leonardo.xrserver.com Open in urlscan Pro
2606:4700::6812:1fde Public Scan

Go To Rescan
Add Verdict Report

URL:
https://leonardo.xrserver.com/
Submission: On January 28 via api (January 28th 2024, 8:46:18 pm UTC) from US — Scanned from US

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 1 countries across 18 domains to perform 57 HTTP transactions. The main IP is 2606:4700::6812:1fde, located in United States and belongs to CLOUDFLARENET, US. The main domain is leonardo.xrserver.com.
TLS certificate: Issued by E1 on January 25th 2024. Valid for: 3 months.

This is the only time leonardo.xrserver.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700::68... 2606:4700::6812:1fde	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	13.35.93.9 13.35.93.9	() ()
2	2607:f8b0:400... 2607:f8b0:4006:809::2008	() ()
1	18.164.116.57 18.164.116.57	() ()
1	2600:9000:21d... 2600:9000:21dd:3600:1b:348c:b140:93a1	() ()
3	2606:4700:310... 2606:4700:3108::ac42:2bc4	() ()
1	13.226.139.75 13.226.139.75	() ()
2	44.236.37.60 44.236.37.60	() ()
1	18.238.49.45 18.238.49.45	() ()
3	54.187.119.242 54.187.119.242	() ()
1	107.23.99.87 107.23.99.87	() ()
2	2600:9000:20b... 2600:9000:20bf:c800:19:7d10:bd80:93a1	() ()
2	2607:f8b0:400... 2607:f8b0:4006:80e::200e	() ()
1	2607:f8b0:400... 2607:f8b0:4004:c08::9a	() ()
1	2600:141b:700... 2600:141b:7000::173f:f033	() ()
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	() ()
2	54.230.163.80 54.230.163.80	() ()
1	44.239.78.117 44.239.78.117	() ()
4 5	2620:1ec:21::14 2620:1ec:21::14	() ()
1	13.107.42.14 13.107.42.14	() ()
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
57	23

16 2606:4700::6812:1fde (United States)

ASN13335 (CLOUDFLARENET, US)

leonardo.xrserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504767521292288.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.93.9 (None, )

ASN- ()

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:809::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.116.57 (None, )

ASN- ()

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21dd:3600:1b:348c:b140:93a1 (None, )

ASN- ()

r.wdfl.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3108::ac42:2bc4 (None, )

ASN- ()

cdn.paddle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.139.75 (None, )

ASN- ()

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.37.60 (None, )

ASN- ()

vitals.vercel-insights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.49.45 (None, )

ASN- ()

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (None, )

ASN- ()

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.99.87 (None, )

ASN- ()

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20bf:c800:19:7d10:bd80:93a1 (None, )

ASN- ()

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::200e (None, )

ASN- ()

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:7000::173f:f033 (None, )

ASN- ()

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.80 (None, )

ASN- ()

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.78.117 (None, )

ASN- ()

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (None, ) 4 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	xrserver.com leonardo.xrserver.com	2 MB
7	stripe.com js.stripe.com q.stripe.com m.stripe.com	150 KB
6	linkedin.com 4 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	5 KB
3	paddle.com cdn.paddle.com	15 KB
2	intercomcdn.com js.intercomcdn.com	391 KB
2	facebook.net connect.facebook.net	70 KB
2	google.com analytics.google.com	312 B
2	stripe.network m.stripe.network	16 KB
2	vercel-insights.com vitals.vercel-insights.com	331 B
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	37 KB
2	googletagmanager.com www.googletagmanager.com	178 KB
1	facebook.com www.facebook.com	185 B
1	licdn.com snap.licdn.com	16 KB
1	doubleclick.net stats.g.doubleclick.net	249 B
1	profitwell.com public.profitwell.com	9 KB
1	intercom.io widget.intercom.io	3 KB
1	wdfl.co r.wdfl.co	5 KB
1	sentry.io o4504767521292288.ingest.sentry.io — Cisco Umbrella Rank: 358765	324 B
57	18

	Domain	Requested by
16	leonardo.xrserver.com	leonardo.xrserver.com
4	px.ads.linkedin.com	3 redirects leonardo.xrserver.com
3	q.stripe.com	leonardo.xrserver.com
3	cdn.paddle.com	leonardo.xrserver.com cdn.paddle.com
3	js.stripe.com	leonardo.xrserver.com js.stripe.com
2	js.intercomcdn.com	widget.intercom.io
2	connect.facebook.net	leonardo.xrserver.com connect.facebook.net
2	analytics.google.com	www.googletagmanager.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	vitals.vercel-insights.com	leonardo.xrserver.com
2	www.googletagmanager.com	leonardo.xrserver.com
1	www.facebook.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	m.stripe.com	m.stripe.network
1	snap.licdn.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	heapanalytics.com
1	public.profitwell.com	cdn.paddle.com
1	widget.intercom.io	leonardo.xrserver.com
1	r.wdfl.co	leonardo.xrserver.com
1	cdn.heapanalytics.com	leonardo.xrserver.com
1	o4504767521292288.ingest.sentry.io	leonardo.xrserver.com
57	23

This site contains no links.

Subject Issuer	Validity	Valid
xrserver.com E1	`2024-01-25` - `2024-04-24`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
cdn.heapanalytics.com Amazon RSA 2048 M01	`2023-06-29` - `2024-07-27`	a year	crt.sh
r.wdfl.co Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
paddle.com Cloudflare Inc ECC CA-3	`2023-08-08` - `2024-08-07`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M03	`2024-01-15` - `2025-02-11`	a year	crt.sh
vercel-insights.com Amazon RSA 2048 M02	`2023-08-23` - `2024-09-19`	a year	crt.sh
*.profitwell.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
heapanalytics.com Amazon RSA 2048 M02	`2023-11-09` - `2024-12-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-07` - `2024-02-05`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M02	`2023-12-01` - `2024-12-29`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://leonardo.xrserver.com/
Frame ID: C49A1150F898B947CD0ECAC602F56179
Requests: 47 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 6E78B0706A3B738EF9C846811A8F3207
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F8D471806FDC336B1948A60A648E0C82
Requests: 4 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.60152aab.js
Frame ID: 54D2CC761651C13AB8495DD018AF6B97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Leonardo.Ai

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Clickbank (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

heap-\d+\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

Rewardful (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

r\.wdfl\.co

Page Statistics

57
Requests

84 %
HTTPS

50 %
IPv6

18
Domains

23
Subdomains

23
IPs

1
Countries

3234 kB
Transfer

12222 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5627308%26time%3D1706474770463%26url%3Dhttps%253A%252F%252Fleonardo.xrserver.com%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKnwt81caxStAAAAY1R0pMHf_ifW_DgnJFifP-4zdG_mqC0DaTmnMcL9SPK-Bj0uSD7uHg

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
leonardo.xrserver.com/ 25 KB
6 KB 449ms
281ms Document
text/html 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8170ac003f98557188f47f9f907861ff3d1fcbe9401a1b2b14e120139654b8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
age: 138411
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 84cc1532a94a6ddf-MIA
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 20:46:05 GMT
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
x-matched-path: /
x-vercel-cache: HIT
x-vercel-id: iad1::2fwd2-1706474765408-499a68fc91d7

GET
H2 200 sxiEUYuQihapxv2kcg6ypiMIwJc.js Show response
leonardo.xrserver.com/cdn-cgi/apps/head/ 4 KB
2 KB 246ms
243ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leonardo.xrserver.com/cdn-cgi/apps/head/sxiEUYuQihapxv2kcg6ypiMIwJc.js
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c5ff427508b5381a662011545ee3ba946f46efa0f97a1c918e38ae600ab46f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:05 GMT
x-amz-version-id: 6feffGdNDT42YnCNj_.W1UyE6IDk4Qfb
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 18 Mar 2023 00:43:15 GMT
server: cloudflare
x-amz-request-id: 2G9DDGHFZY0QCMX4
etag: W/"77eb964598c371d270b3c72abb9ee5b0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 84cc15349be86ddf-MIA
x-amz-id-2: +Rlb+qn6J4YXd0Ggxrq7cq+kFmyreZVAJRh6yIG+t4Lut2oI1c7PUIsNXUySBFjO5WdHdFi/q7s=
expires: Mon, 27 Jan 2025 20:46:05 GMT

GET
H2 200 04a5b95d72a2b290.css
leonardo.xrserver.com/_next/static/css/ 12 KB
1 KB 155ms
153ms Stylesheet
text/css 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/css/04a5b95d72a2b290.css

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b10a2a05828f6367e292441c2bafb62be9d6a88014a1c08091292b5169c48de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="04a5b95d72a2b290.css"
x-vercel-id: iad1::cjkbt-1706474765627-158549bc7b05
server: cloudflare
x-matched-path: /_next/static/css/04a5b95d72a2b290.css
etag: W/"7dd9ad6b9cec1b4328a59a6aa4864e1c"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc15349be76ddf-MIA
expires: Mon, 27 Jan 2025 20:46:05 GMT

GET
H2 200 rocket-loader.min.js Show response
leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 39ms
38ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 26 Jan 2024 10:32:07 GMT
server: cloudflare
etag: W/"65b38a27-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 84cc15359cfd6ddf-MIA
expires: Tue, 30 Jan 2024 20:46:05 GMT

GET _ssgManifest.js
leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/ 0
0

GET _buildManifest.js
leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/ 0
0

GET index-6b8b1af15888ba35.js
leonardo.xrserver.com/_next/static/chunks/pages/ 0
0

GET 633-99649ddc6a57405b.js
leonardo.xrserver.com/_next/static/chunks/ 0
0

GET _app-2351c3915353c250.js
leonardo.xrserver.com/_next/static/chunks/pages/ 0
0

GET main-160a7b059eb8758d.js
leonardo.xrserver.com/_next/static/chunks/ 0
0

GET framework-c1ab60a9bcccc40e.js
leonardo.xrserver.com/_next/static/chunks/ 0
0

GET
H2 200 webpack-86d405095b8fba25.js Show response
leonardo.xrserver.com/_next/static/chunks/ 4 KB
2 KB 180ms
177ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/webpack-86d405095b8fba25.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e4f995e6b57e17fb7ce983ff19a0b9daa0cf1c2ab7ee017ed8eaeacdf1f41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:05 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="webpack-86d405095b8fba25.js"
x-vercel-id: iad1::9wvll-1706474765837-82c666e18bfd
server: cloudflare
x-matched-path: /_next/static/chunks/webpack-86d405095b8fba25.js
etag: W/"4ad65385a1decead57acb96981d325a1"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc15363d956ddf-MIA
expires: Mon, 27 Jan 2025 20:46:05 GMT

GET
H2 200 inter-latin-400-normal.493934f7.woff2
leonardo.xrserver.com/_next/static/media/ 16 KB
17 KB 221ms
220ms Font
font/woff2 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/media/inter-latin-400-normal.493934f7.woff2

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/css/04a5b95d72a2b290.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://leonardo.xrserver.com/_next/static/css/04a5b95d72a2b290.css
Origin: https://leonardo.xrserver.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:05 GMT
strict-transport-security: max-age=63072000
cf-cache-status: MISS
content-disposition: inline; filename="inter-latin-400-normal.493934f7.woff2"
content-length: 16708
x-vercel-id: iad1::cnzcz-1706474765933-9e657bbeb2f6
server: cloudflare
x-matched-path: /_next/static/media/inter-latin-400-normal.493934f7.woff2
etag: "68c477c4c76baab3a8d1ef6a55aa986f"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 84cc15367de76ddf-MIA
expires: Mon, 27 Jan 2025 20:46:05 GMT

GET
H2 200 framework-c1ab60a9bcccc40e.js Show response
leonardo.xrserver.com/_next/static/chunks/ 138 KB
46 KB 187ms
184ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/framework-c1ab60a9bcccc40e.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be84c78d1208f3d23bde0bc72a171b162d28929649e4cb96ab806056119daee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:06 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="framework-c1ab60a9bcccc40e.js"
x-vercel-id: iad1::6jqg4-1706474766076-acb0aceb3512
server: cloudflare
x-matched-path: /_next/static/chunks/framework-c1ab60a9bcccc40e.js
etag: W/"12e7779507a8af9344f51a34654b78d5"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc15375f226ddf-MIA
expires: Mon, 27 Jan 2025 20:46:06 GMT

GET
H2 200 main-160a7b059eb8758d.js Show response
leonardo.xrserver.com/_next/static/chunks/ 98 KB
29 KB 177ms
176ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f30d5bf883ed3b3744c8d0ed0af0f2a1305bae0d0e6797de659fde2b20b51a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:06 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="main-160a7b059eb8758d.js"
x-vercel-id: iad1::q8xhr-1706474766264-fcce0fd1129d
server: cloudflare
x-matched-path: /_next/static/chunks/main-160a7b059eb8758d.js
etag: W/"cc5e5ba81f6a1b0c44c19d8faa89258d"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc153898ea6ddf-MIA
expires: Mon, 27 Jan 2025 20:46:06 GMT

GET
H2 200 _app-2351c3915353c250.js Show response
leonardo.xrserver.com/_next/static/chunks/pages/ 8 MB
2 MB 503ms
502ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc1ec401ff8a4592ff00257e704ee16593cf45377ca8c1c4c93d6b32ff7d9f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:06 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="_app-2351c3915353c250.js"
x-vercel-id: iad1::lmwxq-1706474766488-c509ec48e5a1
server: cloudflare
x-matched-path: /_next/static/chunks/pages/_app-2351c3915353c250.js
etag: W/"0b8b4b5004f3238cbf123b95f8b55cdb"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc1539fa626ddf-MIA
expires: Mon, 27 Jan 2025 20:46:06 GMT

POST
H2 200 / Show response
o4504767521292288.ingest.sentry.io/api/4504767547179008/envelope/ 2 B
324 B 328ms
157ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504767521292288.ingest.sentry.io/api/4504767547179008/envelope/?sentry_key=a851bd902378477eae99cf74c62e142a&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.77.0

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 20:46:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 v3 Show response
js.stripe.com/ 587 KB
145 KB 276ms
78ms Script
text/javascript 13.35.93.9

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.9 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:03 GMT
content-encoding: br
via: 1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 6
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
last-modified: Fri, 26 Jan 2024 21:37:25 GMT
server: Cloudfront
etag: W/"edd03aac512133daf9b4ea7263f83cb9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: LnKTp1hn4X5uQcrbTIgTckAr_Ankpl3pYNFyB5qkQEFQu3pwAK3wvw==

GET
H2 200 633-99649ddc6a57405b.js Show response
leonardo.xrserver.com/_next/static/chunks/ 45 KB
14 KB 154ms
151ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/633-99649ddc6a57405b.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec40c892403abb72c03144e6f1cf1839fec0714d31f490f6837f600a9377634f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:08 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="633-99649ddc6a57405b.js"
x-vercel-id: iad1::r2mj6-1706474768781-ad0af471cc07
server: cloudflare
x-matched-path: /_next/static/chunks/633-99649ddc6a57405b.js
etag: W/"69aaf57192bdda5c19b0a705e0bb866c"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc15484adb6ddf-MIA
expires: Mon, 27 Jan 2025 20:46:08 GMT

GET
BLOB 200
OK 53c93ebd-a56e-4386-9e00-afbccf8c4e90
https://leonardo.xrserver.com/ 28 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://leonardo.xrserver.com/53c93ebd-a56e-4386-9e00-afbccf8c4e90
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 619b955964f271ac2904dc507de09c94ca99921e102f79070ff9f051b94637bc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 29054
Content-Type

GET
H2 200 index-6b8b1af15888ba35.js Show response
leonardo.xrserver.com/_next/static/chunks/pages/ 349 B
464 B 96ms
96ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/chunks/pages/index-6b8b1af15888ba35.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7ce5fd7cfe25dfae9091fb4afa98076468f6c4d714266a6997f272f932e452d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="index-6b8b1af15888ba35.js"
x-vercel-id: iad1::c7bz7-1706474769162-8e5328ca03d2
server: cloudflare
x-matched-path: /_next/static/chunks/pages/index-6b8b1af15888ba35.js
etag: W/"0208b91a0c3405a6906a2913bb090539"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc154b0d976ddf-MIA
expires: Mon, 27 Jan 2025 20:46:09 GMT

GET
H2 200 _buildManifest.js Show response
leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/ 3 KB
1 KB 100ms
100ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/_buildManifest.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99b25990997600fa3a966041d7d6f7374a31f30c867fd6613f49fcdf442fa058

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="_buildManifest.js"
x-vercel-id: iad1::qj6f5-1706474769282-14c59e518c15
server: cloudflare
x-matched-path: /_next/static/HAeWzgBC0ddbKzfkn4DYZ/_buildManifest.js
etag: W/"bc92d537b2615d9a90b60b9fa5ff1494"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc154bce596ddf-MIA
expires: Mon, 27 Jan 2025 20:46:09 GMT

GET
H2 200 session Show response
leonardo.xrserver.com/api/auth/ 118 B
349 B 191ms
189ms Fetch
application/json 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/api/auth/session

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a85183de464f89bcbcf15db1a5283f20acc280046819d9252003d2bdb2abccc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=a3b21065fec8cf1bfd3993ba63e285b333cd1898,sentry-public_key=a851bd902378477eae99cf74c62e142a,sentry-trace_id=9fdaa36d0f8946c79c35859733389771
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
sentry-trace: 9fdaa36d0f8946c79c35859733389771-924528aa95dd68cc-0

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 84cc154c0e9c6ddf-MIA
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 245 KB
84 KB 249ms
102ms Script
application/javascript 2607:f8b0:4006:809::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P8J6MM9&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9e349744a0308627906cb5ea8ffb21586692c35413275268ab1cdff93e6cf108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85894
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Jan 2024 20:46:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
94 KB 185ms
77ms Script
application/javascript 2607:f8b0:4006:809::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4J9ZXN1KG8

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72ba1b13d6d685d6d9d1e4c66c5032d24a650525925ac43b79445fc60b46b9c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96170
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 20:46:09 GMT

GET
H2 200 heap-2928600800.js Show response
cdn.heapanalytics.com/js/ 115 KB
37 KB 238ms
74ms Script
application/javascript 18.164.116.57

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2928600800.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.116.57 -, , ASN (),

Reverse DNS

Software

nginx / Express

Resource Hash

153c3f3fef993acc1474ea32ce433430449643b30c5a11cc5a267c52ff4f1901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:03 GMT
content-encoding: br
via: 1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: JFK50-P6
age: 6
x-powered-by: Express
etag: W/"1cd07-oJIQPcqKBrBUTQAaj3jy3WeNwpw"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=120
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NwncFejJXHcgz7lyfZNWtlHdpV4uurYnZy-w1y97QUpkotnKug9ZRA==

GET
H2 200 rw.js Show response
r.wdfl.co/ 17 KB
5 KB 290ms
72ms Script
text/javascript 2600:9000:21dd:3600:1b:348c:b140:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://r.wdfl.co/rw.js
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21dd:3600:1b:348c:b140:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeb782fe4d35e41e861cc06f359a3aea70cf9307b58a8122e4b07d1716d5b0d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:13:53 GMT
content-encoding: gzip
via: 1.1 15b896d254f935ae71226074f7ea14b6.cloudfront.net (CloudFront)
last-modified: Fri, 26 Jan 2024 07:39:49 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
age: 1937
x-amz-server-side-encryption: AES256
etag: W/"cd4043de07d4e9d83867aba163d303d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: bSTiY43C-EPSYLlccqRt5JkeTJBex86aaNjDnLCpVWi082U82qtlwA==

GET
H2 200 session Show response
leonardo.xrserver.com/api/auth/ 118 B
160 B 184ms
184ms Fetch
application/json 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/api/auth/session

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a85183de464f89bcbcf15db1a5283f20acc280046819d9252003d2bdb2abccc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
baggage: sentry-environment=production,sentry-release=a3b21065fec8cf1bfd3993ba63e285b333cd1898,sentry-public_key=a851bd902378477eae99cf74c62e142a,sentry-trace_id=9fdaa36d0f8946c79c35859733389771
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
sentry-trace: 9fdaa36d0f8946c79c35859733389771-b7af65f053d8d529-0

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin-when-cross-origin
cf-cache-status: DYNAMIC
content-encoding: br
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cf-ray: 84cc154c4ede6ddf-MIA
x-xss-protection: 0

GET
H2 200 paddle.js Show response
cdn.paddle.com/paddle/v2/ 44 KB
14 KB 174ms
59ms Script
application/javascript 2606:4700:3108::ac42:2bc4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.paddle.com/paddle/v2/paddle.js
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bc4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fa4305670642ffc517bbd443d4b0c2902dc7a95515ff7ea3d7ee515d18ec48d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
via: 1.1 83d478ac3259255a7c7437847796b0e4.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: 7ny8VayUYSo_MgkpVIoZI4nuSl8CmjbD
cf-cache-status: HIT
x-amz-cf-pop: MIA3-P2
age: 17877
cf-polished: origSize=45131
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
cf-bgj: minify
last-modified: Tue, 02 Jan 2024 12:03:14 GMT
server: cloudflare
etag: W/"a461bf2b4b6040bac0c39841820be478"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 84cc154d1ac67498-MIA
x-amz-cf-id: LXjLD6DMnfDi4UFD58sLcwzxewGhNZfDDDFgfELM6OBFO-PU8v9IRg==
expires: Mon, 29 Jan 2024 00:46:09 GMT

GET
H2 200 leonardo-logo.svg
leonardo.xrserver.com/img/ 121 KB
42 KB 164ms
164ms Image
image/svg+xml 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leonardo.xrserver.com/img/leonardo-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04621126df6e79ff3a871ebfcf077d9103a8b9552b3f3e76bdfe56033446ea23

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="leonardo-logo.svg"
x-vercel-id: iad1::xjw2z-1706474769442-1aeb92ffcbcf
server: cloudflare
x-matched-path: /img/leonardo-logo.svg
etag: W/"318b982a36ac58ff6810ecd26eb5c34b"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 84cc154c6f076ddf-MIA
expires: Sun, 28 Jan 2024 21:06:09 GMT

GET
H2 200 _ssgManifest.js Show response
leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/ 77 B
249 B 97ms
96ms Script
application/javascript 2606:4700::6812:1fde
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/_ssgManifest.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fde , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000
content-encoding: br
cf-cache-status: MISS
content-disposition: inline; filename="_ssgManifest.js"
x-vercel-id: iad1::ngntz-1706474769405-40c73594f322
server: cloudflare
x-matched-path: /_next/static/HAeWzgBC0ddbKzfkn4DYZ/_ssgManifest.js
etag: W/"b6652df95db52feb4daf4eca35380933"
x-vercel-cache: HIT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 84cc154c8f376ddf-MIA
expires: Mon, 27 Jan 2025 20:46:09 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 6E78 200 B
1 KB 66ms
64ms Document
text/html 13.35.93.9

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.9 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://leonardo.xrserver.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2228
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 20:09:02 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 25 Jan 2024 21:05:49 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
x-amz-cf-id: AR-T9iOzYvmvOGsHjNtyPf-Iuwg4_s2XNpzE1fLJlS4upAQe2xiHMg==
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 xc8vmlt4 Show response
widget.intercom.io/widget/ 7 KB
3 KB 355ms
160ms Script
application/javascript 13.226.139.75

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/xc8vmlt4
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.139.75 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95cfdeff5e87410261b41c4fd0aef29eb6ab061a4d2da9a3ccdb5f81113b42e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: dw7rX1zCXCqIqpjPTx599dg3Mx.SaiSH
content-encoding: gzip
via: 1.1 b90bbd3e21074296bb0c0cac8328de62.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 20:40:35 GMT
x-amz-cf-pop: YTO50-C2
age: 372
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2707
last-modified: Fri, 26 Jan 2024 17:37:11 GMT
server: AmazonS3
etag: "692f0c332aca27cbf85d03608b2502bf"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=300, s-maxage=300, public
accept-ranges: bytes
x-amz-cf-id: OfAQkOIoZYkbyzMpsLtL0TazpHyiy6EiDezZGv6PdbDcnuTKyipEiw==

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
166 B 418ms
117ms Ping
text/plain 44.236.37.60

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.37.60 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 health-check.gif
cdn.paddle.com/paddle/v2/assets/images/ 35 B
269 B 79ms
62ms Image
image/gif 2606:4700:3108::ac42:2bc4

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.paddle.com/paddle/v2/assets/images/health-check.gif?_=1706474769501
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bc4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
x-amz-version-id: EaNjdFkehp7E1_FdGxe1I.IfVI4r91qa
via: 1.1 375c695e49c84df5ace39057e6134b40.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: MIA3-P2
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 35
last-modified: Tue, 02 Jan 2024 12:03:14 GMT
server: cloudflare
etag: "28d6814f309ea289f847c69cf91194c6"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 84cc154d9be47498-MIA
x-amz-cf-id: kTzao6c2ZHTfy860qUI7ZmQSvdRRFafnwaUO9beVi1bOU0pH3tp_bw==
expires: Mon, 29 Jan 2024 00:46:09 GMT

GET
H2 200 paddle.css
cdn.paddle.com/paddle/v2/assets/css/ 4 KB
1 KB 57ms
46ms Stylesheet
text/css 2606:4700:3108::ac42:2bc4

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.paddle.com/paddle/v2/assets/css/paddle.css
Requested by: Host: cdn.paddle.com
URL: https://cdn.paddle.com/paddle/v2/paddle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2bc4 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: c0000d1c536e1161fbbe93d49616c28d00df072afa1db713adceb99587a400d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
x-amz-version-id: ZYgLOPLXn8YSlxr9tF1pJCC95d_f_RXz
via: 1.1 5d219c13711b70ba6da9405b48e9ea06.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: MIA3-P2
age: 17922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 02 Jan 2024 12:03:14 GMT
server: cloudflare
etag: W/"fa56ee08d0dc787f264267660472df13"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 84cc154d9be27498-MIA
x-amz-cf-id: Or60PdSoqiGdx_PQsfEp1RLLGMw8I4a1MnZg57sUMwcQ1UqfmXyYiw==
expires: Mon, 29 Jan 2024 00:46:09 GMT

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 339ms
165ms Script
application/javascript 18.238.49.45

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=9d692b226f20295f2f5fcf3b44ad8b9a
Requested by: Host: cdn.paddle.com
URL: https://cdn.paddle.com/paddle/v2/paddle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.45 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:10 GMT
x-amz-version-id: uxIt1SCydrYnaOCuzhsDaHENAdMuSyNO
content-encoding: gzip
last-modified: Thu, 21 Dec 2023 14:58:22 GMT
server: AmazonS3
via: 1.1 fa2ecff4e65c01748abe1c8c2a9dfb72.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P3
etag: W/"40097cdf413c1f1f303c66489742cb44"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: uguYqY_rtKlLsrBOdfeKGDBsXkNoAZDmCUbC6F3aoZxVSsePRWNmLQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 6E78 0
718 B 386ms
121ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706474769871045
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706474769870592
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6E78 0
717 B 386ms
122ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706474769870908
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1706474769870559
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6E78 526 B
1 KB 66ms
65ms Script
text/javascript 13.35.93.9

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.93.9 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:03:01 GMT
via: 1.1 2dd59b0ea355cb92a87e9e385032622a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2589
x-amz-cf-pop: JFK50-P8
x-cache: Hit from cloudfront
content-length: 526
last-modified: Wed, 24 Jan 2024 21:59:18 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 0kxfHSR8OE5S1zP-SjBPwH-_nJF3gfxkLwCY1DVA1MlvWzwOaLz5Xg==

POST
H2 200 vitals
vitals.vercel-insights.com/v1/ 2 B
165 B 351ms
119ms Ping
text/plain 44.236.37.60

General

Check archive.org

Show headers Download Go to

Full URL: https://vitals.vercel-insights.com/v1/vitals
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.37.60 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 28 Jan 2024 20:46:09 GMT
x-ratelimit-reset: 60
x-ratelimit-limit: 1000
cross-origin-resource-policy: cross-origin
content-length: 2
x-ratelimit-remaining: 999
content-type: text/plain; charset=utf-8

GET
H2 200 h
heapanalytics.com/ 37 B
261 B 208ms
58ms Image
image/gif 107.23.99.87

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2928600800&u=971926341129338&v=7824398605384528&s=5232427591127838&b=web&tv=4.0&z=0&h=%2F&d=leonardo.xrserver.com&t=Leonardo.Ai&ts=1706474769627&st=1706474769638

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.23.99.87 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:46:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
etag: W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F8D4 930 B
2 KB 196ms
36ms Document
text/html 2600:9000:20bf:c800:19:7d10:bd80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20bf:c800:19:7d10:bd80:93a1 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 117
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 20:44:13 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 2071c0eda1d5bdc94fe89ed529cdd7be.cloudfront.net (CloudFront)
x-amz-cf-id: V1H43LJSdeLMJe68WeEbbeE7jJVrisquUlhdU2K32fI37oW_5UUxkQ==
x-amz-cf-pop: MIA3-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 216ms
76ms Ping
text/plain 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4J9ZXN1KG8&gtm=45je41o0v9102328406&_p=1706474769261&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=295710462.1706474770&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=1&sid=1706474769&sct=1&seg=0&dl=https%3A%2F%2Fleonardo.xrserver.com%2F&dt=Leonardo.Ai&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=4920
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4J9ZXN1KG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:46:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leonardo.xrserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 209ms
66ms Ping
text/plain 2607:f8b0:4004:c08::9a

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4J9ZXN1KG8&cid=295710462.1706474770&gtm=45je41o0v9102328406&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4J9ZXN1KG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::9a -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:46:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leonardo.xrserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 489ms
71ms Script
application/javascript 2600:141b:7000::173f:f033

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8J6MM9&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:7000::173f:f033 -, , ASN (),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=30621
accept-ranges: bytes
content-length: 15732

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
58 KB 472ms
74ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 20:46:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57158
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: VC1Sdnb7YP+1f9bhu+WAzIrWNkm1NFW/t2/GIv+rghydY0Rwy5SY+jjjtcE8XkMpQ2qhrYPjxBghlEhq2OU8lA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F8D4 0
491 B 119ms
118ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Sun, 28 Jan 2024 20:46:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706474770060354
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1706474770059400
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame F8D4 87 KB
14 KB 45ms
44ms Script
text/javascript 2600:9000:20bf:c800:19:7d10:bd80:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20bf:c800:19:7d10:bd80:93a1 -, , ASN (),

Reverse DNS

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:42:40 GMT
content-encoding: br
via: 1.1 2071c0eda1d5bdc94fe89ed529cdd7be.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 211
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: MIA3-C2
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: BDSNGD02l1_Mcp6RE9DA6q1NfVRLzxfUtbZ7TrF8ydPcwWWkUOFASg==

GET
H2 200 frame-modern.60152aab.js Show response
js.intercomcdn.com/ Frame 54D2 878 KB
250 KB 552ms
208ms Script
application/javascript 54.230.163.80

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.60152aab.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xc8vmlt4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.80 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

953bb1b46dbd19e477b3d3c9f54b8e521330eecdd93c9385d0f0c6ce1ceb3c3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Srrg5D4PJk7IXEIs5c5d3z6QGvokWOMk
content-encoding: gzip
via: 1.1 8c40cd64e3a9ae0289558e97b8b3ef08.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 19:37:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C3
age: 4136
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 255218
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "e09b60d38402ad6356d80ad953a75150"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: A1Uq76OuNiJGe--Xs7wce5gyMyhzcJfB4rww7scnebMy-wTpH6Ux_A==

GET
H2 200 vendor-modern.c93438f4.js Show response
js.intercomcdn.com/ Frame 54D2 458 KB
141 KB 414ms
71ms Script
application/javascript 54.230.163.80

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.c93438f4.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/xc8vmlt4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.163.80 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: PVmWOd9txiWMG8tImFv0m_r56xr6CC0I
content-encoding: gzip
via: 1.1 8c40cd64e3a9ae0289558e97b8b3ef08.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 19:41:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: EWR53-C3
age: 3898
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143979
last-modified: Fri, 26 Jan 2024 17:34:33 GMT
server: AmazonS3
etag: "23075e5e0dab5434e3872365e9ccbba4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: LaHYq0xFJPQM9DBGNstAax9GQPIlqdZNBOtPVDNEonjE0O8Ekn3yWA==

POST
H2 200 6 Show response
m.stripe.com/ Frame F8D4 156 B
669 B 469ms
119ms XHR
application/json 44.239.78.117

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.78.117 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

c65e4ab86243b448a7eb0032f774eff17b084fb90c92334106150632ddfd23c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Sun, 28 Jan 2024 20:46:10 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1706474770869129
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1706474770868546
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5627308%26time%3D1706474770463%26url%3Dhttps%253A%252F%252Fleonardo.xrserver.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKnwt81caxStAAAAY1R0pMHf_ifW_DgnJFifP-...

0
485 B

260ms
124ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKnwt81caxStAAAAY1R0pMHf_ifW_DgnJFifP-4zdG_mqC0DaTmnMcL9SPK-Bj0uSD7uHg
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:46:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 8E8ABA656D2D4EC785D5DB0ABCA79625 Ref B: MIAEDGE1817 Ref C: 2024-01-28T20:46:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQB56SIivf//fYTLcV0g==

Redirect headers

date: Sun, 28 Jan 2024 20:46:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9D3FA2976C484C8B99490F7059E98379 Ref B: MIAEDGE1620 Ref C: 2024-01-28T20:46:11Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5627308&time=1706474770463&url=https%3A%2F%2Fleonardo.xrserver.com%2F&cookiesTest=true&liSync=true&e_ipv6=AQKnwt81caxStAAAAY1R0pMHf_ifW_DgnJFifP-4zdG_mqC0DaTmnMcL9SPK-Bj0uSD7uHg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYQB56OPUOgQ4mjxRpSiw==

GET
H2 200 1200337860880275 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 140ms
135ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1200337860880275?v=2.9.143&r=stable&domain=leonardo.xrserver.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 -, , ASN (),

Reverse DNS

Software

Resource Hash

d8094fd7d009007ba2433fab03361cd5b4ea651623939af8ff3f43cf5c21c652

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 28 Jan 2024 20:46:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: 0fIV0JDtj1mea0FmLe7Vb6lok/UQT76FrZdfIMsnmq5jQnJkWHqizq7vgVehKEaAlFGlbhvEN5wUeH4EsBzsJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 208ms
66ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1200337860880275&ev=PageView&dl=https%3A%2F%2Fleonardo.xrserver.com%2F&rl=&if=false&ts=1706474771032&sw=1600&sh=1200&v=2.9.143&r=stable&ec=0&o=4126&fbp=fb.1.1706474771028.1349022963&cs_est=true&ler=empty&cdl=API_unavailable&it=1706474770599&coo=false&exp=d1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://leonardo.xrserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 28 Jan 2024 20:46:11 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 129ms
129ms XHR
text/plain 2620:1ec:21::14

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 28 Jan 2024 20:46:11 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 12D0414CF33E4F978627A4B963B080A4 Ref B: MIAEDGE1620 Ref C: 2024-01-28T20:46:11Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://leonardo.xrserver.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYQB56UXZZHjMiNkcRaQw==

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 77ms
76ms Ping
text/plain 2607:f8b0:4006:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-4J9ZXN1KG8&gtm=45je41o0v9102328406&_p=1706474769261&gcd=11l1l1l1l1&dma=0&cid=295710462.1706474770&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1706474769&sct=1&seg=1&dl=https%3A%2F%2Fleonardo.xrserver.com%2F&dt=Leonardo.Ai&uid=&_s=2&tfd=9980
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4J9ZXN1KG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80e::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://leonardo.xrserver.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:46:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leonardo.xrserver.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/_ssgManifest.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/HAeWzgBC0ddbKzfkn4DYZ/_buildManifest.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/index-6b8b1af15888ba35.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/633-99649ddc6a57405b.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/pages/_app-2351c3915353c250.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/main-160a7b059eb8758d.js

Domain: leonardo.xrserver.com
URL: https://leonardo.xrserver.com/_next/static/chunks/framework-c1ab60a9bcccc40e.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xrserver.com/	1970-01-21 03:29:12	Name: _hp2_id.2928600800 Value: %7B%22userId%22%3A%22971926341129338%22%2C%22pageviewId%22%3A%227824398605384528%22%2C%22sessionId%22%3A%225232427591127838%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.xrserver.com/	1970-01-20 18:01:16	Name: _hp2_ses_props.2928600800 Value: %7B%22z%22%3A0%2C%22ts%22%3A1706474769627%2C%22d%22%3A%22leonardo.xrserver.com%22%2C%22h%22%3A%22%2F%22%2C%22t%22%3A%22Leonardo.Ai%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://connect.facebook.net/signals/config/1200337860880275?v=2.9.143&r=stable&domain=leonardo.xrserver.com&hme=1e96626f56fb37feabdb16bd09d3dbece570479b2ec677eec7364c762eaf296e&ex_m=62%2C104%2C92%2C96%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C146%2C149%2C160%2C156%2C157%2C159%2C25%2C89%2C45%2C68%2C158%2C141%2C144%2C153%2C154%2C161%2C113%2C13%2C43%2C165%2C164%2C115%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C93%2C95%2C31%2C94%2C26%2C22%2C142%2C145%2C122%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C91%2C38%2C70%2C60%2C97%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C98(Line 105) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.heapanalytics.com
cdn.paddle.com
connect.facebook.net
heapanalytics.com
js.intercomcdn.com
js.stripe.com
leonardo.xrserver.com
m.stripe.com
m.stripe.network
o4504767521292288.ingest.sentry.io
public.profitwell.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.wdfl.co
snap.licdn.com
stats.g.doubleclick.net
vitals.vercel-insights.com
widget.intercom.io
www.facebook.com
www.googletagmanager.com
www.linkedin.com
leonardo.xrserver.com
107.23.99.87
13.107.42.14
13.226.139.75
13.35.93.9
18.164.116.57
18.238.49.45
2600:141b:7000::173f:f033
2600:9000:20bf:c800:19:7d10:bd80:93a1
2600:9000:21dd:3600:1b:348c:b140:93a1
2606:4700:3108::ac42:2bc4
2606:4700::6812:1fde
2607:f8b0:4004:c08::9a
2607:f8b0:4006:809::2008
2607:f8b0:4006:80e::200e
2620:1ec:21::14
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.120.195.249
44.236.37.60
44.239.78.117
54.187.119.242
54.230.163.80
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
04621126df6e79ff3a871ebfcf077d9103a8b9552b3f3e76bdfe56033446ea23
153c3f3fef993acc1474ea32ce433430449643b30c5a11cc5a267c52ff4f1901
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fa4305670642ffc517bbd443d4b0c2902dc7a95515ff7ea3d7ee515d18ec48d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5f30d5bf883ed3b3744c8d0ed0af0f2a1305bae0d0e6797de659fde2b20b51a0
619b955964f271ac2904dc507de09c94ca99921e102f79070ff9f051b94637bc
6c5ff427508b5381a662011545ee3ba946f46efa0f97a1c918e38ae600ab46f0
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
72ba1b13d6d685d6d9d1e4c66c5032d24a650525925ac43b79445fc60b46b9c4
7bc3d8790dd96d6ddd96469f44a181b79daf78402bfdac1a1784e4668cb8d63d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
953bb1b46dbd19e477b3d3c9f54b8e521330eecdd93c9385d0f0c6ce1ceb3c3f
95cfdeff5e87410261b41c4fd0aef29eb6ab061a4d2da9a3ccdb5f81113b42e9
99b25990997600fa3a966041d7d6f7374a31f30c867fd6613f49fcdf442fa058
9a85183de464f89bcbcf15db1a5283f20acc280046819d9252003d2bdb2abccc
9b10a2a05828f6367e292441c2bafb62be9d6a88014a1c08091292b5169c48de
9e349744a0308627906cb5ea8ffb21586692c35413275268ab1cdff93e6cf108
aeb782fe4d35e41e861cc06f359a3aea70cf9307b58a8122e4b07d1716d5b0d1
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be84c78d1208f3d23bde0bc72a171b162d28929649e4cb96ab806056119daee8
c0000d1c536e1161fbbe93d49616c28d00df072afa1db713adceb99587a400d4
c65e4ab86243b448a7eb0032f774eff17b084fb90c92334106150632ddfd23c8
cc1ec401ff8a4592ff00257e704ee16593cf45377ca8c1c4c93d6b32ff7d9f1c
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d19b7af86a35dfda3a91657fb0f532541ad1bf34b75c68bb9992a374cd5fd5f2
d7ce5fd7cfe25dfae9091fb4afa98076468f6c4d714266a6997f272f932e452d
d8094fd7d009007ba2433fab03361cd5b4ea651623939af8ff3f43cf5c21c652
d8170ac003f98557188f47f9f907861ff3d1fcbe9401a1b2b14e120139654b8d
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e0e4f995e6b57e17fb7ce983ff19a0b9daa0cf1c2ab7ee017ed8eaeacdf1f41d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec40c892403abb72c03144e6f1cf1839fec0714d31f490f6837f600a9377634f
f195179b3694d3b5cd85e3c12ea37818acf178e913fbfa386864bf18784956f5
f54d3a9011dd18c3a6b2c5ca5c5bf3d490d5428046d806c4aa9ecec5f82139ca

leonardo.xrserver.com Open in urlscan Pro 2606:4700::6812:1fde Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

84 %HTTPS

50 %IPv6

18 Domains

23 Subdomains

23 IPs

1 Countries

3234 kBTransfer

12222 kBSize

2 Cookies

0 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leonardo.xrserver.com Open in urlscan Pro
2606:4700::6812:1fde Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

84 %
HTTPS

50 %
IPv6

18
Domains

23
Subdomains

23
IPs

1
Countries

3234 kB
Transfer

12222 kB
Size

2
Cookies

57 HTTP transactions
0 data transactions