-Gdpr-Enforced
cjcookie
www.firstleaf.com/
11 B
65 B
XHR
General
Full URL
https://www.firstleaf.com/cjcookie
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:20 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
cf-ray
88eab2899d0c03b0-FRA
content-length
11
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ship_to_info.json
api.firstleaf.com/api/
14 B
187 B
XHR
General
Full URL
https://api.firstleaf.com/api/ship_to_info.json
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8e4 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept
application/json, text/plain, */*
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
x-request-id
d49f0f0d-7b34-4794-86ee-b3ac73b6b2bb
x-runtime
0.103210
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aca66b739fcde148403f4735fd9091fb"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, PATCH, PUT, OPTIONS, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
access-control-expose-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
max-age=0, private, must-revalidate
cf-ray
88eab289ab3c3606-FRA
access-control-allow-headers
DNT,Keep-Alive,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
iframe
nytrng.com/ Frame 32B1
0
0
Document
General
Full URL
https://nytrng.com/iframe?vcp=4dd5h0np&as_id=3a14d060f035496e8b311936ff44a078
Requested by
Host: d2mjzob2nc713b.cloudfront.net
URL: https://d2mjzob2nc713b.cloudfront.net/widget/widget.js?v=2a338b8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.91.175 -, , ASN (),
Reverse DNS
Software
gunicorn /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.firstleaf.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
416
content-type
text/html; charset=utf-8
date
Tue, 04 Jun 2024 20:33:21 GMT
server
gunicorn
getuidj
ib.adnxs.com/
29 B
1 KB
Fetch
General
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.153 -, , ASN (),
Reverse DNS
Software
nginx/1.23.4 /
Resource Hash
284c254cf1ccbea663a3fa7cd38e86b02cccdd6eb8dbb7b5077ad54996eb374b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 04 Jun 2024 20:33:21 GMT
an-x-request-uuid
19d4897e-e371-49c7-a8ab-bc913d9d093f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.firstleaf.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.10.204; 80.255.10.204; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
app.cybba.solutions/event/2856/
79 B
448 B
Script
General
Full URL
https://app.cybba.solutions/event/2856/generic?data=%7B%22userId%22%3A%224335889946999711%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%226139521776042421798%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=40747341
Requested by
Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/2856/loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.197.61.175 -, , ASN (),
Reverse DNS
Software
nginx, nginx /
Resource Hash
688bb96efcfd7b990c9a29720a8e9a7b55ce91354ad4a33f4e8251228c292cfa
Security Headers
Name Value
Strict-Transport-Security max-age=3600
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 04 Jun 2024 20:33:21 GMT
Strict-Transport-Security
max-age=3600
Server
nginx, nginx
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;; charset=utf-8
Cache-Control
no-cache
Connection
close
X-Robots-Tag
noindex
Content-Length
79
x-process-time
0.0012538433074951172
Expires
Tue, 04 Jun 2024 20:33:20 GMT
triggered_email_attribution
app.shop.pe/app/
29 B
69 B
XHR
General
Full URL
https://app.shop.pe/app/triggered_email_attribution
Requested by
Host: www.firstleaf.com
URL: https://www.firstleaf.com/43-045885a313a9d7be16f4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
85ad9c4586b439a1f2ce5516c218bed3c64110ac93bb7c916894240392503053
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.firstleaf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 04 Jun 2024 20:33:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
nginx
x-frame-options
deny
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
p3p
policyref="/w3c/p3p.xml", CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
application/json; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
triggered_email_attribution
app.shop.pe/app/ Frame
0
0
Preflight
General
Full URL
https://app.shop.pe/app/triggered_email_attribution
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.244.1 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options deny

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.firstleaf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, X-XSRFToken
access-control-allow-methods
POST, GET, OPTIONS, DELETE, PATCH
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 04 Jun 2024 20:33:21 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
x-frame-options
deny
favicon-32x32.png
www.firstleaf.com/
1 KB
1 KB
Other
General
Full URL
https://www.firstleaf.com/favicon-32x32.png?v=7b7f9aa145c31aa0e609358ef9dd6eff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2cf6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1b6421aea2826dd24de09eecdb38372dc0b2d3156f6218a1ced71e5678e148

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 20:33:21 GMT
via
1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1238
last-modified
Tue, 10 Jan 2023 16:53:12 GMT
server
cloudflare
etag
"8e44e6953a41676b481d160e68df4fd6"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
88eab28dbb1b03b0-FRA
x-amz-cf-id
KCRV7fGkcZPaKecPui6aRQ5Q2qTZA0RhYikKU-OTvV7i-BT_uLfCbw==
existing_users_dynamo
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com/initaldeploy/
0
0

pageview
app.cybba.solutions/event/2856/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=21B7F233A8484D38AD5208B64D39DC63
Domain
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com
URL
https://b0vbfk2zr6.execute-api.us-east-1.amazonaws.com/initaldeploy/existing_users_dynamo?user=6139521776042421798&shop=2856&version=1
Domain
app.cybba.solutions
URL
https://app.cybba.solutions/event/2856/pageview?data=%7B%22userId%22%3A%224335889946999711%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8%22%2C%22generic%22%3A%7B%22itemId%22%3A%22DE%7CBavaria%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=36254479

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer object| OneTrustStub function| OptanonWrapper object| GlobalSnowplowNamespace function| snowplow string| pagePath string| ___webpackCompilationHash object| ___chunkMapping object| webpackChunkfirstleaf function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| __cfBeacon object| google_tag_manager object| google_tag_data string| OnetrustActiveGroups string| OptanonActiveGroups object| RB object| f string| cookieName string| cookieValue number| expirationTime string| date number| dateTimeNow function| fbq function| _fbq function| pdst boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| AddShoppersWidgetOptions object| otStubData object| cj object| __core-js_shared__ number| 2f1acc6c3a606b082e5eef5e54414ffb object| DD_RUM object| regeneratorRuntime object| asyncRequires object| ___emitter object| ___loader function| ___push function| ___replace function| ___navigate string| _fs_loaded function| _fs_shutdown function| onYouTubeIframeAPIReady function| spdt function| UET function| UET_init function| UET_push object| sifi_att_42656 object| zEWebpackACJsonp function| zE function| zEmbed object| CJApi object| cjApi object| ueto_f97ab0827d object| uetq function| ju_init object| __SENTRY__ object| Sentry object| webpackChunkStripeJSouter function| noop function| Stripe function| setCookieCYB string| shopUrlCYB function| createCybbaPixel function| createCybbaScript function| loadTTDCybba function| waitForConfirmCYB object| _vteq object| AddShoppersLoader object| AddShoppersLoaderErrorHandlers object| Optanon object| OneTrust boolean| zEACLoaded object| DIGIOH_LOADER boolean| SENT_LIGHTBOX_PV function| AddShoppersTriggerRunner

46 Cookies

Domain/Path Name / Value
.pslogin.perkspot.com/ Name: TiPMix
Value: 36.53970973085059
.pslogin.perkspot.com/ Name: x-ms-routing-name
Value: self
.perkspot.com/ Name: perkspot-auth
Value: eyJhY2Nlc3NUb2tlbiI6eyJhdXRoZW50aWNhdGlvbk1vZGUiOjAsInZhbHVlIjoiZXlKaGJHY2lPaUFpVWxNeU5UWWlMQ0FpZEhsd0lqb2dJa3BYVkNJc0lDSnJhV1FpT2lBaWFIUjBjSE02THk5d2N5MXdjbTlrTFd0bGVYWmhkV3gwTG5aaGRXeDBMbUY2ZFhKbExtNWxkQzlyWlhsekwxTjViblJvWlhScFkxUnZhMlZ1TFRBdlpXRm1NakEyTlRsbU56YzRORE5qWWpreVkyWTVZV0k0TUdJd01XVmxaamdpZlEuZXlKcGMzTWlPaUpvZEhSd2N6b3ZMM2QzZHk1d1pYSnJjM0J2ZEM1amIyMGlMQ0pqYVdRaU9pSjJjRGw2YkRSbU9IZDZlV054TjJGek0yMWthU0lzSW1OdmRXNTBjbmxmYVdRaU9qTXpMQ0pqYjIxdGRXNXBkSGxmYVdRaU9qRXdOekFzSW1GMWRHaGxiblJwWTJGMGFXOXVUVzlrWlNJNk1Dd2lkWE5sY2w5cFpDSTZNelV3TlRnNU9UVXNJbVZ0WVdsc0lqb2laR0Z1YVdWc2JHVXVabTl1ZEdWdWIzUkFiMk5vYzI1bGNpNXZjbWNpTENKemRXSWlPaUprWVc1cFpXeHNaUzVtYjI1MFpXNXZkRUJ2WTJoemJtVnlMbTl5WnlJc0ltbGhkQ0k2TVRjeE56VXpNekU1TUN3aVpYaHdJam94T0RFeU1UUXhNVGt3TENKcmFXUWlPbTUxYkd4OS5sa1pEX3NnbFMyZGR1SkFJME9SNXJ6NnRFT0syTlBWRzV4T0N3ZzUwWHlsdEdlSXhEV084NzVsOUxCbHZoYW10S24tU0dVbXpZcFUzVmVGNkxtaUdzM0I1ZmYxV0ZQYTlhSzJxTm5wMzV6VjNFZHVvcHRUcC1YZDBqQnBXSVRJbzF4SlNXdUVmenhoT196Q1dIWEZuZlBhRGFjb2hTZU1NcTBzVUZTbzV1akFkWmtWXzJVYWpLbl9tQ0FDc1Y1d21PbHZzZ0tVMkdnTGt4Y1pDVEU4cFpyclJLLUFETjQ1RU44UmVFWlN1cS1MaXR0TUVaV3I3MHVvRGN2OWdkQmdCSTU3UjdxQXZXNVVDSFFLYkh0R3cxNmpwWF9zX2pjbk54c3diVVpjTDhCRWtRSUY2Y1o0NGM4T0xFcDhfbHhOdjJUMTRGV0ZFV2hhbG9kZUtMY1hMMlEiLCJleHBpcmF0aW9uIjoiMjAyNy0wNi0wNFQyMDozMzoxMCswMDowMCIsImlzRXhwaXJlZCI6ZmFsc2V9LCJyZWZyZXNoVG9rZW4iOm51bGwsImNsaWVudElkIjoidnA5emw0Zjh3enljcTdhczNtZGkiLCJ1c2VySWQiOjM1MDU4OTk1LCJ1c2VyRW1haWwiOiJkYW5pZWxsZS5mb250ZW5vdEBvY2hzbmVyLm9yZyIsImNvdW50cnlJZCI6MzMsImNvbW11bml0eUlkIjoxMDcwLCJraWQiOiJodHRwczovL3BzLXByb2Qta2V5dmF1bHQudmF1bHQuYXp1cmUubmV0L2tleXMvU3ludGhldGljVG9rZW4tMC9lYWYyMDY1OWY3Nzg0M2NiOTJjZjlhYjgwYjAxZWVmOCJ9
pslogin.perkspot.com/ Name: communityId
Value: 1070
pslogin.perkspot.com/ Name: SessionHolder
Value: 77da166a-316c-47d1-b682-999baa4ccdab
pslogin.perkspot.com/ Name: ps_sid
Value: 77da166a-316c-47d1-b682-999baa4ccdab
.ochsner.perkspot.com/ Name: TiPMix
Value: 97.53992072124096
.ochsner.perkspot.com/ Name: x-ms-routing-name
Value: self
ochsner.perkspot.com/ Name: SessionHolder
Value: 93ceaea9-bd0a-4e28-8b13-5914a943d5eb
ochsner.perkspot.com/ Name: ps_sid
Value: 93ceaea9-bd0a-4e28-8b13-5914a943d5eb
ochsner.perkspot.com/ Name: __RequestVerificationToken
Value: iNTSDbrw2c-EsYRIk0xeWa-yU5m1rsg0YohdLH2KNEWEyZaFJDuKdVUh-BGVW3J9HYioyhJ9lFyTTRfb9-rLNehhTx5RjeYdRpvENsYDnW7I84l-mRhc2TT6NGrDRTXnccj7FO8UH1Wt0I97mrOIMA2
.ochsner.perkspot.com/ Name: _vwo_uuid_v2
Value: D50867EE89CB91C169C4A9A99CFAB6655|71e78da7062a956bf548c5fafd0cf4ee
ochsner.perkspot.com/ Name: ai_user
Value: f0fXoYNLo5k8vi3a2BviVr|2024-06-04T20:33:15.203Z
.perkspot.com/ Name: _vwo_ds
Value: 3%241717533192%3A78.59353534%3A%3A
.perkspot.com/ Name: _vwo_sn
Value: 0%3A1%3A%3A%3A1
.perkspot.com/ Name: TLTSID
Value: 42970361454662089624209081955675
.perkspot.com/ Name: _vis_opt_s
Value: 1%7C
.perkspot.com/ Name: _vis_opt_test_cookie
Value: 1
ochsner.perkspot.com/ Name: ai_session
Value: A6lV1fXRdpZDwNWFuTOuoJ|1717533195409|1717533195409
widget-mediator.zopim.com/ Name: AWSALBCORS
Value: Sg+2ck0Q0Kc0yIMpYiHq+EpskknbfeMWIvrqA61eWp6RkK4l1wlcaAuGC6p5nW2nxgYoZ/EuOdVlArdn8sPTV4wCNQEmITBA98vC4zVkIuo/4Q6vdsoQScfHBNzw
.perkspot.com/ Name: __zlcmid
Value: 1M6mloR7h0gX4lw
.dotomi.com/ Name: CJSession
Value: ba40b4ef-f391-44b3-8e43-7daddf8fab96
.dotomi.com/ Name: cjae
Value: rUDbmUylDx20
.dotomi.com/ Name: DotomiUser
Value: 400505746669258717$0$1
.dotomi.com/ Name: LCLK
Value: cjo!x2pz-dhtj7tq
.emjcd.com/ Name: S
Value: 400505746669258717:rUDbmUylDx20
.emjcd.com/ Name: LCLK
Value: cjo!x2pz-dhtj7tq
.emjcd.com/ Name: CJSession
Value: ba40b4ef-f391-44b3-8e43-7daddf8fab96
.firstleaf.com/ Name: _sp_ses.bd58
Value: *
.firstleaf.com/ Name: _sp_id.bd58
Value: 58e786b8-3da2-4bfd-ab7f-17bc885588d4.1717533198.1.1717533198.1717533198.b22d40bd-970d-42b3-8436-945a9f6078f7
.firstleaf.com/ Name: FL_Referrer
Value: 2
.firstleaf.com/ Name: CJEVENT
Value: acc3f46022b111ef832ee4cf0a18b8f8
.trkn.us/ Name: barometric[cuid]
Value: cuid_665f7a0e-1452-4736-a882-88fa84a5414c
.simpli.fi/ Name: suid
Value: 21B7F233A8484D38AD5208B64D39DC63
www.firstleaf.com/ Name: __pdst
Value: f5333f3284914eafaa4441d89a4e788c
.firstleaf.com/ Name: cjConsent
Value: MXxZfDB8WXww
.firstleaf.com/ Name: cjUser
Value: 21318c99-4930-4af1-9f4a-44674f5fe53c
.firstleaf.com/ Name: cjevent_dc
Value: acc3f46022b111ef832ee4cf0a18b8f8
.firstleaf.com/ Name: _uetsid
Value: adb18b6022b111ef99d7fdce064dd159
.mczbf.com/ Name: cjevent_sc
Value: acc3f46022b111ef832ee4cf0a18b8f8
.mczbf.com/ Name: cjConsent
Value: MXxZfDB8WXww
.mczbf.com/ Name: cjUser
Value: 21318c99-4930-4af1-9f4a-44674f5fe53c
.firstleaf.com/ Name: _uetvid
Value: adb4207022b111ef9893c3dbaf8bd2e2
.bing.com/ Name: MUID
Value: 2016817B61C96AC0279F95EF60426B8B
.lightboxcdn.com/ Name: _cfuvid
Value: z_LEUZyVIz3jr27lx5Is5.W88dA.6.Xu1cCr0mga_ng-1717533199135-0.0.1.1-604800000
.firstleaf.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Tue+Jun+04+2024+22%3A33%3A19+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&version=202401.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.firstleaf.com%2F%3Fcjdata%3DMXxZfDB8WXww%26utm_source%3Dcj_affiliate%26utm_medium%3Dcpa%26utm_campaign%3D1850771_12%2BInteractive%2BLLC_2097062%26utm_term%3D%26utm_content%3D15528858_Firstleaf%2BPartners%2B-%2B6%2BBottles%2Bfor%2B%252444.95%252B%2BFree%2BShipping%2B%252F%2B12%2BBottles%2Bfor%2B%252479.90%26utm_subcampaign%3D2097062%26cjevent%3Dacc3f46022b111ef832ee4cf0a18b8f8

97 Console Messages

Source Level URL
Text
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=21B7F233A8484D38AD5208B64D39DC63
Message:
Failed to load resource: the server responded with a status of 401 ()
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://idsync.rlcdn.com/419566.gif?partner_uid=21B7F233A8484D38AD5208B64D39DC63
Message:
Failed to load resource: the server responded with a status of 451 ()
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=21B7F233A8484D38AD5208B64D39DC63
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.firstleaf.com/?cjdata=MXxZfDB8WXww&utm_source=cj_affiliate&utm_medium=cpa&utm_campaign=1850771_12+Interactive+LLC_2097062&utm_term=&utm_content=15528858_Firstleaf+Partners+-+6+Bottles+for+%2444.95%2B+Free+Shipping+%2F+12+Bottles+for+%2479.90&utm_subcampaign=2097062&cjevent=acc3f46022b111ef832ee4cf0a18b8f8
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.perkspot.com
X-Content-Security-Policy frame-ancestors *.perkspot.com
X-Frame-Options SAMEORIGIN SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
addshoppers.s3.amazonaws.com
api.firstleaf.com
app.cybba.solutions
app.shop.pe
assets.zendesk.com
az416426.vo.msecnd.net
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com
bat.bing.com
bcp.crwdcntrl.net
cdn.cookielaw.org
cdn.pdst.fm
cdn.rollbar.com
ce.lijit.com
challenges.cloudflare.com
cj.dotomi.com
cloud.typography.com
cm.g.doubleclick.net
connect.facebook.net
ct.firstleaf.com
d2mjzob2nc713b.cloudfront.net
d2rp1k1dldbai6.cloudfront.net
dc.services.visualstudio.com
dev.visualwebsiteoptimizer.com
eb2.3lift.com
edge.fullstory.com
ekr.zdassets.com
email.perkspot.com
fbapi.firstleaf.com
fei.pro-market.net
files1.cybba.solutions
geolocation.onetrust.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
images.firstleaf.com
insight.adsrvr.org
js.adsrvr.org
js.go2sdk.com
js.stripe.com
lib-us-1.brilliantcollector.com
loadm.exelator.com
manage.safeopt.com
nytrng.com
ochsner.perkspot.com
penrosehill.zendesk.com
perkspot.zendesk.com
pixel.rubiconproject.com
pixel.tapad.com
pro.ip-api.com
pslogin.perkspot.com
psprods3ep.azureedge.net
rbv9j7km.firstleaf.club
rbv9j7km.firstleaf.com
rs.fullstory.com
s.ad.smaato.net
sentry.io
shop.pe
shopper.shop.pe
simplifi.partners.tremorhub.com
stags.bluekai.com
static.cloudflareinsights.com
static.zdassets.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
trkn.us
um.simpli.fi
unpkg.com
url1941.psmark.perkspot.com
us-central1-adaptive-growth.cloudfunctions.net
us-u.openx.net
www.emjcd.com
www.facebook.com
www.firstleaf.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.kqzyfj.com
www.lightboxcdn.com
www.mczbf.com
www.p.zjptg.com
www.rtb123.com
app.cybba.solutions
b0vbfk2zr6.execute-api.us-east-1.amazonaws.com
sync.intentiq.com
104.115.82.24
104.16.51.111
104.16.53.111
104.17.3.184
104.18.70.113
104.18.72.113
13.107.238.51
13.32.13.117
13.32.145.105
138.197.61.175
142.250.181.228
142.250.181.232
142.250.184.194
151.101.0.176
151.101.192.176
157.230.230.25
157.230.94.108
172.217.16.194
172.217.18.3
18.194.241.18
185.89.210.153
2.19.244.177
20.50.88.238
2001:4860:4802:36::36
23.56.201.9
2400:52e0:1e00::1081:1
2600:1901:0:8eee::
2600:1f16:ebf:1f02:eb82:36ec:bd97:2494
2600:1f18:612b:4264:551d:13a8:79ea:bf3e
2600:9000:20ae:2400:d:87ae:bb80:21
2600:9000:225b:b600:16:4ed5:12c0:93a1
2600:9000:237d:be00:1b:5138:8a40:93a1
2600:9000:26db:6000:d:370a:51c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:2cf6
2606:4700:10::ac43:8e4
2606:4700:4400::ac40:9b77
2606:4700::6810:4f49
2606:4700::6811:f6cb
2606:4700::6813:b134
2606:4700::6813:d483
2620:1ec:bdf::42
2620:1ec:bdf::67
2620:1ec:c11::237
2a00:1450:4001:812::200e
2a00:1450:4001:82f::2008
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.215.5.161
3.33.220.150
34.111.113.62
34.251.32.20
34.255.230.248
34.96.102.137
34.98.64.218
35.186.194.58
35.186.247.156
35.190.54.17
35.201.112.186
35.204.74.118
35.227.244.1
35.234.162.151
35.244.142.80
35.244.174.68
46.228.174.117
51.77.64.70
52.217.97.84
52.222.169.53
52.72.130.114
54.230.228.22
54.78.254.47
67.225.220.126
69.173.144.139
75.2.91.175
76.223.111.18
89.207.16.75
01a6571de875629cd204157ffb77bdf6787f80ecbafacae73c1cc4f893eb43a6
01af466f48d14857d97a67cd7025ce67c8a0b9ca83ddb6d3f313c7369c432868
02d0cddb81ecbfffffc3b2eba469a45372e7cc0244222faa422b502b3046a509
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
03f0619fa53beb8da371427175c6f4d0df5b3b0b8a3572a3bfaa160318295b66
04e86fcf247e2d9809596331db17a2a0d3efe9c9bf1d8d9babd04645286ee68c
05069cc62b394b6ecc2daf3c51b4b2ba7f6cc8735988e8234487234af47eceee
0957d3f57a55721932bb9108206408cf1ab73cb07b68c906b0bae5b33d6c86da
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e8abd9abf618f3004615d16dbe6d2fb4ba97e5bde8381a1fe2641c989cc9d6e
0f2a70caf9e4a17da7c2a145e34625f90d4031f5ed7b690657a514c5c89e26cd
0f7c8ca4341ce357e0424f80dd36181ae812a3449b09b5d7e804133df7c30ebf
0f88056ae93eb3934cd9cd312a9766a14afadf3cb20c1d2a07d8a8d5344e46bc
1045430f393626478daa15a99c433956371eb7363b26a5239f721f014ba52fa0
10a9fb33e08a93b89c3365895199b512887263e05716811dfedac593db29a3f4
122604dbe0e33b2a80cff78e90bd1aefe742828d19a66b357bde8c250035ca33
12a71a8d2d1307f74607a807ceb66a66f427a11d65538021190b620efcb0bb3e
136aadbe4eea0b2a6b68a3ec2cd24be6002dc085376ae638768db1d2834c653b
1415968c3140de6e284d1cfb23dea33007c6a6d330266e79285435391c5eb6ea
17baaf0620679e688805c54583243a34e8491165c5f1029c16977bae6a5f76c0
1837f042b4fc484360f5c6c95f266846218f5293833687d8409863f8d1e30490
18aeba875cb986ff0c9bad79ba5b2b36158f50923f6f4c4284e61e1f2b84536c
19bdfcbcd23b5134cd377c78bbf03971926795fa6398c62599782d4d6e381620
1b042c650b6af4874dfcad48aa7fd53dc9b32a444a96fba1f7161a02607907a8
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
1f8b1e7f9cadc01a60f84f57941f4906b23a5f03b003bc910ae4a0adbf4e01ab
205c86a65825a5cae580606dc8db260aba5150e8e664ce82429210373dc55500
2100fd166e7a374addee5e144031fd5bb4a71446aea6f38685a63a35a10516d7
236bc97a188e4940fec1bd29c0f58b4e1bcbacd475911604e5f0016c1a39f12e
248545e3f805a6f3ff979c55e0e3951a2fa6f1018529b99f291e93c7a803ee1d
24eb53eabe33e11103a138ff57db03bfc503990300bec8d827b0bc8888f33a85
255733aa26ecbe1a2608fc086d6b510fafce3647ad1ddf22392c390a1306e640
258d39625e15cbce053f80b72dc2f7ca999fc5a6943fb10e75e3cb2126be996e
258f0c1f40274ff457f064996c7e0b94b5d57001f335439881d9e4ca9748436e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
265ec3f5c3f81755932ce9e735f44dfb9bfbec532499d537b6e6c010ceb73ea0
265ee206b3bbec34580c9ccd3d5c99b07aab46a6979b8b6c6d8ad7795ec8d29c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
284c254cf1ccbea663a3fa7cd38e86b02cccdd6eb8dbb7b5077ad54996eb374b
29096421d65f89dbc13eae16c384c9740d9501763d3e205b640ec6c8ec9ddead
292105f3e2b9986f0cd0ccdbd5e7b6c77ac28631b7177931cc503b6a131a9496
2bb8bd87e231ac9f9f22c98b1aae09d04ffc1bed75d096dacf0e629473151074
2c472f5fc6038aa27db8aa76648236f916446c78b691d4211ef95a546411ca8b
2e12b8472ff73f375d686384a427ddfcdef02c8b5e0d95756f60da35c9ad5257
2eaeac41fb882ea71147095af18b42229c7039e7ca7172077118b4f1a1427837
2f3fcf5221eab4ec22a205ce0368fc823df1f7331a19358975166ae170978973
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fef107653c701e27e261629b2811d42812092e1a84dd37cf78505f2fc8b9263
3231117db58989506eb883fa287dcd077b23d91e9deebc8e14a7d13c9756b53a
3235f2fbf9e2142357ed4a2a96e684976b5c0928dfe3419edde88e9b030678f9
34466fc68533c14d790da043c86dd38955d40207eb37dd1e78e50ff0a4847b7f
34d47e495f9f683e26f67a8757fdd6053f8a9bc1d95d1ffe1c69358567105a44
356c4544c456b989861d78d9cb42a8e8625171a6eec736fa2f5424601d985a42
371ac67deea0ac8c452557a001a3aed65c29f6c550d2e1e85c2fbe3fb85b3ef7
39f6aced528e1c221ee02c35a0dc94817de422dccf470e73e235f999b4c46a80
3c2a394ecfa4f9b4c1fa348b40019e2b1c9d576ea84a30630411211a8ede3e3a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f7e683e432438eb81fd7c0bcfe2df76b0ed1e2004fad6bcd4bb134094bd360d
405fbe83464869d07a363774c6b85f4e198cee730a5495f9e0f9de7f279a4311
4062edaf750fb8074e7e83e0c9028c94e32468a8b6f1614774328ef045150f93
40662fc59b620cea1d6acb03132679fa5e17b18db667564d1017a3b8bb13fd79
40f2d552c0db3ead874ec52bf624d9ec88007d8b659cd7189fecc3ff19d3d248
424ce4e99e7476fca8e9d27d6c15b60466ab7cf1c7d7c896e1c63f7cd6a818c8
42ae1eb8cc55b4e2382e02323c96a40e80432d3e810bce85f10c75ddacbd2e2b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448d4d591156a0c14d4990f575daea57d7ca5ae8bb4021fc38d66445578e77b3
45fdcedbeb833ea40206c98dfcbfa73842f72d53f166a26b47ecc3b01a55286d
49e44366a56a91fd7870e6427b68d01a63cf56679eb0d5406542b6244bb379fb
4abfc20341515e0793cc89ece1d464349fdc7675f925e473fd6d99a0cc18a8b8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf2a49af363df5bd71810d0563a98f40dd311f3cc4fa803ad568bc2e064d893
4da730e82bd43b52b497ed1364d6fa2b901968df6325b9ac8b0f4bdef20c22b5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e179f02938f9d51112f3c6a38e0fedb36ba1c24708244bf4fe42230afed49cd
4eb1ca83acf3409e1a0553e0d84cec3787630361ec5668dd1dde93860f3bc357
5079c2044ec67bf73a5e412ccd6a94937df21a933b67aa05537651d828b08688
50cf303cfaa020fcbedd6ad1bf045a008cbb88dfc792f731f07235dd1ca13599
51b06909334339bd5f4027e70f4d2fd30a2a3977ee44cce7385b908ec8f51903
51b1a105286a5a2b40636abe563ec29f44a9567ab90dd0fb05c4b051bc49cae7
52fd5c320b67a491a9d86e9e8a6cc9e98a1f3d4e20019ba938c962818bd035b2
54110254da981767cfa5127026136b5553df4eeba82b9fd36666445a11346189
55af9a94aa072cf5c093d7269bd98cec30ecade6ac2bc94dc9b47758630f4ba5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56803e8fac0559c6f22f3b7ab50580285d4b64e77fefe70496e347483ad2e195
5a0839a70494ec741f3d86d0a3c586be820886d3e5407016453a31ee304d0266
5b0d97d8d201c90904940d02e81c29041bfdfce0ee774dd8224de6eda208f961
5b1043a0dd1a57bddb307b2bac12686151292cf08f095b86d5702a531f9413af
5b5bb6b017ac0ac368ddddd713df7f918eeb1d86fbe3ef7895f040f170b15699
5bd4ed71008e5c241321562a82cb6d535d7db6b7fbd3783896a96ae48d5211f3
5d3238f57e3ae44a7d0b2ef513ff2e8cf9afaf6e442f5fa5a575c4f8efd0290e
5d5ac92cc9565d62cd713fe2d946793ffb805012b57f610830403afb67907030
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60035f8d3292fc0b3155089baabc76fce2178f8d104ef606e4e31cbe0a2803b2
620a97911c6964bfc7cfacf4df74b3ba598ef728f2117675d171e4c62d500add
623c33b9ef9f3871f596b2f721d622b8c4a530b147cc6a9ec2e405f89fe68f7a
62dbaef1df407eb482db1fc0216896a185b5fa38224df4c3bcb8ac5785277785
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64579265ac53250228d0e6597896c3faf62fbcd2af4525187ff6c7aca3a941ef
645ab215148e00ab2ba3fdfc7caec9aa6d0cd5a672078f1d033a01e0f5a44864
65e4d18477e0e194ae2b3848fe053621a40508eeb817ab8c832b8005edd2c6af
688bb96efcfd7b990c9a29720a8e9a7b55ce91354ad4a33f4e8251228c292cfa
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
6aa2e6166c7e04afa18a7adecff919c61d92877b2285d2aef27127476e4b538a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c54090ff41e10e45e8d9f5b1a493db89c09a102305e71939bf7bf535fffea16
6d8a9076b5887859a16d3d9264b4d27f4ec0412e1ef51e43cbb1d8f1eaf07541
73ba50c044ef4809059993250ca1be51372dffb3f9aa4c9d759176b146a74ecd
74342d26027f9f21a160adb21dea7121e79456c5e7e05579177c6bea0553a7b3
747a09321aacb9796be726ab2490560a06c01a7171ef773d58670cc575fe22e5
752b0df67450b460c6070644d74502a5ee3bf5f7681cde08b88b9a565ea7d900
75abe68aefa57c71e32c2a41bc8d4e55918f581d76029cd09184f4a686e16885
76390c8f01397fe473dd1a9689e94caea2a001592c7b71bc85410c388078d304
777b4b4a083fe36afca14edfa9de06db28dacfe106659598d9c88f576428e2d1
77ddbbaa5177966bea803a36f5e4b512969529bba2f61e6524571e49182d0edc
78e04595db9933ecf5e24650b1501604f66e2d977befd16f85f449e378aae9b3
79304d689151775ea29bf5cd88088cab3584d5267a3aefa1e8260fd668df9386
79990ca8962ccf1d3948a73a50bcdc3d4a671ecc49c2f59f2db84cf7c7b552a6
7b8ca6808841631e8986d8a43b2b27636a2798b634857d8371a25aa242a8ed15
7ba93f0c1f5b72395ea5024e97ba149d96cffbe73e8e4a2546921ba3404f146c
7bf41b7acd29338b627e442e1c2fc60830496612a8f29a953aa09a2e544fa434
7e4a4d483e6cb4667bed478a5f53e7c24bda8c91025757357eca32835fd69d97
7ed8e48609e218aece99f83120c470278732e49fa4aa008eef438954ce8396bb
7fc84cd40ef02e70aa5996747df4659e7ea7da89f8d108eabac6e589cf34090c
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
84202b70bdd60a2d4d292c955cb907a98ff6c96939d043aa3aeb73cddb7ff14a
8444915c7d150ad579f3e581586b2653e06238571c3c7c2bc50432943fac3b57
84aafd3b0424d927bd3bcc5d9a9d1a194d229fd26021e29643a85f1526d4726c
84d7a648ca04cccfc1f7353206a38dfb8e8d83917581b6e4aabbb32fdf96d7b4
85ad9c4586b439a1f2ce5516c218bed3c64110ac93bb7c916894240392503053
87ab28f982528ab1259f99a8c040c11ceb6161e038c8ca1dce09651718058d1d
89032564e6d3f942b5fd3006a7400053eaa8b41669312bca3c2439519f51e9d4
89290d4672ac1ce466302360408c73c96d10cc7ad67a4a3f972563c88efc1b67
8a6d19321dde38e335a0d585c0a5e083e7ed041bca02a1152c8157112cf15164
8b333edfba237a23eccd269faed9f51d3430824ba342db01043166bf8a7d1f09
8c79e4569e88f2104a0181ddd9428c78b94ee022fc5694a1c4c8805b5fe98560
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
8cbc6dcd7a381454f1aa9968e8213c7f46620a43e4f38ac4d248aec2c422547a
8d171bc5152bfb08047c65650bff8f1828cc63f53d95bacd4ae24a3806607c27
8f235d19f5cf10061b266c784723b2829a7acab9b88ac8924b5aac3d0be0b438
901bb0e03b8c3c0a1cf4c487a177417328bb7d8c94106ecefceedd7d7f6c4ddc
90a531b621d2e8b6d11496fa4dceb4e3a66b73b0453ed8140b7a3b094de729a3
98b1cfc36a0f3d40f2e7750ec4c544c44148745f86a584b49f4a73eb615be70e
9ad71bb2996ac89c0922d74c03405115600a0e9108c738f101c8b06e4dd59f62
9b62d8bb6ef0f7b2aaaffc6023c4c9f2de1a262a77cdbf55c0da18ff9a992a08
9c1b6421aea2826dd24de09eecdb38372dc0b2d3156f6218a1ced71e5678e148
9c7a9012153fb4c9b6448858a80fc1dc53e18a5f4c35b4eb73f476b954370aa5
9d119667c2e81e94f2b472e140074e3f61ad2e1344fc9a426c65a74f840cc803
9ef93342665779e972e36327617e91a5afaeb1aee603a3bf6bc78288203e22a1
9fd678871d5c502175e5233f33bb7c2cb09eda96eebfa139f527b72683f8b92b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b5013409a4dd0a10edb90daa4c92c08dd5277ece8ef414ea7288352bad7bd2
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a2b17634b816f9f50be58486e848dbdbe7d73600a8e4a1ab4403053ad5350774
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a491c75feed5de07c5670575157d1a18d8e0cec1254e9a4e09e35473fa20d015
a5e3256799bc9eb6a1ad57001ad69b0946e4532d103092dd0557c02d84e6b4a7
a5fdc3c049758de67218b318b4a6ca0f6d1f5069c1dfa938ea462133d5ab3cfa
a6972c49e66fe3c5026a1a1e26a06c49995cec36fc522cb56461f5cf0b2b2978
a6f7f75ba1ead3c1ec7462a8b611d4134ea5e35a55548555ae8740e09e53eb25
a731c8e7201b548a0fc418d1d6a68ba31a1fad59cd836e95906e5f3efa43acd8
a78545ff9d332fc6562856806b47f06b30d9c198b665e2da6cc38b772f0e0c8c
a85a67d9f4bb9e8573c9ef248e8e3ee59312a30048dd1e7649eb78b93b9f6c62
a899a0398bbfbb8343c67e83098446254c1609aae412962cff6929087135a51c
a9079e41a84e532c7a5f6363737595134c170c9b48a0ded5a2a1519524f6bf7a
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac37996ea31bb4a1009ab93325cd2e100f3a04159a10ba7d7335f8f9b6d8a430
aca66b739fcde148403f4735fd9091fbc02455deb4e6c186ea52cb71692f6269
b0984caa842a2742f3271f93672d42f9710b94712e52e03afe8cc48cd508f30c
b0cac1d717f7ebdef430e44e0c211f722a77f29207e553d69e69901276a7e224
b33ca70bf7322a53faf60a30476d07f1e888d457cbdb66f50bb3c0063d3c06dd
b4435b5ac2f1916ed1135fb1738a1cef87cb666f4356a6678fb1c77e1273f9e1
b66e62306d1b6f738c7095c9577957ff21f80d62ed611768eee45d1cf833512c
b8ff59d329d21518b345f0932febb24febe12b0143d9f56c31676c9bc5db2459
ba174758f3512e1225fb25acd56d073b71f92d5cfc332f4ab54a4273765528da
ba9dac5e99c68daea781ce9e6cd224e9355aeeeb55408e12963cb9d50aaae621
bb00d523e68fb6895d2fceb8b5af7e10d02b25f993ff22deef21c87367080c87
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb8f44264d68c7262a98c0ff3408e35c98df3173b17e4d4274554ba2050d7e4b
bd80c58cfa802442b76296864d6351cbd2018e97519701cf64c989ecb9ec94f9
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
c03f3488eeb6bcad6fa76499431ef68b5e0283c9eb8d71ed52851c14ff9f5d5c
c4d40b3150ea8494d850dc53c34d42806f60a5afeeddd14d64c667b4978f1921
caa21a65dd9e1df81a57e31bd7e5c336bf6de1d84912074baa5b85fa44744a4f
cb90630563e30e234ad66a39f4fe11f207a37232dd0b8de2e045299a41166a4b
cce753ae3b1e52fa4eaeff638550c3fea3040a4e4822adfc070918eb4f1e0b4e
cd2607bd1e0d28c5c660af6719320d3e1aaac939df14f8888c554c15f5e0ee3f
cd5c16184cae5cd33c6341b3f92ff062220589b5f52f494568754047c7c664e6
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7d99bfd85f20c422fac114ec71fa775883e8b430f1e20cdac1f5db187350a1
cf8fbc7a8ffcfe8bc7e2295e4d28b08680c72c965fb73143c48d9de35f353e13
d0d937b32b0a1fa6bbdcc5389f695a36147c1b3ba869ecc507b765adf0300393
d3ebb498192527b985939ae62cc4e5eb5c108efc1896184126b45d866868e73d
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d4c521d5535bd16fa41564dc19a2043f492e87104fc8089b9fca8040813a0f80
d52b4f234c5594531fe5d7b44dc0152721c4c1d8fa24fc1363e62d83dcf9b090
d706b4e3d196efcd7c73bb6e45a2adf171af07bcb7408123f660e06ec40caee6
d9e24b2a2c5ae741aba134a5764fe7267376ec85c5fa349acc18e4d21b600292
daefedd2e398c22660777ab5ef9484f17e983582e7e37acf86eedc070939b5b1
db4aa790f6662d4e06c67e22c11d1c4654dbf373d116c16f71ecb82ba5efc244
db65b86389437e8ceed8f5054e6a9875fb107322dd09d880c7f39c1037b5c4e1
db72946d7e5de9f5eedf02409003a70621fb312a412b20ad7101dce429f4c660
dcc13a5b15c95c847c3744584433ba0bcbbc857254a6ebf86e5dbd5446873250
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0cc97c5bb9ca54732ba180fdee703fab3e3c9f23b220a187de19348eb6e71f
dd7e3ece391682a33c28af9cd8a27168fe9da07dfb2ce47b62142b6815c904cd
dddf04d190be2e7006f807221d5f5852bf45a97c2aad4c66b1f0a1661efa7dda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4915a52982babc1ba87778cb1c1d68184fee5fe5d8133daf63ee37916d6b4e
e092bea366a94333d8ec48137987e2df19f61288f6e073032b2a8bdde6264d6a
e1cef3c9f2d582f913f12a16fe304c7d64bd80739793a9bf8d7d8978c311e294
e3aea053185642fa68771f64f22d4ac36bc0460ce86542e008efd81d3dfc54f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7aade347ff96ad3116b7832a0a8a48f32b5bd4e7f66492bc77b90c93ace9938
e9433f83f20500145850d5aabddced402dcfc94e310072e9a3f545df0bdb9f96
e9817ec5019a8c06a73dc786c1b9d33a8789524edcfac8072bdf57b57cae72d0
ea3f55cfeda1a9ae8fca4118eefbcc5101ba91bac201d0b906502108a434e17c
eba11dee09fd18ae7f53cc22c8148bdd86b39fba0b888976a97235e1cd953de0
ee917ea47cdb075cc4ad5fca582dcb91d431980ca4dadf7cdc36f34f38d5cd7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7c3ec15e1e423c22bab123027bd62ff8d14d0905051478fd115c3fcf482d56
f184432dd488ab3c95ed958bae7c5af3ba1ad6e2bcb7d922b9f04753b19be689
f2a1abbb9637f0eace228f691af8b0fcf3524dba20769d8dd7457b03ece2c55b
f2b3af7627754fb77e81a93ea2f16b79b2031053d89874185cae2c56a483d08c
f3fa27efb7fa0336505319590fa396a9672fe9e3607dea0b2fa820329d52e763
f4aaa18c55c90588c5e828e56dcc6b2cb0acf9a4280494c7d1a53fc5e3669112
f4e54d8b5abd14920406ad0ce9ae99de43df27b0b8121a25e93536c8b27ab2ca
f522064ef3128192543bc2ad3d808e9f51c454868686aca8687f394e68fe3acf
f7b78ab3994d3f6de37b359cc3d243d44caca23578c342b6f3966dda1cb9fd70
f83e9b440122162e26168f780eb567cbc84a351c4728c3cc8bd3679e8e362ff9
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7
fdfea52427fb822bebdd32b325768e73b40637bd203c100827d4dece88e431c3
fe742c630272483414ecb99846b0f5ea038985940c4a9a766894808d3220f62b
ffbc89001d744f391897c2e5e3103609c2877b745780a94fb574e3249cbc0314